1. 技术文章
  2. DNX Core 5.0 JwtSecurityTokenHandler “IDX10640: Algorithm is not supported: 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256'”

DNX Core 5.0 JwtSecurityTokenHandler “IDX10640: Algorithm is not supported: 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256'”

[亡魂溺海] 提交于 2019-12-21 05:05:52

问题


I'm trying to implement JWT tokens but keep running into the following exception: IDX10640: Algorithm is not supported: 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256' when trying to write the token to compact json string.

const string issuer = "issuer";
const string audience = "audience";
byte[] keyForHmacSha256 = new byte[32];
new Random().NextBytes(keyForHmacSha256);

var claims = new List<Claim> { new Claim("deviceId", "12") };
var now = DateTime.UtcNow;
var expires = now.AddHours(1);
var signingCredentials = new SigningCredentials(
    new SymmetricSecurityKey(keyForHmacSha256), 
    SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest);

var token = new JwtSecurityToken(issuer, audience, claims, now, expires, signingCredentials);
return _tokenHandler.WriteToken(token);

Any ideas on solving this?

Update 1:

The error above occurs with "System.IdentityModel.Tokens.Jwt": "5.0.0-beta7-208241120"

Update 2:

Updated code


回答1:


We don't have support for symmetric keys right now. Hope to get that in soon.




回答2:


Support will be in the RC2 release. Tested with the nightly nuget packages from http://myget.org/gallery/azureadwebstacknightly

Only slight code changes needed to get everything to work

const string issuer = "issuer";
const string audience = "audience";
var keyForHmacSha256 = Encoding.ASCII.GetBytes("<tokenSecret>");
var key = new SymmetricSecurityKey(keyForHmacSha256);
var claims = new List<Claim> { new Claim("deviceId", "12") };
var now = DateTime.UtcNow;
var expires = now.AddHours(1);
var signingCredentials = new SigningCredentials(key, SecurityAlgorithms.HMAC_SHA256);

var token = new JwtSecurityToken(issuer, audience, claims, now, expires, signingCredentials);
return _tokenHandler.WriteToken(token);

Validating the token can be done with the next bit of code

SecurityToken securityToken;
var validationParameters = new TokenValidationParameters
{
    ValidateLifetime = true,
    ValidateAudience = true,
    ValidateIssuer = true,
    RequireExpirationTime = true,
    ValidateSignature = true,
    ValidAudience = audience,
    ValidIssuer = issuer,
    IssuerSigningKey = key,
    RequireSignedTokens = true,
    ValidateIssuerSigningKey = true               
};

tokenHandler.ValidateToken(token, validationParameters, out securityToken);


来源:https://stackoverflow.com/questions/32438878/dnx-core-5-0-jwtsecuritytokenhandler-idx10640-algorithm-is-not-supported-htt

标签
c#
json
jwt
adal
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!