I am working on a blazorserver web application.
I would like to log in server console all websocket's blazor circuit messages. I want to log them as json, not msgpack.
Is there a way to do that with a hook or a middleware ?
Thanks
Related
We are investigating using SignalR in our app for messaging. We want setup this messaging system as an app on its own. So our all our applications will connect to this messaging app to send messages. All this works fine but I am not sure as to how we can secure the SignalR messaging app. We only want our app to connect to it (basically our app users). If there are any other connections trying to connect, we want to reject this connection. Currently we set a query string parameter which can be validated on the server side but I am not sure how we can do our validation before the connection is made. I know in the hub we can override the OnConnected but this is too late. I want to refuse the connection before it starts.
Can someone point me in the correct directions.
We do that in our ASP.NET application. We have implemented an authentication module. We validate the cookie and the user in there.
I'm looking for a way to support the following process:
Button is clicked in web application running on machine named PC1234.
Call is made to server (either the web server or an API on another server, it doesn't matter) to Do Something.
The server sends a notification to a Windows Forms client installed on PC1234 that the action is complete.
I've got the easy part working using SignalR. I can call a method on the web server and then send a notification with SignalR to ALL clients that the method has completed. The problem is notifying ONLY the client on the originating machine.
My initial plan was to include some unique identifying attribute of the machine with the call to the server which could then be used to direct the SignalR notification back to just that machine, but that doesn't seem to be possible.
An alternative idea was to have the call to the server include a unique reference and also update a file locally (i.e. a Cookie) with that reference, then have the client app poll the Cookie for new references and filter all SignalR messages received for that unique reference. This would be a bit clunky even if it worked, which it doesn't really, not least because I want this to work cross-browser, and different browsers store cookies in different places.
Ultimately this is to support printing locally and silently from a web application. The user selects a document in the web application, hits a print button, the request is sent to the server which retrieves the document from the database, saves it to a network share and sends a notification to a client app on the machine from which the print request was generated. The client app then prints the document from the network share and deletes it.
I never found a way to do exactly what I described in my question, but I came up with an alternative which worked well enough.
In both my web application and my Windows Forms client, the user was logged in with the same Windows credentials. I was therefore able to have the server respond to the button click in the web application by broadcasting a SignalR message to all SignalR clients where the same user was logged in, using
Clients.User(userId).send(message)
See this article for more detailed examples and instructions.
In my Windows Forms client, I included code to track how many instances of the client were connected to the SignalR Hub with the same user credentials and code to handle the receipt of a SignalR message from the server when multiple client instances were connected with the same user details (in my case, this meant displaying a message saying something like "You've requested a print from the web application but you're logged in at multiple workstations. Do you want the document to print here?").
I am having a heck of a time trying to figure out how one is supposed to have AMS authentication with SignalR while using a JavaScript client.
I downloaded the JavaScript client for Azure Mobile Services, I've got Signal R on AMS - that's all hooked up and ready to go. I've got the authentication setup.
I can actually call .login("microsoftaccount") on the AMS JS client and go through that process and get back a token and id.
What I don't know is how to connect the two.
I tried just calling $.connection.hub.Start() - it gives me 401. I tried putting the token in the query string, again it gives me 401. Am I supposed to be calling a login function via SignalR somehow?
The documentation on SignalR and AMS is severely lacking but does anyone know where there might be some kind of explanation of how this is expected to work? JavaScript client with SignalR, I mean.
Thanks
The client.currentUser object has a token defined in it - it's a standard JWT. Once you have that, add a header X-ZUMO-AUTH with the value of the JWT to the connection request. This will authenticate the request with the ASP.NET application.
A good resource is the 12 days of ZUMO: http://www.thejoyofcode.com/The_twelve_days_of_ZUMO.aspx
How can I send commands to a WinForms application from an ASPX web page? We have already explored executing the WinForms application with different command line parameters but wanted something more smart.
Thanks.
Create a web server within your application that listens for HTTP GET and/or POST commands and acts appropriately. Then use AJAX to send request, i.e., http://localhost/myapp/?command=print&file=teletubies.jpg
Your web server, which is just a program that listens on port 80 and sends responses according to the very simple HTTP protocol, within your application then parses the requested URL and decides that it should print the file teletubies.jpg based on the query string in the URL.
Web pages (whether running asp.net or a competing platform) are always reactive. They receive commands (requests) and respond. They are not proactive, and don't send commands. This is how the core technology on which the internet is built works.
This means is you want an asp.net page to send a message to a client app, the only way to do it is for the client app to frequently poll the page, possibly using System.Net.WebClient.
I don't know of any way this can be done due to security. I know I wouldn't want people to be able to access the running applications on MY machine from their web app.
I know there has to be an obvious solution to this problem and I am missing it, so I would much appreciate someone enlightening me so I don't spin my wheels...
I am writing an ASP.Net application that will interact with a service API (Evernote specifically). Evernote requires OAuth for security and before I can actually interact with the objects I need to obtain a token.
The workflow goes like this (explaining it to myself as much as anyone else!):
Build a url with my development api key and secret key and some other OAuth stuff, send it to Evernote to request an access token.
Send the url as a request to Evernote and pull the new access token out of the response
Build another url with the access token to request an authentication token for the user. This url goes to a page the user must interact with to login (if they haven't already) and then authorize my application to access their account. The last param of the url I build is a callback url which will be called from Evernote's servers.
If all goes well, Evernote will request the callback url and include the new authentication token as a param.
Once my server receives the callback with the embedded token I can use it so that my app can interact with the users' notes on subsequent requests.
The problem is that I'm writing this app on a local box, not an ISP under a public domain. So my callback is to the localhost server. Of course, localhost is relative, so Evernote can't resolve my callback... I can't ever receive an authentication token and debug at the same time.
There has to be a way around this problem because this authentication model is not unique to Evernote (by a longshot... Flickr uses it as do a lot of other services). So can someone tell me how to set things up so I can get the authentication token and still be able to debug on my local box?
Help is much appreciated!
OAuth is quite tough to implement. It may not be the answer you're looking for, but this is how I managed to get the job done:
Write some code on my local dev machine.
Run a bat file (or alternatively hook a post-build event in VS) that executes a msbuild deploy script and deploys the application to a test server.
Run the application on the test server. After obtaining the request token and requesting for authorization it redirects to the Evernote website.
After successful authorization the Evernote website redirects back to my test server and the authorized request token is exchanged for an access token.
Instead of debugging (I don't have VS on the test server) I examine the logs of the application (the logging I used was as simple as writing to a text file).
Rinse and repeat
For the purposes of testing I registered a temporary public subdomain (e.g. testing.oauth.mydomain.com) so that Evernote will be able redirect to that url.
According to this (How do I develop against OAuth locally?) the callback is issued by the browser, so it should be able to hit localhost.