C# 从Google检索JWT+;不会验证
我目前正在和一个JWT做斗争,我从google+登录服务收到这个JWT。我正在尝试使几个身份验证服务与我的解决方案兼容,但我从google获得的JWT似乎与我从Auth0检索到的JWT的工作方式不同 进行了模拟行为的测试:C# 从Google检索JWT+;不会验证,c#,google-oauth,owin,jwt,katana,C#,Google Oauth,Owin,Jwt,Katana,我目前正在和一个JWT做斗争,我从google+登录服务收到这个JWT。我正在尝试使几个身份验证服务与我的解决方案兼容,但我从google获得的JWT似乎与我从Auth0检索到的JWT的工作方式不同 进行了模拟行为的测试: public void TestMethod1() { var handler = new JwtTokensConfig.MyJwtSecurityTokenHandler(); const string encodedToken =
public void TestMethod1()
{
var handler = new JwtTokensConfig.MyJwtSecurityTokenHandler();
const string encodedToken = <JWT>;
const string issuer = "accounts.google.com";
IIssuerSecurityTokenProvider provider = new SymmetricKeyIssuerSecurityTokenProvider(issuer,
new FederationConfig.SymetricKey {Base64Url = <SECRET>}.Bytes);
var securityToken = provider.SecurityTokens.First();
var validationParameters = new TokenValidationParameters()
{
ValidIssuer = issuer,
AllowedAudience = "<CLIENTID>,
SigningToken = securityToken
};
handler.ValidateToken(encodedToken, validationParameters);
}
我怀疑这可能与Google JWT返回的解码算法为“alg”:“RS256”有关,但我不能肯定。我从Auth0得到的那一个很好用
我获取令牌的方法是使用google+登录方法(),然后将JWT传递到另一个回调站点。此页面已添加到google项目上的重定向URI中
如果你看到什么东西不见了,请告诉我!非常感谢您的反馈
Test method UnitTestProject1.UnitTest1.TestMethod1 threw exception:
System.IdentityModel.Tokens.SecurityTokenValidationException: Jwt10316: Signature validation failed. Keys tried: 'System.IdentityModel.Tokens.InMemorySymmetricSecurityKey'.
Exceptions caught:
'System.InvalidOperationException: Jwt10532: SymmetricSecurityKey.GetKeyedHashAlgorithm( 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' ) threw and exception.
SymmetricSecurityKey: 'System.IdentityModel.Tokens.InMemorySymmetricSecurityKey'
SignatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', check to make sure the SignatureAlgorithm is supported.
Exception: 'System.InvalidOperationException: Crypto algorithm 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' not supported in this context.
at System.IdentityModel.CryptoHelper.CreateKeyedHashAlgorithm(Byte[] key, String algorithm)
at System.IdentityModel.Tokens.InMemorySymmetricSecurityKey.GetKeyedHashAlgorithm(String algorithm)
at System.IdentityModel.Tokens.SymmetricSignatureProvider..ctor(SymmetricSecurityKey key, String algorithm)'. ---> System.InvalidOperationException: Crypto algorithm 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' not supported in this context.
at System.IdentityModel.CryptoHelper.CreateKeyedHashAlgorithm(Byte[] key, String algorithm)
at System.IdentityModel.Tokens.InMemorySymmetricSecurityKey.GetKeyedHashAlgorithm(String algorithm)
at System.IdentityModel.Tokens.SymmetricSignatureProvider..ctor(SymmetricSecurityKey key, String algorithm)
--- End of inner exception stack trace ---
at System.IdentityModel.Tokens.SymmetricSignatureProvider..ctor(SymmetricSecurityKey key, String algorithm)
at System.IdentityModel.Tokens.SignatureProviderFactory.CreateProvider(SecurityKey key, String algorithm, Boolean willCreateSignatures)
at System.IdentityModel.Tokens.SignatureProviderFactory.CreateForVerifying(SecurityKey key, String algorithm)
at System.IdentityModel.Tokens.JwtSecurityTokenHandler.ValidateSignature(SecurityKey key, String algorithm, Byte[] encodedBytes, Byte[] signature)
at System.IdentityModel.Tokens.JwtSecurityTokenHandler.ValidateSignature(JwtSecurityToken jwt, Byte[] encodedBytes, Byte[] signatureBytes, IEnumerable`1 signingTokens)