When adding OIDC authentication using the AddOidcAuthentication extension method, an optional custom X509 certificate loader can be provided using the IX509CertificateLoader certificateLoader parameter
However, in one instance this custom loader was being ignored and a standard .NET X509CertificateLoader instance was created instead, which is not compatible in all environments.
While investigating the issue, another issue was discovered: in the AddJwtAuthentication, a certificate loader is necessary, but there is no opportunity to override the standard .NET X509CertificateLoader. This has now been corrected: an optional IX509CertificateLoader certificateLoader parameter has been introduced, just like in all other methods.
This pull request addresses both issues.
Thanks to Christ Losfeld for pointing out the OIDC authentication problem.
GFlisch
commented
6 months ago
When adding OIDC authentication using the
AddOidcAuthenticationextension method, an optional custom X509 certificate loader can be provided using theIX509CertificateLoader certificateLoaderparameter However, in one instance this custom loader was being ignored and a standard .NETX509CertificateLoaderinstance was created instead, which is not compatible in all environments.While investigating the issue, another issue was discovered: in the
AddJwtAuthentication, a certificate loader is necessary, but there is no opportunity to override the standard .NETX509CertificateLoader. This has now been corrected: an optionalIX509CertificateLoader certificateLoaderparameter has been introduced, just like in all other methods.This pull request addresses both issues.
Thanks to Christ Losfeld for pointing out the OIDC authentication problem.