nzpcmad
commented
9 years ago Also note:
I changed ADFS to SHA-1 but then I got the AFS error:
System.ArgumentException: signingCredentials.DigestAlgorithm must be SHA-256 at Microsoft.IdentityModel.Tokens.JSON.SignatureProvider.Create(SigningCredentials
Have AS setup and have got the Code Flow client working.
Then I thought that I would use this client to talk to OAuth2 as implemented in ADFS Server 2012 R2 i.e. ADFS 3.0. (i.e. AS no longer involved).
Set it all up with Set-ADFSClient and got it working all the way down to "Call service". The error I get is:
Response status code does not indicate success: 401 (Unauthorized.).
Turning on WebAPI logging I see:
HTTP Authentication: Exception while validating the token: System.IdentityModel.Tokens.SecurityTokenValidationException: Jwt10316: Signature validation failed. Keys tried: 'System.IdentityModel.Tokens.InMemorySymmetricSecurityKey'. Exceptions caught: 'System.InvalidOperationException: Jwt10532: SymmetricSecurityKey.GetKeyedHashAlgorithm( 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' ) threw and exception. SymmetricSecurityKey: 'System.IdentityModel.Tokens.InMemorySymmetricSecurityKey' SignatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', check to make sure the SignatureAlgorithm is supported. Exception: 'System.InvalidOperationException: Crypto algorithm 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' not supported in this context.
Any ideas?