It never caused a problem for me to implement JwtBearer token validator, but this time it is really take my time to troubleshoot what's going on. Long story short, there's a breaking change going to .NET 8 and on top of that, the default package version doesn't solve the issue.
Here's how I implement my service:
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => ...removed for brevity);
services.AddAuthorization();
...
app.UseAuthentication();
app.UseAuthorization();But checking the bearer token, it was a completely valid token. I retrieved the token using a quick custom middleware.
app.Use(async (context, next) =>
{
await next.Invoke();
Debug.WriteLine(context.Request.Headers.Authorization);
});
app.UseAuthentication();
...
Then I validate the token in https://jwt.io.
The error that I received contains:
IDX14100: JWT is not well formed, there are no dots (.). The token needs to be in JWS or JWE Compact Serialization Format.
On top of that, the browser response header has the following header:
WWW-Authenticate: Bearer error="invalid_token"
Searching online, the most helpful hint is probably this thread: https://github.com/dotnet/aspnetcore/issues/52075
There are some suggestions in there, but the one that finally solves my problem is the fact that the following package version doesn't work:
Microsoft.IdentityModel.Protocols.OpenIdConnect 7.1.2
It was a transitive package and I have to upgrade it by installing the latest version, as of this time 8.1.0.
And that fixed my issue without any code change.
No comments:
Post a Comment