azure-activedirectory-identitymodel-extensions-for-dotnet icon indicating copy to clipboard operation
azure-activedirectory-identitymodel-extensions-for-dotnet copied to clipboard

Published 20 hours ago verified publisher icon AzureAD

[Bug] System.IdentityModel.Tokens.Jwt v6.8.0 to 6.34.0 Signature validation failed

Open Tarunms-32 opened this issue 11 months ago • 2 comments

Which version of Microsoft.IdentityModel are you using? System.IdentityModel.Tokens.Jwt 6.8.0

Where is the issue? S.IM.Tokens.Jwt I have spotted this error with output when running tests when validating a JWT token.

Is this a new or an existing app? The app is in production and I have upgraded to a new version of System.IdentityModel.Tokens.Jwt from v6.8.0 to 6.34.0

Expected behavior The validation keeps working after upgrading to latest version. Actual behavior This method ClaimsPrincipal JwtSecurityTokenHandler.ValidateToken(string token, TokenValidationParameters validationParameters, out SecurityToken validatedToken) is used to verify the Signature but the following error is started to appear. Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: 'IDX10517: Signature validation failed. The token's kid is missing. Keys tried: 'Microsoft.IdentityModel.Tokens.SymmetricSecurityKey, Exceptions caught: '[PII of type 'System.Text.StringBuilder' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. token: '[PII of type 'System.IdentityModel.Tokens.Jwt.JwtSecurityToken' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.

Tarunms-32 avatar Feb 27 '24 05:02 Tarunms-32

Can you tell us more about the token / idp you are using?

keegan-caruso avatar Mar 01 '24 21:03 keegan-caruso

@Tarunms-32 can you provide more info?

keegan-caruso avatar Mar 21 '24 17:03 keegan-caruso