mafurman
commented
3 years ago To better understand your issue, could you clarify what you mean by auto-reloading? Would being able to configure this setting from a configuration file address this?
Closed prateekprshr-nith closed 3 years ago
mafurman
commented
3 years ago To better understand your issue, could you clarify what you mean by auto-reloading? Would being able to configure this setting from a configuration file address this?
brentschmaltz
commented
3 years ago @prateekprshr-nith could you use this delegate: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/blob/161f199894c94092b780ab3ce965e31ae94c8b7e/src/Microsoft.IdentityModel.Tokens/TokenValidationParameters.cs#L123
It is called when we need to decrypt a JWE see: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/blob/161f199894c94092b780ab3ce965e31ae94c8b7e/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs#L803
Please reopen if this will not work for you.
We have scenarios when we have to rotate
TokenValidationParameters.TokenDecryptionKeysand we can't afford to restart our app. Is there a way to configure auto-reloading the decryption keys forJwtBearerOptions?