mah*_*ade 6 signalr asp.net-core refresh-token angular
我通过 SignalR 从客户端(角度 9)和服务器(asp.net core 3.1)创建实时连接,并通过 JWT 令牌授权集线器,如下代码:
private createConnection() {
this.hubConnection = new HubConnectionBuilder().withUrl(`${this.appConfig.hubEndpoint}/Hubs`,
{ accessTokenFactory: () => jwtToken })
.withAutomaticReconnect()
.build();
}
private startConnection(): void {
this.hubConnection
.start()
.then(() => {
this.connectionIsEstablished = true;
this.connectionEstablished.emit(true);
})
.catch(err => {
console.log('Error while establishing connection, retrying...');
});
}
在令牌过期之前,这一切正常。根据我的研究,在收到带有刷新令牌的新令牌后,应停止先前的连接,并使用新令牌创建新连接。现在我想知道我该怎么做?我必须经常检查令牌吗?或者应该通过向服务器发送每个请求来解决这个问题?
我想出的解决方案是通过扩展 signalR 客户端signalR.DefaultHttpClient使用的方法来拦截它的身份验证调用。如果出现 401,则我刷新令牌(通过 my authService),然后重试调用:
打字稿:
const getAuthHeaders = () => {
return {
Authorization: `Bearer ${authService.getToken()?.accessToken}`,
};
};
class CustomHttpClient extends signalR.DefaultHttpClient {
constructor() {
super(console); // the base class wants a signalR.ILogger
}
public async send(
request: signalR.HttpRequest
): Promise<signalR.HttpResponse> {
const authHeaders = getAuthHeaders();
request.headers = { ...request.headers, ...authHeaders };
try {
const response = await super.send(request);
return response;
} catch (er) {
if (er instanceof signalR.HttpError) {
const error = er as signalR.HttpError;
if (error.statusCode == 401) {
//token expired - trying a refresh via refresh token
await authService.refresh();
const authHeaders = getAuthHeaders();
request.headers = { ...request.headers, ...authHeaders };
}
} else {
throw er;
}
}
//re try the request
return super.send(request);
}
}
const connection = new signalR.HubConnectionBuilder()
.withUrl("/MyHub", {
// use the custom client
httpClient: new CustomHttpClient(),
})
.configureLogging(signalR.LogLevel.Information)
.build();
请参阅此处的选项.withUrl(..):https://learn.microsoft.com/en-us/aspnet/core/signalr/configuration ?view=aspnetcore-6.0&tabs=dotnet
当令牌过期时,服务器将断开连接,并且服务器端将出现错误。Method now allowed我相信您会收到405 错误代码。
因此,您需要捕获此令牌过期错误并断开连接,以便您可以使用新令牌启动新连接。
| 归档时间: |
|
| 查看次数: |
8143 次 |
| 最近记录: |