remyblok
commented
2 weeks ago Also. I looked at the documentation of CreateToken(). There it does not mention that the payload cannot be string.Empty. So this may even be concidered a bug.
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/blob/c24bfe683427dbad566fe617d0d590ec3a61d8aa/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.CreateToken.cs#L32
Is your feature request related to a problem? Please describe. I need to create Detached JWS signature for all requests to a webservice. Also for
GETrequests (which do not have a body/payload). This library creates JWTs of thich I remove the payload to get the JWS variant. But for GET-requests there is no payload. TheCreateToken()-method fails when the payload isnullorstring.Empty.Describe the solution you'd like I want to be able to call
JsonWebTokenHandler.CreateToken()withstring.Emptyas payload. The result should be an empty payload in the created token:Describe alternatives you've considered I've concidered using
JsonWebTokenHandler.CreateToken(SecurityTokenDescriptor tokenDescriptor). The issue is that then an (empty) json-object is automatically created as payload.I'm now calling the
internal static CreateToken()onJsonWebTokenHandlerusing reflection with anstring.Emptypayload. This actually works perfectly and results in the expected behaviour as described above. Only reflection is not a future proof solution.Additional context iDeal API desciption with requirements of Detached JWS for all requests