New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support setting HTTP headers for WebSocket connection #305
Comments
I don't think that WebSockets support HTTP Headers. I've been frustrated by this before 😄 https://stackoverflow.com/a/4361358 SignalR Core uses a query string parameter to transmit bearer tokens over websockets |
WebSockets in C# (and most other languages / frameworks) do support HTTP headers. The only situation when it's not supported (AFAIK) is when you try to connect a WebSocket from a browser application. Here's a C# example: using (var socket = new ClientWebSocket())
try
{
socket.Options.SetRequestHeader("authorization", $"Bearer {accessToken}");
await socket.ConnectAsync(new Uri($"wss://localhost:8181"), CancellationToken.None);
await Send(socket, "data");
if (!await Receive(socket)) return;
}
catch (Exception ex)
{
Console.WriteLine($"ERROR - {ex.Message}");
return;
} |
Good to know. Maybe we could have a callback in
Where the |
👍 I could see this being extremely useful with Blazor WebAssembly, specifically with being able to securely emit events from the frontend without the need for SignalR |
I think that Blazor WebAssembly running in the browser will use the Browser's websocket implementation, which doesn't support headers. |
Proposed change
Support setting of (additional) HTTP headers for WebSocket connection. This could be a new part of NatsOpts class. Useful for providing an Authorization header. Perhaps along the following lines:
OnConnectingAsync callback should allow updating the headers, so that an authorization token could be refreshed.
Use case
JWT based authorization outside of NATS server.
Contribution
yes, interested.
The text was updated successfully, but these errors were encountered: