I have an Azure HTTP-triggered function that facilitates negotiation with Azure SignalR Services (serverless). Here it is the code to negotiate:
var hubConnection = new HubConnectionBuilder()
.WithUrl("http://localhost:7071", options =>
{
options.Headers.Add("x-ms-signalr-userid", SystemUserId!);
options.Headers.Add("x-functions-key", ConnectionParameters!.SecretKey!);
})
.WithAutomaticReconnect([TimeSpan.Zero, TimeSpan.Zero, TimeSpan.FromMilliseconds(5)])
.Build();
Messages are sent and received via Upstream between the established connections (client apps). I realized that the sent messages are in clear text and hence they can be read clearly on the server side.
This is how the Upstream function looks like as a pseudo code:
[Function("SendMessage")]
[SignalROutput(HubName = "MyHub")]
public SignalRMessageAction SendMessageToUser([SignalRTrigger("MyHub", "Category", "msgSent", "username", "message")] SignalRInvocationContext invocationContext, string username, string message)
{
return new SignalRMessageAction() { .... }
}
How can we implement a mechanism to encrypt messages end to end to enhance the privacy? Ideally something like WhatsApp is doing?
I would also like to elevate the question a bit, how sending and receiving messages in a group can be secured/encrypted to make them readable to the group's users only?
The credits go to @Andew B who left a comment. One needs to follow the steps described in this SO post to implement a full-blown e-2-e secure chat.