JwtSecurityToken例外解码时的Azure移动服务JWT令牌 [英] JwtSecurityToken exception while decoding Azure Mobile Services JWT token

问题描述

下面的代码：

using System.IdentityModel.Tokens;

JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(rawToken);

生成以下异常：

Generates the following exception:

Jwt10113: Unable to decode the 'header'
The value "0" is not of type "System.String" and cannot be used in this generic collection. Parameter name: value

当rawToken的头部分是：

When the 'header' section of the rawToken is:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6MH0

可被解码为：

{"alg":"HS256","typ":"JWT","kid":0}

的

断裂令牌的来源是的Azure移动服务


请注意，调用相同的代码行时不会发生异常而头部分是：

Please note that the exception does not occur when calling the same line of code while the 'header' section is:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjAifQ

哪些可以被解码为：

{"alg":"HS256","typ":"JWT","kid":"0"}

我怎样才能克服这个问题，并且正确地验证这种令牌？

How can I overcome this problem, and properly validate such a token?

推荐答案

这是在Azure移动服务就其与JWT规范一致性的错误。该错误已被固定，因此由移动服务所产生的JWTs现在应该在其头部的孩子字段正确的字符串值。

This was a bug in the Azure Mobile Services with respect to its conformance with the JWT spec. The bug has since been fixed, so the JWTs generated by the mobile services should now have a correct string value in the "kid" field of its header.

这篇关于JwtSecurityToken例外解码时的Azure移动服务JWT令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！