Jwt Manager. Set of components to deal with Jwt Stuff. Automate your key rotating, add support for jwks_uri. Store your cryptography keys in a secure place.
MIT License
271
stars
38
forks
source link
JsonWebKey deserialization depends on global JsonSerializerOptions #54
Hi,
I'm a happy user of your helpful library, but recently I have encounted a problem. After some updates on my project, the SigningCredentials returned by the library was not accepted anymore for jwt signing and throws misleading error:
System.NotSupportedException: IDX10621: 'Microsoft.IdentityModel.Tokens.SymmetricSignatureProvider' supports: 'Microsoft.IdentityModel.Tokens.SecurityKey' of types: 'Microsoft.IdentityModel.Tokens.AsymmetricSecurityKey' or 'Microsoft.IdentityModel.Tokens.SymmetricSecurityKey'. SecurityKey received was of type 'Microsoft.IdentityModel.Tokens.JsonWebKey'.
After further investigation and debugging, I found that returned SecurityKey has just default values for his properties. This was caused by wrong deserialization of JsonWebKey by KeyMaterial.GetSecurityKey that is depending on JsonSerializerOptions
I have the small fix for this that I could send as merge request.
Hi, I'm a happy user of your helpful library, but recently I have encounted a problem. After some updates on my project, the SigningCredentials returned by the library was not accepted anymore for jwt signing and throws misleading error:
System.NotSupportedException: IDX10621: 'Microsoft.IdentityModel.Tokens.SymmetricSignatureProvider' supports: 'Microsoft.IdentityModel.Tokens.SecurityKey' of types: 'Microsoft.IdentityModel.Tokens.AsymmetricSecurityKey' or 'Microsoft.IdentityModel.Tokens.SymmetricSecurityKey'. SecurityKey received was of type 'Microsoft.IdentityModel.Tokens.JsonWebKey'.
After further investigation and debugging, I found that returned SecurityKey has just default values for his properties. This was caused by wrong deserialization of JsonWebKey by KeyMaterial.GetSecurityKey that is depending on JsonSerializerOptions
I have the small fix for this that I could send as merge request.