C# JWT签名验证失败
我在验证JWT签名时遇到了一个非常奇怪的错误,在本地运行web应用程序时效果很好,但是在部署到服务器时,我收到了这个错误: “消息:IDX10503:签名验证失败。尝试的密钥为:'System.IdentityModel.Tokens.InMemorySymetricSecurityKey\r\n'。\n捕获的异常:\n”“。\n标记:'{\'typ\':\'JWT\',\'alg\':\'HS256\'。” 我像这样创建我的令牌C# JWT签名验证失败,c#,.net,jwt,C#,.net,Jwt,我在验证JWT签名时遇到了一个非常奇怪的错误,在本地运行web应用程序时效果很好,但是在部署到服务器时,我收到了这个错误: “消息:IDX10503:签名验证失败。尝试的密钥为:'System.IdentityModel.Tokens.InMemorySymetricSecurityKey\r\n'。\n捕获的异常:\n”“。\n标记:'{\'typ\':\'JWT\',\'alg\':\'HS256\'。” 我像这样创建我的令牌 var securityKey = Encoding.UTF8.
var securityKey = Encoding.UTF8.GetBytes(secret);
var tokenHandler = new JwtSecurityTokenHandler();
// Token Creation
var now = DateTime.UtcNow;
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = identity,
TokenIssuerName = "self",
AppliesToAddress = "http://example.com",
Lifetime = new Lifetime(now, now.AddMinutes(2)),
SigningCredentials = new SigningCredentials(
new InMemorySymmetricSecurityKey(securityKey),
"http://www.w3.org/2001/04/xmldsig-more#hmac-sha256",
"http://www.w3.org/2001/04/xmlenc#sha256"),
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
// Create token validation parameters for the signed JWT
// This object will be used to verify the cryptographic signature of the received JWT
TokenValidationParameters validationParams =
new TokenValidationParameters()
{
ValidAudience = "http://example.com",
ValidIssuer = "self",
IssuerSigningToken = new BinarySecretSecurityToken(Encoding.UTF8.GetBytes(secret)),
};
var tokenHandler = new JwtSecurityTokenHandler();
// tokenHandler.ValidateToken(token, validationParams);
SecurityToken st;
principal = tokenHandler.ValidateToken(token, validationParams, out st);
return true;