This project has moved. For the latest updates, please go here.

server.User not being set for SignalR (but is for WebAPI)

Jan 23, 2014 at 12:12 PM
I have a OWIN based web service which consists of a Web API and SignalR component. I'm using OAuth bearer token authentication and, to make this compatible with SignalR, I've followed an article to allow the access_token to be specified in the query string:

http://leastprivilege.com/2013/10/31/retrieving-bearer-tokens-from-alternative-locations-in-katanaowin/

This works fine for my Web API controllers - I can specify either the Authorization: Bearer xxx header, or add '?access_token=xxx' to a URL to authenticate my calls. However, my SignalR hub isn't getting the identity specified in the token (Context.User.IsAuthenticated = false). However, the ClaimsPrincipal.Current and Thread.CurrentPrincipal IS set.

I posted about this on the SignalR JabbR channel and the reason seems to be that the OWIN server.User environment property is not being set. This is being set for my Web API controller.

I've tried setting the server.User property on the OWIN Environment in my access token provider (modifying the code in the above article), but it seems to get overwritten elsewhere:
OnReceive = (AuthenticationTokenReceiveContext c) => {
    c.DeserializeTicket(c.Token);
    c.OwinContext.Set("Properties", c.Ticket.Properties);
    c.OwinContext.Set("server.User", new System.Security.Claims.ClaimsPrincipal(c.Ticket.Identity));
}
Hopefully someone can help me with this? Thanks.
Jan 23, 2014 at 4:26 PM
Much of the above seems to be irrelevant now.

After posting in the OWIN JabbR room, a solution to the problem seemed to be either:

Configuring SignalR BEFORE WebAPI:
ConfigureSignalR(app);
ConfigureWebAPI(app);
or mapping the SignalR and Web API like:
app.Map("/api", (b) => ConfigureWebAPI(b));
app.Map("/signalr", (b) => ConfigureSignalR(b));
Quite what this indicates, I'm not sure. However it does fix my issue.
Marked as answer by Tratcher on 5/21/2014 at 2:20 PM