When refreshing a token we receive the following error (everything else seems to work perfectly) ...
System.InvalidOperationException: No signing credential for algorithms (1) registered.
at Duende.IdentityServer.Services.DefaultKeyMaterialService.GetSigningCredentialsAsync(IEnumerable`1 allowedAlgorithms) in //src/IdentityServer/Services/Default/DefaultKeyMaterialService.cs:line 73
at Duende.IdentityServer.Services.DefaultTokenService.CreateIdentityTokenAsync(TokenCreationRequest request) in //src/IdentityServer/Services/Default/DefaultTokenService.cs:line 112
at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.CreateIdTokenFromRefreshTokenRequestAsync(ValidatedTokenRequest request, String newAccessToken) in //src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 533
at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.ProcessRefreshTokenRequestAsync(TokenRequestValidationResult request) in //src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 241
at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.ProcessAsync(TokenRequestValidationResult request) in //src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 102
at Duende.IdentityServer.Endpoints.TokenEndpoint.ProcessTokenRequestAsync(HttpContext context) in //src/IdentityServer/Endpoints/TokenEndpoint.cs:line 108
at Duende.IdentityServer.Endpoints.TokenEndpoint.ProcessAsync(HttpContext context) in //src/IdentityServer/Endpoints/TokenEndpoint.cs:line 75
at Duende.IdentityServer.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IdentityServerOptions options, IEndpointRouter router, IUserSession userSession, IEventService events, IIssuerNameService issuerNameService, ISessionCoordinationService sessionCoordinationService) in //src/IdentityServer/Hosting/IdentityServerMiddleware.cs:line 101
at Duende.IdentityServer.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IdentityServerOptions options, IEndpointRouter router, IUserSession userSession, IEventService events, IIssuerNameService issuerNameService, ISessionCoordinationService sessionCoordinationService) in //src/IdentityServer/Hosting/IdentityServerMiddleware.cs:line 117
at Duende.IdentityServer.Hosting.MutualTlsEndpointMiddleware.Invoke(HttpContext context, IAuthenticationSchemeProvider schemes) in //src/IdentityServer/Hosting/MutualTlsEndpointMiddleware.cs:line 94
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Duende.IdentityServer.Hosting.DynamicProviders.DynamicSchemeAuthenticationMiddleware.Invoke(HttpContext context) in //src/IdentityServer/Hosting/DynamicProviders/DynamicSchemes/DynamicSchemeAuthenticationMiddleware.cs:line 47
at Duende.IdentityServer.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) in //src/IdentityServer/Hosting/BaseUrlMiddleware.cs:line 27
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Configuration:
public void ConfigureServices(IServiceCollection services)
{
var structureMapContainer = new StructureMapContainer().GetContainer();
var membershipOptions = structureMapContainer.GetInstance<IMembershipOptionsProvider>();
var clientOptions = structureMapContainer.GetInstance<IClientStoreProvider>();
services.AddIdentityServer()
.AddKeyManagement()
.AddMembershipService(membershipOptions.GetMembershipOptions())
.AddOperationalStore(clientOptions.GetOperationalStoreOptions())
.AddConfigurationStore(clientOptions.GetConfigurationStoreOptions())
.Services.AddTransient<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>()
.AddTransient<IExtensionGrantValidator, SocialGrantValidator>()
.AddTransient<IAppSettingsProvider, AppSettingsProvider>()
.Configure<IdentityServerOptions>(options => { options.AccessTokenJwtType = "JWT"; options.EmitStaticAudienceClaim =
true; });
services.AddMvc(options => options.EnableEndpointRouting = false);
}
Closing as I found my issue .... it turns out that I did not have AllowedIdentityTokenSigningAlgorithms set correctly in the database. I set an acceptable value of RSA256, and everything is working as expected.
Version: Duende IdentityServer 6.2.1
.NET Version: .NET 6
When refreshing a token we receive the following error (everything else seems to work perfectly) ...
System.InvalidOperationException: No signing credential for algorithms (1) registered. at Duende.IdentityServer.Services.DefaultKeyMaterialService.GetSigningCredentialsAsync(IEnumerable`1 allowedAlgorithms) in //src/IdentityServer/Services/Default/DefaultKeyMaterialService.cs:line 73 at Duende.IdentityServer.Services.DefaultTokenService.CreateIdentityTokenAsync(TokenCreationRequest request) in //src/IdentityServer/Services/Default/DefaultTokenService.cs:line 112 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.CreateIdTokenFromRefreshTokenRequestAsync(ValidatedTokenRequest request, String newAccessToken) in //src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 533 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.ProcessRefreshTokenRequestAsync(TokenRequestValidationResult request) in //src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 241 at Duende.IdentityServer.ResponseHandling.TokenResponseGenerator.ProcessAsync(TokenRequestValidationResult request) in //src/IdentityServer/ResponseHandling/Default/TokenResponseGenerator.cs:line 102 at Duende.IdentityServer.Endpoints.TokenEndpoint.ProcessTokenRequestAsync(HttpContext context) in //src/IdentityServer/Endpoints/TokenEndpoint.cs:line 108 at Duende.IdentityServer.Endpoints.TokenEndpoint.ProcessAsync(HttpContext context) in //src/IdentityServer/Endpoints/TokenEndpoint.cs:line 75 at Duende.IdentityServer.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IdentityServerOptions options, IEndpointRouter router, IUserSession userSession, IEventService events, IIssuerNameService issuerNameService, ISessionCoordinationService sessionCoordinationService) in //src/IdentityServer/Hosting/IdentityServerMiddleware.cs:line 101 at Duende.IdentityServer.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IdentityServerOptions options, IEndpointRouter router, IUserSession userSession, IEventService events, IIssuerNameService issuerNameService, ISessionCoordinationService sessionCoordinationService) in //src/IdentityServer/Hosting/IdentityServerMiddleware.cs:line 117 at Duende.IdentityServer.Hosting.MutualTlsEndpointMiddleware.Invoke(HttpContext context, IAuthenticationSchemeProvider schemes) in //src/IdentityServer/Hosting/MutualTlsEndpointMiddleware.cs:line 94 at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Duende.IdentityServer.Hosting.DynamicProviders.DynamicSchemeAuthenticationMiddleware.Invoke(HttpContext context) in //src/IdentityServer/Hosting/DynamicProviders/DynamicSchemes/DynamicSchemeAuthenticationMiddleware.cs:line 47 at Duende.IdentityServer.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) in //src/IdentityServer/Hosting/BaseUrlMiddleware.cs:line 27 at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Configuration: