科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>c# - JWT Authentication - The Token's Kid is missing - Stack Overflow

    c# - JWT Authentication - The Token's Kid is missing - Stack Overflow

    programmeradmin3浏览0评论

    I am trying to use my JWT token to authorise a user when accessing certain endpoints. I am using a HS256 JWT Token,so there is no kid in the header. Version of Nuget Packages: System.IdentityModel.Token.Jwt - 8.5.0 Microsoft.AspNetCore.Authentication.JwtBearer - 8.0.13

    When I try to hit my endpoint via postman with my JWT token in the header, I am getting this error:

    Failed to validate the token. Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10517: Signature validation failed. The token's kid is missing. Number of keys in TokenValidationParameters: '1'. Number of keys in Configuration: '0'.

    Here is my Authentication in Program.cs

    var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("key-here"));


builder.Services.AddAuthentication()
    .AddJwtBearer(x =>
    {
        x.RequireHttpsMetadata = false;
        x.Authority = "my-authority";
        x.SaveToken = true;
        x.TokenValidationParameters = new TokenValidationParameters
        {
            ValidIssuer = "my-issuer",
            ValidateIssuerSigningKey = true,
            IssuerSigningKey = secretKey,
            ValidateIssuer = false,
            RequireExpirationTime = false,
            ValidateLifetime = true,
            ValidateAudience = false,
            TryAllIssuerSigningKeys = true,
            RequireSignedTokens = true,
        };


    });

    Do I need to manually create a fake kid to add to the header? I thought this was fixed in System.IdentityModel.Token.Jwt version 8.2.0

    Thanks for the help

    I am trying to use my JWT token to authorise a user when accessing certain endpoints. I am using a HS256 JWT Token,so there is no kid in the header. Version of Nuget Packages: System.IdentityModel.Token.Jwt - 8.5.0 Microsoft.AspNetCore.Authentication.JwtBearer - 8.0.13

    When I try to hit my endpoint via postman with my JWT token in the header, I am getting this error:

    Failed to validate the token. Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10517: Signature validation failed. The token's kid is missing. Number of keys in TokenValidationParameters: '1'. Number of keys in Configuration: '0'.

    Here is my Authentication in Program.cs

    var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("key-here"));


builder.Services.AddAuthentication()
    .AddJwtBearer(x =>
    {
        x.RequireHttpsMetadata = false;
        x.Authority = "my-authority";
        x.SaveToken = true;
        x.TokenValidationParameters = new TokenValidationParameters
        {
            ValidIssuer = "my-issuer",
            ValidateIssuerSigningKey = true,
            IssuerSigningKey = secretKey,
            ValidateIssuer = false,
            RequireExpirationTime = false,
            ValidateLifetime = true,
            ValidateAudience = false,
            TryAllIssuerSigningKeys = true,
            RequireSignedTokens = true,
        };


    });

    Do I need to manually create a fake kid to add to the header? I thought this was fixed in System.IdentityModel.Token.Jwt version 8.2.0

    Thanks for the help

    • c#
    • authentication
    • jwt
    Share Improve this question edited Feb 17 at 15:17 jps 22.5k16 gold badges88 silver badges105 bronze badges asked Feb 17 at 12:23 CSharp Dev 12CSharp Dev 12 11 bronze badge New contributor CSharp Dev 12 is a new contributor to this site. Take care in asking for clarification, commenting, and answering. Check out our Code of Conduct. 9
    • What version of MIcrosoft.AspNetCore.Authentication.JwtBearer package are you using? I've replicated your exact same configuration and it works on 8.0.12. Could you also provide the code section that is generating the JWT token please? – hello-there-general-kenobi Commented Feb 17 at 15:38
    • Hi there, I'm using 8.0.13. I don't have access/can't share the creation of JWT but I am getting it from our site, the code worked fine with an older version of .Net but when we updated this as appeared. If it helps we are using YARP to redirect calls to the webapi, but unsure if that has any affect on authentication. I have checked on jwt.io that my token + the key give a verified signature. – CSharp Dev 12 Commented Feb 17 at 15:57
    • What headers have you set on your postman request? – hello-there-general-kenobi Commented Feb 17 at 16:06
    • Just Authorization as the Key. Then Bearer actual jwt token in the Value – CSharp Dev 12 Commented Feb 17 at 16:10
    • Is the key used for the token generation the same as the one used for token's decryption? – hello-there-general-kenobi Commented Feb 17 at 16:22
     |  Show 4 more comments

    1 Answer 1

    Reset to default 0

    try to remove the x.Authority = "my-authority"; property. Setting it will signal to JwtBearer to download the keys and discovery document from your token service.

    Define the secret key using

    var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("your-secret-key"));

    Also, add this to the TokenValidationParameters

    ValidAlgorithms = new[] { SecurityAlgorithms.HmacSha256 }

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论