Azure AD-B2C错误:IDX10501:签名验证失败.无法匹配密钥:kid:"[PII隐藏]",令牌:"[PII隐藏]" [英] Azure AD-B2C error: IDX10501: Signature validation failed. Unable to match keys: kid: '[PII is hidden]', token: '[PII is hidden]'

查看:575
本文介绍了Azure AD-B2C错误:IDX10501:签名验证失败.无法匹配密钥:kid:"[PII隐藏]",令牌:"[PII隐藏]"的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用Swagger进行API调用,为了进行身份验证,我可以生成Bearer令牌,但是之后我得到401作为响应.检查日志后,以下是错误: Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException:IDX10501:签名验证失败.无法匹配密钥: 小子:"[PII隐藏]", 令牌:"[PII隐藏]" 我的ConfigureAuth方法如下:

I’m using Swagger to make API calls, for authentication I’m able to generate Bearer token but after that I' m getting 401 in response. After checking logs, below is the error: Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10501: Signature validation failed. Unable to match keys: kid: '[PII is hidden]', token: '[PII is hidden]' My ConfigureAuth method is as below:

 private static void ConfigureAuth(IAppBuilder app)
    {
        var metadataEndpoint = string.Format(
            configProvider.GetConfigValue<string>("ida:AadInstance", "AuthConfig"),
            configProvider.GetConfigValue<string>("ida:Tenant", "AuthConfig"),
            configProvider.GetConfigValue<string>("ida:SignInPolicy", "AuthConfig"));

        string[] validAudiences = configProvider.GetConfigValue<string>("ida:Audiences", "AuthConfig").Split(',');
        TokenValidationParameters tvps = new TokenValidationParameters
        {
            ValidAudiences = validAudiences,
            AuthenticationType = configProvider.GetConfigValue<string>("ida:SignInPolicy", "AuthConfig"),
            ValidateAudience = true,
            ValidateIssuer = configProvider.GetConfigValue<bool>("validateIssuer", "AuthConfig"),
            ValidateLifetime = true,
            ValidAudience = configProvider.GetConfigValue<string>("Swagger:ClientId", "AuthConfig"),
            //NameClaimType = "http://schemas.microsoft.com/identity/claims/objectidentifier",
        };

        //SecurityToken securityToken;
        //JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
        app.UseOAuthBearerAuthentication(
            new OAuthBearerAuthenticationOptions
             {
                AccessTokenFormat = new JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider(metadataEndpoint)),
                Provider = new OAuthBearerAuthenticationProvider()
                {
                    OnRequestToken = (context) =>
                    {
                        if (!string.IsNullOrEmpty(context.Token))
                        {
                        }

                        return Task.FromResult<int>(0);
                    },
                    OnValidateIdentity = (context) =>
                        {
                            ////TO DO
                            //// Steps to perform after identity validation

                            return Task.FromResult<int>(0);
                        }
                }
            });

}

推荐答案

我能够通过传递正确的元数据终结点来验证令牌. *

I was able to validate the token by passing the correct metadata endpoint. *

https://login.microsoftonline.com/tfp/ {0}/{1} /v2.0/.well-known/openid-configuration

https://login.microsoftonline.com/tfp/{0}/{1}/v2.0/.well-known/openid-configuration

*

这篇关于Azure AD-B2C错误:IDX10501:签名验证失败.无法匹配密钥:kid:"[PII隐藏]",令牌:"[PII隐藏]"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆