Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is there any way I can support JWTSecurityTokenHandler on WIF 4.5?

Tags:

c#

asp.net-web-api

jwt

wif

I wanted to support JWT(Json Web Token) on my WebAPI application that uses WIF 4.5.

I'm using the System.IdentityModel.Tokens.Jwt 5.0.0 nuget package that has a JWTSecurityTokenHandler that seems to integrate with older versions of WIF.

The problem is that the handler derives the Microsoft.IdentityModel.Tokens.SecurityTokenHandler and not from System.IdentityModel.Tokens.SecurityTokenHandler as the config section expects.

I therefore get an understandable exception:

Parser Error Message: ID1029: The custom type is not suitable because it does not extend the correct base class.
CustomType: 'System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler, System.IdentityModel.Tokens.Jwt, Version=5.0.0.127, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
BaseClass: 'System.IdentityModel.Tokens.SecurityTokenHandler'

My configuration looks like:

<system.identityModel>
        <identityConfiguration>
            <audienceUris>
                <add value="http://localhost:49482/" />
            </audienceUris>
            <securityTokenHandlers>
                <add type="System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler, System.IdentityModel.Tokens.Jwt" />
                <securityTokenHandlerConfiguration>
                    <certificateValidation certificateValidationMode="PeerTrust" />
                </securityTokenHandlerConfiguration>
            </securityTokenHandlers>
        </identityConfiguration>
</system.identityModel>

How can I support JWT on WIF 4.5? Is there any way I can use this package for doing that? Am I doing something wrong?

like image 300
Amir Popovich Avatar asked Jan 28 '26 13:01

Amir Popovich

1 Answers

This package is written against .net standard 1.4, which does not include the System.IdentityModel APIs, so the package does not have integration with WIF.

Based on https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/94 if you want to use System.IdentityModel through the WIF configuration, you'll need to go back to version 3.x of the package.

You could of course always write your own System.IdentityModel.Tokens.SecurityTokenHandler implementation which wrap Microsoft.IdentityModel.Tokens.SecurityTokenHandle

like image 90
Alex Avatar answered Jan 30 '26 01:01

Alex
Sign in to Comment

Related questions

Explain weird behavior of C# TcpClient/TcpListener on NetCore

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!