You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This tutorial builds on the chat room application introduced in the quickstart. If you have not completed [Create a chat room with SignalR Service](signalr-quickstart-dotnet-core.md), complete that exercise first.
15
+
This tutorial builds on the chat room application introduced in the quickstart. If you haven't completed [Create a chat room with SignalR Service](signalr-quickstart-dotnet-core.md), complete that exercise first.
16
16
17
-
In this tutorial, you'll learn how to implement your own authentication and integrate it with the Microsoft Azure SignalR Service.
17
+
In this tutorial, you can discover the process of creating your own authentication method and integrate it with the Microsoft Azure SignalR Service.
18
18
19
-
The authentication initially used in the quickstart's chat room application is too simple for real-world scenarios. The application allows each client to claim who they are, and the server simply accepts that. This approach is not very useful in real-world applications where a rogue user would impersonate others to access sensitive data.
19
+
The authentication initially used in the quickstart's chat room application is too simple for real-world scenarios. The application allows each client to claim who they are, and the server simply accepts that. This approach lacks effectiveness in real-world, as it fails to prevent malicious users who might assume false identities from gaining access to sensitive data.
20
20
21
-
[GitHub](https://github.com/) provides authentication APIs based on a popular industry-standard protocol called [OAuth](https://oauth.net/). These APIs allow third-party applications to authenticate GitHub accounts. In this tutorial, you will use these APIs to implement authentication through a GitHub account before allowing client logins to the chat room application. After authenticating a GitHub account, the account information will be added as a cookie to be used by the web client to authenticate.
21
+
[GitHub](https://github.com/) provides authentication APIs based on a popular industry-standard protocol called [OAuth](https://oauth.net/). These APIs allow third-party applications to authenticate GitHub accounts. In this tutorial, you can use these APIs to implement authentication through a GitHub account before allowing client logins to the chat room application. After authenticating a GitHub account, the account information will be added as a cookie to be used by the web client to authenticate.
22
22
23
23
For more information on the OAuth authentication APIs provided through GitHub, see [Basics of Authentication](https://developer.github.com/v3/guides/basics-of-authentication/).
24
24
@@ -52,13 +52,13 @@ To complete this tutorial, you must have the following prerequisites:
52
52
53
53
1. Open a web browser and navigate to `https://github.com` and sign into your account.
54
54
55
-
2. For your account, navigate to **Settings** > **Developer settings** and click**Register a new application**, or **New OAuth App** under _OAuth Apps_.
55
+
2. For your account, navigate to **Settings** > **Developer settings** and select**Register a new application**, or **New OAuth App** under _OAuth Apps_.
56
56
57
-
3. Use the following settings for the new OAuth App, then click**Register application**:
57
+
3. Use the following settings for the new OAuth App, then select**Register application**:
| Application name |_Azure SignalR Chat_| The GitHub user should be able to recognize and trust the app they are authenticating with. |
61
+
| Application name |_Azure SignalR Chat_| The GitHub user should be able to recognize and trust the app they're authenticating with.|
62
62
| Homepage URL |`http://localhost:5000`||
63
63
| Application description |_A chat room sample using the Azure SignalR Service with GitHub authentication_| A useful description of the application that will help your application users understand the context of the authentication being used. |
64
64
| Authorization callback URL |`http://localhost:5000/signin-github`| This setting is the most important setting for your OAuth application. It's the callback URL that GitHub returns the user to after successful authentication. In this tutorial, you must use the default callback URL for the _AspNet.Security.OAuth.GitHub_ package, _/signin-github_. |
@@ -154,7 +154,7 @@ In this section, you will implement a `Login` API that authenticates clients usi
154
154
155
155
1. Add a new controller code file to the _chattest\Controllers_ directory. Name the file _AuthController.cs_.
156
156
157
-
2. Add the following code for the authentication controller. Make sure to update the namespace, if your project directory was not_chattest_:
157
+
2. Add the following code for the authentication controller. Make sure to update the namespace, if your project directory wasn't_chattest_:
158
158
159
159
```csharp
160
160
usingAspNet.Security.OAuth.GitHub;
@@ -186,7 +186,8 @@ In this section, you will implement a `Login` API that authenticates clients usi
186
186
187
187
### Update the Hub class
188
188
189
-
By default when a web client attempts to connect to SignalR Service, the connection is granted based on an access token that is provided internally. This access token is not associated with an authenticated identity. This access is actually anonymous access.
189
+
By default when a web client attempts to connect to SignalR Service, the connection is granted based on an access token that is provided internally. This access token isn't associated with an authenticated identity.
190
+
Basically, it's anonymous access.
190
191
191
192
In this section, you will turn on real authentication by adding the `Authorize` attribute to the hub class, and updating the hub methods to read the username from the authenticated user's claim.
192
193
@@ -335,7 +336,7 @@ In this section, you will turn on real authentication by adding the `Authorize`
335
336
}
336
337
```
337
338
338
-
4. At the bottom of _index.html_, update the error handler for `connection.start()` as shown below to prompt the user to log in.
339
+
4. At the bottom of _index.html_, update the error handler for `connection.start()` as shown below to prompt the user to sign in.
339
340
340
341
```javascript
341
342
connection
@@ -376,7 +377,7 @@ In this section, you will turn on real authentication by adding the `Authorize`
376
377
dotnet run
377
378
```
378
379
379
-
By default, the app will be hosted locally on port 5000:
380
+
The app is hosted locally on port 5000 by default:
380
381
381
382
```output
382
383
E:\Testing\chattest>dotnet run
@@ -386,19 +387,20 @@ In this section, you will turn on real authentication by adding the `Authorize`
386
387
Application started. Press Ctrl+C to shut down.
387
388
```
388
389
389
-
4. Launch a browser window and navigate to `http://localhost:5000`. Click the **here** link at the top to log in with GitHub.
390
+
4. Launch a browser window and navigate to `http://localhost:5000`. Select the **here** link at the top to sign in with GitHub.
390
391
391
392
392
393
393
-
You will be prompted to authorize the chat app's access to your GitHub account. Click the **Authorize** button.
394
+
You will be prompted to authorize the chat app's access to your GitHub account. Select the **Authorize** button.
You will be redirected back to the chat application and logged in with your GitHub account name. The web application determined you account name by authenticating you using the new authentication you added.
398
+
You will be redirected back to the chat application and logged in with your GitHub account name. The web application determined your account name by authenticating you using the new authentication you added.
Now that the chat app performs authentication with GitHub and stores the authentication information as cookies, you should deploy it to Azure so other users can authenticate with their accounts and communicate from other workstations.
402
+
With the chat app now performs authentication with GitHub and stores the authentication information as cookies, the next step involves deploying it to Azure.
403
+
This approach enables other users to authenticate using their respective accounts and communicate from various workstations.
| ResourceGroupName | This resource group name was suggested in previous tutorials. It is a good idea to keep all tutorial resources grouped together. Use the same resource group you used in the previous tutorials. |
441
-
| WebAppPlan | Enter a new, unique, App Service Plan name. |
442
-
| WebAppName | This will be the name of the new web app and part of the URL. Use a unique name. For example, signalrtestwebapp22665120.|
| ResourceGroupName | This resource group name was suggested in previous tutorials. It's a good idea to keep all tutorial resources grouped together. Use the same resource group you used in the previous tutorials. |
443
+
| WebAppPlan | Enter a new, unique, App Service Plan name. |
444
+
| WebAppName | This parameter is the name of the new web app and part of the URL. Make it unique. For example, signalrtestwebapp22665120. |
443
445
444
446
### Add app settings to the web app
445
447
@@ -485,7 +487,7 @@ az webapp config appsettings set --name $WebAppName \
| GitHubClientId | Assign this variable the secret Client Id for your GitHub OAuth App. |
490
+
| GitHubClientId | Assign this variable the secret Client ID for your GitHub OAuth App. |
489
491
| GitHubClientSecret | Assign this variable the secret password for your GitHub OAuth App. |
490
492
| ResourceGroupName | Update this variable to be the same resource group name you used in the previous section. |
491
493
| SignalRServiceResource | Update this variable with the name of the SignalR Service resource you created in the quickstart. For example, signalrtestsvc48778624. |
@@ -584,19 +586,19 @@ Otherwise, if you are finished with the quickstart sample application, you can d
584
586
> [!IMPORTANT]
585
587
> Deleting a resource group is irreversible and that the resource group and all the resources in it are permanently deleted. Make sure that you do not accidentally delete the wrong resource group or resources. If you created the resources for hosting this sample inside an existing resource group that contains resources you want to keep, you can delete each resource individually from their respective blades instead of deleting the resource group.
586
588
587
-
Sign in to the [Azure portal](https://portal.azure.com) and click**Resource groups**.
589
+
Sign in to the [Azure portal](https://portal.azure.com) and select**Resource groups**.
588
590
589
591
In the **Filter by name...** textbox, type the name of your resource group. The instructions for this article used a resource group named _SignalRTestResources_. On your resource group in the result list, click **...** then **Delete resource group**.
You will be asked to confirm the deletion of the resource group. Type the name of your resource group to confirm, and click**Delete**.
595
+
You will be asked to confirm the deletion of the resource group. Type the name of your resource group to confirm, and select**Delete**.
594
596
595
597
After a few moments, the resource group and all of its contained resources are deleted.
596
598
597
599
## Next steps
598
600
599
601
In this tutorial, you added authentication with OAuth to provide a better approach to authentication with Azure SignalR Service. To learn more about using Azure SignalR Server, continue to the Azure CLI samples for SignalR Service.
0 commit comments