Nesco.SignalRUserManagement.Server.Authorization 1.0.11

.NET 10.0 This package targets .NET 10.0. The package is compatible with this framework or higher. 
dotnet add package Nesco.SignalRUserManagement.Server.Authorization --version 1.0.11
                    


                    

                
NuGet\Install-Package Nesco.SignalRUserManagement.Server.Authorization -Version 1.0.11
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Nesco.SignalRUserManagement.Server.Authorization" Version="1.0.11" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Nesco.SignalRUserManagement.Server.Authorization" Version="1.0.11" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Nesco.SignalRUserManagement.Server.Authorization" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Nesco.SignalRUserManagement.Server.Authorization --version 1.0.11
                    


                    

                
#r "nuget: Nesco.SignalRUserManagement.Server.Authorization, 1.0.11"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Nesco.SignalRUserManagement.Server.Authorization@1.0.11
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Nesco.SignalRUserManagement.Server.Authorization&version=1.0.11
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Nesco.SignalRUserManagement.Server.Authorization&version=1.0.11
                    


                            Install as a Cake Tool

Nesco.SignalRUserManagement.Server.Authorization

Server-side JWT authentication library for ASP.NET Core applications using SignalR User Management.

Installation

dotnet add package Nesco.SignalRUserManagement.Server.Authorization

Quick Setup

1. Create Your AuthController (Required)

The library provides a generic AuthController<TUser> base class. You must create a concrete controller in your application that inherits from it:

using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Options;
using Nesco.SignalRUserManagement.Server.Authorization.Controllers;
using Nesco.SignalRUserManagement.Server.Authorization.Options;

namespace YourApp.Controllers;

public class AuthController : AuthController<ApplicationUser>
{
    public AuthController(
        SignInManager<ApplicationUser> signInManager,
        UserManager<ApplicationUser> userManager,
        IConfiguration configuration,
        IOptions<JwtAuthOptions>? jwtOptions = null)
        : base(signInManager, userManager, configuration, jwtOptions)
    {
    }
}

Why is this required? ASP.NET Core's controller discovery doesn't automatically register generic controllers. By creating a concrete class, you also get the flexibility to use your own user type (e.g., ApplicationUser with custom properties).

2. Add JWT Authentication

using Nesco.SignalRUserManagement.Server.Authorization.Extensions;

var builder = WebApplication.CreateBuilder(args);

// Option A: Configure from appsettings.json
builder.Services.AddAuthentication()
    .AddSignalRJwtBearer(builder.Configuration);

// Option B: Configure inline
builder.Services.AddAuthentication()
    .AddSignalRJwtBearer(options =>
    {
        options.Key = "YourSuperSecretKeyThatIsAtLeast32CharactersLong!";
        options.Issuer = "YourAppName";
        options.Audience = "YourAppName";
    });

// Option C: Use defaults
builder.Services.AddAuthentication()
    .AddSignalRJwtBearer();

The AddSignalRJwtBearer extension automatically:

  • Configures JWT Bearer authentication
  • Sets up token validation parameters
  • Enables query string token extraction for SignalR (?access_token=...)
  • Registers the IUserIdProvider for SignalR

3. Add Controllers

builder.Services.AddControllers();

var app = builder.Build();

app.UseAuthentication();
app.UseAuthorization();

app.MapControllers();

4. Configure appsettings.json (for Option A)

{
  "Jwt": {
    "Key": "YourSuperSecretKeyThatIsAtLeast32CharactersLong!",
    "Issuer": "YourAppName",
    "Audience": "YourAppName",
    "TokenExpirationDays": 7,
    "HubPathPrefix": "/hubs"
  }
}

Complete Example

// Program.cs
using Microsoft.AspNetCore.Identity;
using Nesco.SignalRUserManagement.Server.Authorization.Extensions;

var builder = WebApplication.CreateBuilder(args);

// Add Identity
builder.Services.AddIdentityCore<ApplicationUser>()
    .AddEntityFrameworkStores<ApplicationDbContext>()
    .AddSignInManager();

// Add JWT Authentication (reads from appsettings.json)
builder.Services.AddAuthentication()
    .AddSignalRJwtBearer(builder.Configuration);

// Add controllers
builder.Services.AddControllers();

var app = builder.Build();

app.UseAuthentication();
app.UseAuthorization();

app.MapControllers();

app.Run();

If you need both cookie authentication (for Blazor Server) and JWT (for API/SignalR clients):

// Cookie authentication for Blazor Server
builder.Services.AddAuthentication(options =>
{
    options.DefaultScheme = IdentityConstants.ApplicationScheme;
    options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
})
.AddIdentityCookies();

// Add JWT Bearer for API/SignalR clients (separate call required)
builder.Services.AddAuthentication()
    .AddSignalRJwtBearer(builder.Configuration);

Note: AddIdentityCookies() returns IdentityCookiesBuilder, not AuthenticationBuilder, so JWT must be added in a separate AddAuthentication() call.

Then configure your SignalR hub to accept both schemes:

app.MapHub<YourHub>("/hubs/yourhub")
    .RequireAuthorization(policy =>
        policy.AddAuthenticationSchemes(
            JwtBearerDefaults.AuthenticationScheme,
            IdentityConstants.ApplicationScheme)
        .RequireAuthenticatedUser());

Configuration Options

Option Default Description
Key "YourSuperSecretKeyThatIsAtLeast32CharactersLong!" Secret key for signing tokens (min 32 chars)
Issuer "UserManagementAndControl" Token issuer
Audience "UserManagementAndControl" Token audience
HubPathPrefix "/hubs" Path prefix for SignalR query string token extraction
TokenExpirationDays 7 Token expiration in days
ValidateIssuer true Whether to validate issuer
ValidateAudience true Whether to validate audience
ValidateLifetime true Whether to validate token expiration

API Endpoints

The AuthController<TUser> provides these endpoints:

Method Endpoint Description Auth Required
POST /api/auth/login Authenticate and get JWT token No
POST /api/auth/logout Logout (client-side token discard) Yes
GET /api/auth/me Get current user info Yes

Login Request

POST /api/auth/login
Content-Type: application/json

{
  "email": "user@example.com",
  "password": "password123"
}

Login Response (Success)

{
  "userId": "abc123",
  "email": "user@example.com",
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

API Reference

Extension Methods

Method Description
AddSignalRJwtBearer() Adds JWT auth with default options
AddSignalRJwtBearer(IConfiguration) Adds JWT auth from config's "Jwt" section
AddSignalRJwtBearer(Action<JwtAuthOptions>) Adds JWT auth with inline configuration
AddSignalRUserIdProvider() Registers only the IUserIdProvider (if configuring JWT manually)

SignalRUserIdProvider

Extracts the user ID from JWT claims for SignalR connections. It checks these claims in order:

  1. ClaimTypes.NameIdentifier
  2. ClaimTypes.Name
  3. "sub"

Companion Library

Use with Nesco.SignalRUserManagement.Client.Authorization for a complete client-side authentication solution.

Product Compatible and additional computed target framework versions.
.NET net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.0.11 435 12/10/2025
1.0.9 345 12/8/2025
1.0.8 203 12/7/2025
1.0.6 143 12/6/2025