【发布时间】:2015-06-04 22:06:35
【问题描述】:
尝试验证令牌时出现以下异常的原因可能是什么。
TokenValidationParameters validationParameters = new TokenValidationParameters();
validationParameters.ValidIssuers = new List<string>() { "http://www.company.com" };
validationParameters.IssuerSigningToken = new RsaSecurityToken(
(System.Security.Cryptography.RSACryptoServiceProvider) Certificate.Get().PublicKey.Key);
SecurityToken securityToken = null;
var claimsPrincipal =
(FederatedAuthentication
.FederationConfiguration
.IdentityConfiguration
.SecurityTokenHandlers
.First() as JwtSecurityTokenHandler)
.ValidateToken(tokenString, validationParameters, out securityToken);
错误:
IDX10500: Signature validation failed. Unable to resolve SecurityKeyIdentifier:
'SecurityKeyIdentifier
(
IsReadOnly = False,
Count = 2,
Clause[0] = X509ThumbprintKeyIdentifierClause(
Hash = 0x6B7ACC520305BFDB4F7252DAEB2177CC091FAAE1),
Clause[1] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause
)
',
token: '{"typ":"JWT","alg":"RS256","
【问题讨论】:
-
stackoverflow.com/questions/24657307/… 可能会提供一些有趣的细节
-
您尝试用来验证令牌的证书是否安装在根证书存储区(如果它的开发证书)?
-
你的令牌有“孩子”属性吗?
标签: c# .net security wcf-security jwt