I’m trying to secure a SignalR hub in an Blazor Server app and can’t find any end to end examples of this.
I have configured the app in the startup with AddAuth0WebAppAuthentication and WithAccessToken.
A token is being picked up in the request to the SignalR hub from the component that builds the Hub connection and I’m setting the AccessTokenProvider with that access token from Auth0
Whenever the Hub connection tries to connect to the apps hubs, it throws a 401 Unauthorized.
The hubs work correctly when I remove the authorise attribute from them. Have tried this using the ASP.NET JWT setup too, but still get the same error.
Hey Statto1974, were you ever able to figure out a solution for this? I am running into the exact same situation. When I remove the [Authorize] header from the hub, it will work, however it is in an unauthorized state in the hub so I have no ability to see the currently logged in user or their claims.
Your post is the only one (after days of googling around and asking chat gpt) that is identical to what I’m facing.
I am facing exactly the same issue although I have only AddAuth0WebAppAuthentication() call in the startup. After setting the log level to Debug in server, I notice the following info:
dbug: Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler[9]
AuthenticationScheme: Cookies was not authenticated.
dbug: Microsoft.AspNetCore.Authorization.AuthorizationMiddleware[0]
Policy authentication schemes did not succeed
No idea how to fix this though. @andrea.chiarelli do you have any idea on this?
The example shown in Microsoft documentation combines ASP.NET Core Identity with the JWT Bearer middleware, if I’m not wrong. So, I would try.
Again, I’m not familiar with SignalR Hubs so maybe this could not be the best way to do this.
