将JWT令牌发送到WIF WCF服务 [英] Sending jwt token to wif wcf service

问题描述

我也无法通过wcf服务发送jwt令牌.

I have problem sending jwt token too a wcf service.

已遵循此步骤，并且几乎可以正常运行. 将JWT SecurityToken交付给WCF客户端

Have followed this and it almost works. Delivering a JWT SecurityToken to a WCF client

因此，我按照上面的链接发送GenericXmlSecurityToken. 并创建了以下处理程序:

So i send a GenericXmlSecurityToken as in the link above. And have created the following handler:

public class CustomJwtSecurityTokenHandler : JwtSecurityTokenHandler
{
    public override ReadOnlyCollection<ClaimsIdentity> ValidateToken(SecurityToken token)
    {
        var jwtToken = (JwtSecurityToken)(token);
        SecurityToken securityToken;
        var principal = ValidateToken(jwtToken.RawData, new TokenValidationParameters(), out securityToken);
        var collection = new ReadOnlyCollection<ClaimsIdentity>(principal.Identities.ToList());
        return collection;
    }

    public override ClaimsPrincipal ValidateToken(string jwt, TokenValidationParameters validationParameters, out SecurityToken token)
    {
        validationParameters.ValidateAudience = false;
        validationParameters.ValidateIssuer = false;

        var certificateBytes = Convert.FromBase64String("long text...");

        validationParameters.IssuerSigningKey = new X509SecurityKey(new X509Certificate2(certificateBytes));

        return base.ValidateToken(jwt, validationParameters, out token);
    }
}

到目前为止，所有有效的令牌都可以通过验证，但是在此之后发生了一些事情.

服务器抛出

System.ServiceModel.Security.MessageSecurityException : Message security verification failed. System.IndexOutOfRangeException: The index was outside the bounds of the array.

内部异常的StackTrace

StackTrace of innerexception

<StackTrace>
   at System.Xml.XmlBufferReader.GetChars(Int32 offset, Int32 length, Char[] chars)
   at System.Xml.XmlBufferReader.GetString(Int32 offset, Int32 length)
   at System.Xml.StringHandle.GetString()
   at System.Xml.XmlBaseReader.ReadEndElement()
   at System.ServiceModel.Security.ReceiveSecurityHeader.ExecuteFullPass(XmlDictionaryReader reader)
   at System.ServiceModel.Security.ReceiveSecurityHeader.Process(TimeSpan timeout, ChannelBinding channelBinding, ExtendedProtectionPolicy extendedProtectionPolicy)
   at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessageCore(Message&amp; message, TimeSpan timeout)
   at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message&amp; message, TimeSpan timeout)
</StackTrace>

推荐答案

这可能是WCF中的问题.

This might be an issue in WCF.

请参阅:如何在WCF和WIF中使用JWT令牌?

一个潜在的解决方法可能是按照

A potential workaround might be to transport the JWT as a claim in a GenericXmlSecurityToken, as proposed by http://leastprivilege.com/2015/07/02/give-your-wcf-security-architecture-a-makeover-with-identityserver3/

这篇关于将JWT令牌发送到WIF WCF服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！