search

simpleidserver / SimpleIdServer

OpenID, OAuth 2.0, SCIM2.0, UMA2.0, FAPI, CIBA & OPENBANKING Framework for ASP.NET Core
https://simpleidserver.com/
Apache License 2.0
682 stars 90 forks source link

Error in JwksRequestHandler.cs (ConvertSigningKey) when migrating to .NET 8 #725

Closed poulsen-diana closed 3 weeks ago

poulsen-diana commented 2 months ago

SimpleIdServer version 4.0.4

Receiving the following error trying to migrate a .NET 7 solution to .NET 8:

System.TypeLoadException HResult=0x80131522 Message=Could not load type 'System.IdentityModel.Tokens.Jwt.JsonExtensions' from assembly 'System.IdentityModel.Tokens.Jwt, Version=7.4.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'. Source=SimpleIdServer.IdServer StackTrace: at SimpleIdServer.IdServer.Api.Jwks.JwksRequestHandler.<Get>g__ConvertSigningKey|2_0(SigningCredentials signingCredentials) in SimpleIdServer.IdServer.Api.Jwks\JwksRequestHandler.cs:line 39 at SimpleIdServer.IdServer.Api.Jwks.JwksRequestHandler.Get(String realm) in SimpleIdServer.IdServer.Api.Jwks\JwksRequestHandler.cs:line 26

Details:

  1. Upgraded all Microsoft.AspNetCore., Microsoft.EntityFrameworkCore., and Microsoft.Extensions.* package references to version 8.0.0 when migrating the solution from .NET 7 to .NET 8
  2. Two of those packages, Microsoft.AspNetCore.Authentication.JwtBearer and Microsoft.AspNetCore.Authentication.OpenIdConnect have a dependency on Microsoft.IdentityModel.Protocols.OpenIdConnect (>= 7.0.3)
  3. That package has a dependency on System.IdentityModel.Tokens.Jwt (>= 7.0.3)
  4. Stepped through code and determined the error is occurring in SimpleIdServer.IdServer.Api.Jwks.JwksRequestHandler.Get -- specifically in the Convert...Key methods: 
    
JsonObject ConvertSigningKey(SigningCredentials signingCredentials)
{
var publicJwk = signingCredentials.SerializePublicJWK();
return JsonNode.Parse(JsonExtensions.SerializeToJson(publicJwk)).AsObject();
}

JsonObject ConvertEncryptionKey(EncryptingCredentials encryptingCredentials) { var publicJwk = encryptingCredentials.SerializePublicJWK(); return JsonNode.Parse(JsonExtensions.SerializeToJson(publicJwk)).AsObject(); }


Erroring on: **return JsonNode.Parse(JsonExtensions.SerializeToJson(publicJwk)).AsObject();** 
5. Checked the source code for [System.IdentityModel.Tokens.Jwt.JsonExtensions (v 7.0.3)](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/tree/rel/7.0.3/src/System.IdentityModel.Tokens.Jwt) to try to find the issue and found there is no JsonExtensions.cs
6. Tracked back through their repo to find that the file was removed in v 7.0.0 (when they moved from Newtonsoft.Json to System.Text.Json)
7. SimpleIdServer.IdServer is using an earlier version of System.IdentityModel.Tokens.Jwt (6.26.0) - pulled down the latest from SimpleIdServer 4.0.7 to verify the version is still at 6.26.0 to see if we needed to upgrade SimpleIdServer (trying not to do that given time constraints), but 4.0.7 is still referencing 6.26.0

Believe the issue is a package version mismatch that I could use help resolving. 

Questions/Comments:

1. Is there a current workaround for this? I tried to go through all of the issues/PRs here, and I didn't find anything (apologies if I did not look long enough)
2. I noticed in SimpleIdServer.IdServer.Domains that there is a JsonSerializerExtension.cs using System.Text.Json that might work in place of the System.IdentityModel.Tokens.Jwt.JsonExtensions call
3. Is it at all possible that v 4.0.4 could get a patch to fix this package issue if a workaround hasn't already been determined?
simpleidserver commented 2 months ago

Hello,

We have made some modifications in the release/4.0.4 branch to migrate the startup project from dotnet7 to dotnet8. You can take a look at our modifications here:

The nuget package Microsoft.AspNetCore.Authentication.JwtBearer is no longer used. Instead, we are using the Nuget package AspNetCore.Authentication.ApiKey to check the API Key. Additionally, the functions ConvertSigningKey and ConvertEncryptionKey can be removed.

By the way, all projects will be migrated to DOTNET8 in the next release 5.0.0.

poulsen-diana commented 2 months ago

We are using the SimpleIdServer.IdServer project and not SimpleIdServer.Scim. I may be able to leverage these changes, but I don't see any updates to the Startup.cs file linked above.

simpleidserver commented 2 months ago

Apologies for my misunderstanding :(

I have made some modifications in the release/4.0.4 branch to migrate the SimpleIdServer projects to DOTNET8.

All Nuget packages will be migrated to DOTNET8 in release 5.0.0 :)

https://github.com/simpleidserver/SimpleIdServer/commit/07122474763720d8c438748bfc110c0fa95c060f

simpleidserver commented 3 weeks ago

All the projects have been migrated to DOTNET 8. You can use the version 5.0.0

poulsen-diana commented 3 weeks ago

Awesome. Also thank you so much for taking the time to update the 4.0.4 branch for us prior to the release.