签名验证失败。无法匹配“孩子”

【问题标题】:Signature validation failed. Unable to match 'kid'签名验证失败。无法匹配“孩子”
【发布时间】:2018-02-19 08:54:08
【问题描述】:

我使用 identityserver4 进行 SSO 问题是每当我重新启动 identityserver 客户端应用程序时,第一次出现异常消息时出现异常

发生了未处理的异常:未处理的远程故障。 (IDX10501:签名验证失败。无法匹配“孩子”: 'e57439c26753f8a940888050ab3860fa', 令牌:'{"alg":"RS256","typ":"JWT","kid":"e57439c26753f8a940888050ab3860fa"}.{"nbf":1505114113,"exp":1505114413,"iss":"http://recruiterinsider-qa.wiseatom.com:85 “ ”澳元“: ”empite.rip“, ”随机数“: ”636407108987016790.OTIyYzNhOGYtZmY1OS00NDQyLThmNDUtYWNkOTA1NDEyM2JmYTlkYWRjNDMtNDRmMC00YmQxLWI2MGQtOTI2MDYzNDYxMTUy“, ”IAT“:1505114113, ”c_hash“: ”Bc0qZ4ezhn0-WB-e9rDp8g“, ”SID“: ”135b1b1f352674ab3b80846fef6ad0d8“,” 子":"94e570f7-920f-426e-b0db-e4f871323149","auth_time":1505114112,"idp":"local","amr":["pwd"]}'.) System.AggregateException:未处理的远程故障。 (IDX10501: 签名验证失败。无法匹配“孩子”: 'e57439c26753f8a940888050ab3860fa',令牌: '{"alg":"RS256","typ":"JWT","kid":"e57439c26753f8a940888050ab3860fa"}.{"nbf":1505114113,"exp":1505114413,"iss":"http://recruiterinsider-qa.wiseatom.com:85", “AUD”: “empite.rip”, “随机数”: “636407108987016790.OTIyYzNhOGYtZmY1OS00NDQyLThmNDUtYWNkOTA1NDEyM2JmYTlkYWRjNDMtNDRmMC00YmQxLWI2MGQtOTI2MDYzNDYxMTUy”, “IAT”:1505114113, “c_hash”: “Bc0qZ4ezhn0-WB-e9rDp8g”, “SID”: “135b1b1f352674ab3b80846fef6ad0d8”, “子”: "94e570f7-920f-426e-b0db-e4f871323149","auth_time":1505114112,"idp":"local","amr":["pwd"]}'.) ---> Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10501:签名验证失败。无法匹配“孩子”: 'e57439c26753f8a940888050ab3860fa',令牌: '{"alg":"RS256","typ":"JWT","kid":"e57439c26753f8a940888050ab3860fa"}.{"nbf":1505114113,"exp":1505114413,"iss":"http://recruiterinsider-qa.wiseatom.com:85", “AUD”: “empite.rip”, “随机数”: “636407108987016790.OTIyYzNhOGYtZmY1OS00NDQyLThmNDUtYWNkOTA1NDEyM2JmYTlkYWRjNDMtNDRmMC00YmQxLWI2MGQtOTI2MDYzNDYxMTUy”, “IAT”:1505114113, “c_hash”: “Bc0qZ4ezhn0-WB-e9rDp8g”, “SID”: “135b1b1f352674ab3b80846fef6ad0d8”, “子”: "94e570f7-920f-426e-b0db-e4f871323149","auth_time":1505114112,"idp":"local","amr":["pwd"]}'。 在 System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(字符串 令牌,令牌验证参数验证参数)在 System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(字符串 令牌、TokenValidationParameters 验证参数、SecurityToken& 验证令牌)在 Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.ValidateToken(字符串 idToken、AuthenticationProperties 属性、 TokenValidationParameters 验证参数,JwtSecurityToken& jwt) 在 Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.d__20.MoveNext() --- 内部异常堆栈跟踪结束 --- 在 Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler1.<HandleRemoteCallbackAsync>d__6.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler1.d__5.MoveNext() --- 从先前抛出异常的位置结束堆栈跟踪 --- 在 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务 任务)在 System.Runtime.CompilerServices.TaskAwaiter1.GetResult() at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.<HandleRequestAsync>d__15.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware1.d__18.MoveNext() --- 从先前抛出异常的位置结束堆栈跟踪 --- 在 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 在 Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.d__18.MoveNext() --- 从先前抛出异常的位置结束堆栈跟踪 --- 在 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务 任务)

所以我将AddTemporarySigningCredential 更改为AddDeveloperSigningCredential 仍然在我重新启动身份服务器时出现错误

如何解决这个问题?

【问题讨论】:

标签: c# asp.net-core identityserver4


【解决方案1】:

您的问题可能与此有关。检查official docs

在开发过程中,您有时可能会看到异常说明 无法验证令牌。这是因为 签名密钥材料是动态创建的,并且仅保存在内存中。 当客户端和 IdentityServer 退出时会发生此异常 同步。只需在客户端重复操作,下次 元数据已赶上,一切都应该再次正常工作。

【讨论】:

  • 那么解决办法是什么?
猜你喜欢
  • 2020-12-28
  • 2020-03-10
  • 2018-07-23
  • 2020-07-15
  • 2020-11-14
  • 2023-03-06
  • 2018-12-15
  • 2020-10-01
  • 1970-01-01
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode