Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Consider adding a TokenType property to SecurityTokenDescriptor
See original GitHub issueWhen creating an encrypted JWT using the CreateToken(SecurityTokenDescriptor tokenDescriptor) API, the headers added to SecurityTokenDescriptor.AdditionalHeaderClaims are only used for the JWE container and not the JWS. If you want to assign the JWS a specific typ, you must first create an unencrypted token with AdditionalHeaderClaims populated and then encrypt it manually, potentially with AdditionalHeaderClaims populated too if you want both the JWE and the JWS to have a typ header.
This procedure is a bit counter-intuitive and frankly error-prone. Things would be much simpler if SecurityTokenDescriptor had a TokenType property that would be used when creating both the JWS and the JWE.
Issue Analytics
- State:
- Created 3 years ago
- Comments:7 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@kevinchalet good idea. I marked this for 6.6.0.
Yep, overthinking it. We can cover it in comments.
@kevinchalet thanks for your help.