signalr - 使用 endpoints.MapBlazorHub().RequireAuthorization() 时的 SignalR 身份验证错误

问题描述

我有一个使用身份验证的 Blazor 服务器端应用程序。我按照 Visual Studio 的建议尝试了 Azure SignalR，但在那之后，当我没有通过身份验证时，我得到一个空白页面，而不是典型的未经授权的网页。

如果我检查浏览器调试控制台，会出现以下消息：

“错误：无法完成与服务器的协商：错误：未经授权”

看起来这条消息是由 signalR 抛出的。

如果我更改行 endpoints.MapBlazorHub().RequireAuthorization(); 到 startup.cs 文件中的 endpoints.MapBlazorHub()，它按预期运行。

关于如何解决这个问题的任何想法？

我尝试回滚 VS 所做的更改，但它仍然无法像以前那样工作。

谢谢

编辑 1：这是 app.cs 代码供您查看：

    <CascadingAuthenticationState>
    <Router AppAssembly="@typeof(Program).Assembly">
        <Found Context="routeData">
            <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
                <NotAuthorized>
                    <h1>Restricted Access</h1>
                </NotAuthorized>
            </AuthorizeRouteView>
        </Found>
        <NotFound>
            <LayoutView Layout="@typeof(MainLayout)">
                <p>Page not found</p>
            </LayoutView>
        </NotFound>
    </Router>
    </CascadingAuthenticationState>

编辑2：

这是启动类

 public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddDbContext<IdentityBDContext>(options =>
                options.UseSqlServer(
                    Configuration.GetConnectionString("IdentityBD"),
            providerOptions => providerOptions.EnableRetryOnFailure()));

             services.AddIdentity<CustomUser, IdentityRole>(options =>
            {
                options.User.RequireUniqueEmail = true; 
                options.SignIn.RequireConfirmedEmail = true; //prevents registered users from logging in until their email is confirmed.
            }).AddRoles<IdentityRole>()
              .AddEntityFrameworkStores<IdentityBDContext>()
              .AddDefaultTokenProviders()
              .AddUserManager<ERPUserManager>()
              .AddSignInManager<ERPSignInManager>();

            services.AddAuthorization(options =>
            {
                options.AddPolicy(SD.Admin, policy => policy.RequireRole(SD.Admin));
                options.AddPolicy(SD.POS, policy => policy.RequireRole(SD.POS, SD.Admin));
                options.AddPolicy(SD.AllowedTenant, policy => policy.Requirements.Add(new AllowedTenantRequirement(21)));
                options.AddPolicy(SD.SysAdmin, policy => policy.RequireRole(SD.SysAdmin));
            });
            services.AddRazorPages(options =>
                {
                    options.Conventions.AuthorizeAreaFolder("Identity", "/Account/Manage");
                });
            services.AddServerSideBlazor();
            //services.AddSignalR().AddAzureSignalR();
            services.AddScoped<AuthenticationStateProvider, RevalidatingIdentityAuthenticationStateProvider<CustomUser>>();



            services.AddTransient<ConfigService>();
            services.AddTransient<IdentityService>();
            services.AddTransient<TenantService>();
            services.AddHostedService<TimerUpdate>();
            services.AddScoped<IAuthorizationHandler, AllowedTenantHandler>();

            //Delete in production
            services.AddServerSideBlazor().AddCircuitOptions(options => { options.DetailedErrors = true; });


            services.AddScoped<ITenantProvider, WebTenantProvider>();
            services.AddDbContext<ERPContext>(options => options
                    //.UseLoggerFactory(LoggerFactory.Create(builder => builder.AddConsole()))
                    .UseSqlServer(
                    Configuration.GetConnectionString("ERPDB")));

        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {


            using (var serviceScope = app.ApplicationServices.GetService<IServiceScopeFactory>().CreateScope())
            {
                var context = serviceScope.ServiceProvider.GetRequiredService<IdentityBDContext>();
                context.Database.Migrate();
            }
            // Workaround for https://github.com/aspnet/AspNetCore/issues/13470

            

            app.Use((context, next) =>


            {


                context.Features.Get<IHttpMaxRequestBodySizeFeature>().MaxRequestBodySize = null;


                return next.Invoke();


            });

            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseDatabaseErrorPage();
            }
            else
            {
                app.UseExceptionHandler("/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            app.UseStaticFiles();

            app.UseRouting();

            app.UseAuthentication();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllers();
                endpoints.MapBlazorHub().RequireAuthorization();
                endpoints.MapControllerRoute("mvc", "{controller}/{action}");
                endpoints.MapFallbackToPage("/_Host");
                
            });
        }
    }

标签： signalrblazorblazor-server-side