azure-webpubsub icon indicating copy to clipboard operation
azure-webpubsub copied to clipboard

Published 20 hours ago verified publisher icon Azure

Support of ws sockets

Open riccardobecker opened this issue 3 years ago • 1 comments

At this moment the WebPubSub only supports the wss protocol. This is obviously the best way to setup a secure connection but in my business field there are devices out there that are not able to connect to wss endpoints due to the lack of local certificate stores on board of the devices.

Is there a way to connect to WebPubSub (now or in the future) to also have the ability to connect lightweight devices that are not capable of having a certificate store on board.

var url = client.GetClientAccessUri($"John", Protocol.Ws); var url = client.GetClientAccessUri($"John", Protocol.Wss);

riccardobecker avatar May 08 '21 18:05 riccardobecker

This can be achieved by leveraging App Gateway.

FYI my way to setup the Application Gateway with Web PubSub:

  1. Create Application Gateway (AG1):
    1. Follow the steps and create a virtual network for it
    2. Create a new public IP address
    3. Add a backend pool, put DNS name of the Web PubSub in the target: image
    4. Add a routing rule:
      1. Listener:
        1. Frontend IP: Public
        2. Others: default
          1. Backend targets:
            1. Add new HTTP settings
              1. Backend protocol: HTTPS
              2. Use well known CA certificate: yes
              3. Request time-out (seconds): set a larger number 1.Pay attention to this setting: this is the maximum allowed idle time for the WebSocket connection, that means, if there is no traffic inside your WebSocket connection for the Request time-out seconds, the App Gateway closes the connection 2. So if your app server broadcasts messages to the client every several seconds, you can set this time-out to for example 3600 seconds.
              4. Override with new host name: yes
                1. Override with specific domain name:
                2. And type the xxx.webpubsub.azure.com service name image
              5. Others: default
  2. When created, go to the Application Gateway settings, change the health probe path to api/health image
  3. To validate: open http://<public-ip-of-AG1> should return 403 and http://<public-ip-of-AG1>/api/health should return 200

To change to C# server side to use the AG1:

var uriBuilder = new UriBuilder(url);
uriBuilder.Host = "<public-ip-of-AG1>";
uriBuilder.Scheme = "ws";
uriBuilder.Port = 80;
req.HttpContext.Response.Redirect(uriBuilder.Uri);

vicancy avatar Aug 02 '21 08:08 vicancy