how to take token from http client with signalr in blazor server app?

Question

I using SignalR in my Blazor server app. I added services.AddSignalR() in startup.cs file. Then I can't take token. Because http context is null. Then I removed services.AddSignalR() from startup.cs file. it is normal working. Then i can take token from http client. How to solve it?

Thank you.

Startup.cs file:

services
    .AddAuthentication(options =>
    {
        options.DefaultScheme = "Cookies";
        options.DefaultChallengeScheme = "oidc";
    })
    .AddCookie("Cookies")
    .AddOpenIdConnect("oidc", options =>
    {
        options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.Authority = identityUrl.ToString();
        options.SignedOutRedirectUri = callBackUrl.ToString();
        options.ClientId = useLoadTest ? "mvctest" : "blazor";
        options.ClientSecret = "secret";
        options.ResponseType = useLoadTest ? "code id_token token" : "code id_token";
        options.SaveTokens = true;
        options.GetClaimsFromUserInfoEndpoint = true;
        options.RequireHttpsMetadata = false;
        options.Scope.Add("openid");
        options.Scope.Add("profile");
        options.Scope.Add("post");
        options.Scope.Add("family");
        options.Scope.Add("webpostagg");

    });

services.AddRazorPages();
    services.AddServerSideBlazor();
    services.AddSignalR();

services.AddHttpClient<IPostService, PostService>()                  
    .AddHttpMessageHandler<HttpClientAuthorizationDelegatingHandler>();

HttpClientAuthorizationDelegatingHandler.cs:

public HttpClientAuthorizationDelegatingHandler(IHttpContextAccessor httpContextAccesor)

{
    _httpContextAccesor = httpContextAccesor;
}

protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
    string authorizationHeader;
    if (_httpContextAccesor.HttpContext == null)
    {
        authorizationHeader = string.Empty;
    }
    else
    {
        authorizationHeader = _httpContextAccesor.HttpContext
        .Request.Headers["Authorization"];
    }

    if (!string.IsNullOrEmpty(authorizationHeader))
    {
        request.Headers.Add("Authorization", new List<string>() { authorizationHeader });
    }

    var token = await GetToken();

    if (token != null)
    {
        request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
    }

    return await base.SendAsync(request, cancellationToken);
}

public async Task<string> GetToken()
{
    const string ACCESS_TOKEN = "access_token";

    return await _httpContextAccesor.HttpContext
        .GetTokenAsync(ACCESS_TOKEN);
}

Answer 1

Please, do not use HttpContext in Server Blazor App. It is not available. Server-side Blazor is WebSocket-based, not HTTP requests based. Just don't do that.

Here are links to my answer how to implement OpenID Connect, and others, where you'll find answers to your questions.

See these: how to jwt authentication blazor server without microsoft identity? How do I get the access token from a blazor (server-side) web app? How to add OpenIdConnect via IdentityServer4 to ASP.NET Core ServerSide Blazor web app? How to get JWT authenticated sign-in user from identity claims in asp.net web api How to use the HttpContext object in server-side Blazor to retrieve information about the user, user agent Blazor Adding HttpClientHandler to add Jwt to HTTP Header on requests

Blazor: Redirect to Login page when there is no session / JWT token?

Note: There are more answers related to Jwt,OpenID Connect, etc. You just have to look for them