dotnet
JwtSecurityToken does not parse the payload claims correctly. Claims are missing in the Payload array.
This issue has been moved from a ticket on Developer Community.
[severity:I'm unable to use this version] [regression] [worked-in:17.9.4] A valid JWT with 4 claims that gets parsed by JwtSecurityToken results in just 3 claims. In this case the "exp" claim is missing resulting in a token validation exception. The order of the claims matter e.g. if the "exp" claim is first then it does get parsed.
Sample JWT: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjAsImlhdCI6MTcxMTk2NTY2NCwianRpIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIiwiZXhwIjoxNzQzNTAxNjYzLCJpc3MiOiJ0ZXN0In0.XAI2NPkXbdFLm-EJyft-cmppG3s3cE7XBCe8inZCZm-cWnk9csylxffDP6-U9cz2qzlaBrXiLoLRu7DY2x4NR-d2edPf98xcz0Yr5ZctuNOjKYO77tBD0SFWwSzOogHwftAu9XwFaPw66AytrDWXYgduR6tVMMZ4KK8XkSmZl8w1YwFXQvEaUkOVOAYVlgl52OMtYJeA4HwCm6ePYJKXHRD2Qmdhl6Ah7PkAZ4tkgBcrkmT2eZdSNLeFx-MxCElQrl_Ru6De9R6DDby9AFmTSvnauyNytkdlDrylDGpmgIAxydUhAWJuTNgD2XuJpUVJ_ggR7KqTriy6_LLpFI0XGw
Original Comments
Feedback Bot on 4/1/2024, 08:17 PM:
(private comment, text removed)
Original Solutions
(no solutions)
@jennyf19, @brentschmaltz this will be something for you to look into, I believe. Do you want to recommend the customer to file a new issue in your repo? Where would that be?
We believe this is similar issue to https://github.com/dotnet/aspnetcore/issues/55194. The dependencies are perhaps incompatible. Could you please follow the guidance in the linked issue to see if that resolves the problem.
Closing since the issue linked in the previous comment describes the issue that you're most likely hitting, and it has been closed with provided guidance.
