SignalR with Azure Entra ID authentication in Blazor Server impossible to use #64355
Description
Is there an existing issue for this?
- I have searched the existing issues
Describe the bug
Currently available documentation and open issues (e.g. https://github.com/dotnet/aspnetcore/issues/59303) prevent from (easily?) protecting SignalR hubs when using Azure auth.
The article about additional security security scenarios https://learn.microsoft.com/en-gb/aspnet/core/blazor/security/additional-scenarios?view=aspnetcore-9.0&preserve-view=true#use-a-token-handler-for-web-api-calls referenced in this Stack post: https://stackoverflow.com/questions/72820217/blazor-server-and-signalr-and-azure-ad does not provide guidance on how to make it work with SignalR and when setting up the web sockets connection manually, we run into the pending issue where it's impossible to set the invoker manually needed for the connection to work. Tbh, this integration looks broken from the end user perspective and it's really annoying how complex (and not really possible, based on lack of actual solutions) it is compared to protecting regular endpoints in the Blazor Server app.
Please solve the blocking issues/provide a Microsoft-blessed solution, so that the end users can actually use this features.
Expected Behavior
1.Proper documentation on how to authorize SignalR endpoints with Azure Entra ID
2.Solve pending issues for manual web sockets configuration.
Steps To Reproduce
1.Create a Blazor Server Web App
2.Add Azure Entra ID authentication
3.Create a hub and protect it, requiring an authorized user.
.NET Version
8/9/10