Signalr Bearer token authentication

Question

Hi I'm trying to setup signalr with bearer authentication. When I debug the Requesttoken method, the bearer token is successfully received. But when my signalr client calls an protected (authorize) method, with bearer token, then he isn't authenticated. I also tried to implement a custom AuthorizeAttribute but the AccessTokenFormat.Unprotect returns always null.

Error Message:

Caller is not authorized to invoke the Send method on Hub. 

Setup:

• Web Api Project
  -Signalr Hub in Web Api Project
  -Startup configuration for signalr

Signalr Startup Config:

app.Map("/signalr", map =>
{
    map.UseCors(CorsOptions.AllowAll);
    map.UseOAuthAuthorizationServer(OAuthOptions);
    map.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
    {
        Provider = new SignalrOAuthProvider()
    });

    var configuration = new HubConfiguration(){
        EnableDetailedErrors = true
    };

    map.RunSignalR(configuration);
});

And a custom OAuthprovider which reads the bearer token from a cookie or querystring

public class SignalrOAuthProvider : OAuthBearerAuthenticationProvider
{
    public override Task RequestToken(OAuthRequestTokenContext context)
    {
        // var value = context.Request.Query.Get("bearer");
        var value = context.OwinContext.Request.Cookies["BearerToken"];
        if (!string.IsNullOrEmpty(value))
        {
            context.Token = value;
         }

         return Task.FromResult(null);
     }
}

Answer 1

Ensure you use the [System.Web.Http.Authorize] attribute on your hub. Then pass the Bearer token in the header.

Authorization: Bearer 'Your token'