Open fiservdev opened 10 years ago
brentschmaltz
commented
10 years ago To help me understand the issue. The error contains the values being compared, can you post them if they are sensitive, just block out that with ???? marks. Thanks Brent.
fiservdev
commented
10 years ago Here's the error message:
Jwt10311: Unable to validate issuer, validationParameters.ValidIssuer: 'GLS Research & Development CA 01' or validationParameters.ValidIssuers: 'null' did not match Jwt.Issuer: '["GLS Research \u0026 Development CA 01","GLS Research \u0026 Development CA 01"]'. Comparison is: Equals
brentschmaltz
commented
10 years ago I can see a couple of things here.
pointing TokenValidationParameters.IssuerValidator to custom function should get you around this.
I'm having an issue with validating the token issuer when the issuer name has an ampersand in it. The error message returned is "Jwt10311: Unable to validate issuer". The web.config entries for my identity provider and RP have the exact same issuer name with an encoded ampersand (i.e. &) but the JwtSecurityTokenHandler fails during the string comparison of issuer name because the ampersand is the decoded Html value (&) vs. the unicode value (\u0026). Obviously I can implement my own ValidateIssuer method in a custom handler but this would just be a workaround. Please advise if this is a known issue and when a fix might be made available. Thanks.