SignalR force close client connection

[maxima120]

In a scenario when server needs to have 100% control over SignalR clients (which in my view - must be always :)) for security and business logic sake (eg a subscription expired or user tries to hack connection by manipulating client side etc) - having something like the below would really help (in fact - I think this is the only way to do it properly):

hub.Clients.Client(connectionId).Close();

Additional context

it appears that implementing authorization on SignalR using Angular with IdentityServer is unfeasible without re-writing client side completely and taking all the security responsibility for the whole app, while you only need to authorize signalr,

see here: #34948 (comment)

[davidfowl]

I'm not sure how the additional context is related to the request here. This is a duplicate of #34481

[maxima120]

the use of HubCallerContext.Abort works. Thank you.
The other issue related to this one in a sense - as authorization is a workaround rather than a "native" solution - Abort is needed to strengthen my personal insecurity feeling about it :)

[davidfowl]

In .NET 6 we will automatically abort the connection if the auth token is expired

[maxima120]

sorry - I wasnt clear - the linked ticket was about not able to make use of asp.net core authorization (when Identity Server is involved), so I made a surrogate "authorization" which is a hack rather, so I need to be able to Abort manually.

[davidfowl]

Well you can use auth, but its per connection instead of per call.

[maxima120]

I cant - see the linked ticket. Also I actually want it to be per connection..

[davidfowl]

Not sure why you can't, I've read the issue. Why cant' you get the access token and pass it to signalr?

[maxima120]

yeah you were both (you and Brennan) right. I was blinded by the frustration reading blogs which only shows how to implement access token client-side writing it in Authorization header pushing it back to server.

There is already authorization.service.ts generated by the template:

so the use is trivial:

import { AuthorizeService } from '../../api-authorization/authorize.service';

constructor( . . . , authsrv: AuthorizeService) {

      this.hub = new HubConnectionBuilder()
        .withUrl("/newshub", { accessTokenFactory: () => authsrv.getAccessToken().toPromise() })