openiddict-test icon indicating copy to clipboard operation
openiddict-test copied to clipboard

Published 20 hours ago verified publisher icon capesean

API Response 401

Open SkyQuant opened this issue 8 years ago • 16 comments

I fetched token which is also saved in local storage, but can't authorize for API call. Suppose I have to manually realize auth logic writing something to Startup.cs?

SkyQuant avatar Apr 04 '16 08:04 SkyQuant

I've just run into this issue myself. Will let you know when it's fixed.

capesean avatar Apr 04 '16 08:04 capesean

@capesean, thanks in advance. Any assumptions in the moment?

SkyQuant avatar Apr 04 '16 10:04 SkyQuant

@SkyQuant It's an issue on another repo, see here: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/issues/232

This being the actual issue: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/360

capesean avatar Apr 04 '16 11:04 capesean

If I wanted to run the openiddict for jwt in production, is there a way to ensure that it doesn't get broken like this?

shima20 avatar Apr 06 '16 00:04 shima20

@shima20 you'd need to pin your versions in project.json. i.e. instead of using versions like 1-0-0-* you'd need to pin them to the exact versions that you have that work, like 1-0-0-rc2-21440.

capesean avatar Apr 06 '16 04:04 capesean

@capesean good to know thanks! is there any way to tell which version is a good working version before this bug?

shima20 avatar Apr 06 '16 05:04 shima20

@shima20 you'll have to work that out for yourself, I'm afraid. I haven't been keeping track. It's a little tricky because you also have to pin the dependencies, i.e. the other packages that OpenIddict relies on also have to be pinned.

capesean avatar Apr 06 '16 05:04 capesean

FYI, the "missing signature" bug should be fixed soon by @brentschmaltz (who works for the MSFT Azure AD team, in charge of the JWT library OpenIddict relies on): https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/364

kevinchalet avatar Apr 06 '16 14:04 kevinchalet

@PinpointTownes Should be in today, sorry for the hassle. thanks Pinpoint.

brentschmaltz avatar Apr 06 '16 16:04 brentschmaltz

good to hear @brentschmaltz , looking forward to the fix!

shima20 avatar Apr 06 '16 22:04 shima20

@brentschmaltz you're welcome! Thanks for the quick fix :clap:

kevinchalet avatar Apr 06 '16 22:04 kevinchalet

@brentschmaltz is there anything i need to do now? i tried again this morning and im still getting the same issue.

shima20 avatar Apr 07 '16 16:04 shima20

@shima20 https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/issues/232#issuecomment-206936916

kevinchalet avatar Apr 07 '16 18:04 kevinchalet

@PinpointTownes guess we are still waiting for it to be updated?

shima20 avatar Apr 08 '16 16:04 shima20

The aspnet-contrib feed is now mirroring the Azure AD feed and ASOS was just updated to use the latest IdentityModel packages: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/commit/e3a8781af075157af944d575d441bab3e7773a05.

The JWT issue you're seeing should disappear when updating your packages.

kevinchalet avatar Apr 12 '16 15:04 kevinchalet

Thank you! It is in fact working again.

shima20 avatar Apr 12 '16 17:04 shima20