Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
ASP.NET Core 2.2 Signature validation failed in JwtBearer Authentication (just in Linux/MacOS)
See original GitHub issueDescribe the bug
After updating to 2.2 RSA signature cant’ be verify in Linux and MacOS ( in windows it is ok). I use this code in the startup to set authentication:
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultSignInScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(config =>
{
config.Events = new API.Core.Security.JwtBearerEvents();
config.RequireHttpsMetadata = !CurrentEnvironment.IsDevelopment();
config.IncludeErrorDetails = CurrentEnvironment.IsDevelopment();
config.SaveToken = true;
config.TokenValidationParameters = new TokenValidationParameters()
{
RequireSignedTokens = true,
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
ValidateAudience = false,
ValidateIssuer = false,
IssuerSigningKey = new RsaSecurityKey(rsa)
};
});
After update in any endpoint with [Authorize] attribute in Linux or MacOS authentication middleware throw can’t verify signature error.
in Older version or in windows it works just fine.
To Reproduce
Steps to reproduce the behavior:
- Using this version of ASP.NET Core ‘2.2.101’
- Add AddJwtBearer in Authentication
- Run in Linux/MacOs
- Call endpoint with
[Authorize] - See the error
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:10 (7 by maintainers)
Top Results From Across the Web
ASP.NET Core 2.2 Signature validation failed in JwtBearer ...
I use this code in the startup to set authentication: services.AddAuthentication(options => { options.DefaultAuthenticateScheme ...
Read more >JWT Invalid Signature on Linux Container .Net Core 2.2
I have been working on implementing JWT bearer based authentication. I am trying to fetch public keys from Auth server JWKS URL and...
Read more >ASP.NET Core Web API: Troubleshooting
Signature verification : Check if the JWT is correctly signed with the key issued by the issuing authority. Issuer value: The Issuer is...
Read more >Failed to validate token in .NET Core 2.1 Web API
AspNetCore.Authentication.JwtBearer.JwtBearerHandler: Failed to validate the token. Microsoft.IdentityModel.Tokens.
Read more >JWT Validation and Authorization in ASP.NET Core
The JWT bearer authentication middleware will use this URI to find and retrieve the public key that can be used to validate the...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Update your IdentityModel dependencies to 5.4. https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/1067#issuecomment-456445438
Sorry for the confusion, we must have mis-understood it. Re-opening so we can evaluate again.