I am running the ASP.Net Core Zero 3.0 project with Angular, and I have a client application that uses it as a login provider and a user store. The client app, TRX, has a method that calls the user list after gaining an access token via a password token request. The token request itself works, and returns the access token which I then attach to the request for the user list, pretty much the same way that the Client app within the ASP Net zero project does:
private static async Task<string> GetAccessTokenViaOwnerPasswordAsync()
{
var client = new HttpClient();
var disco = await client.GetDiscoveryDocumentAsync(ServerUrlBase);
if (disco.IsError)
{
throw new Exception(disco.Error);
}
client.DefaultRequestHeaders.Add(TenantConstants.Tenant1, "1"); //Set TenantId
var tokenResponse = await client.RequestPasswordTokenAsync(new PasswordTokenRequest
{
Address = disco.TokenEndpoint,
ClientId = "client",
ClientSecret = "secret",
Scope = "default-api",
UserName = "username",
Password = "password"
});
if (tokenResponse.IsError)
{
Console.WriteLine("Error: ");
Console.WriteLine(tokenResponse.Error);
}
Console.WriteLine(tokenResponse.Json);
return tokenResponse.AccessToken;
}
...
private static async Task<PagedResultDto<UserListDto>> GetUsersListAsync(string accessToken)
{
// ReSharper disable once ConvertToUsingDeclaration
using (var client = new HttpClient())
{
client.SetBearerToken(accessToken);
try
{
var response = await client.GetAsync($"{ServerUrlBase}api/services/app/user/getUsers");
if (!response.IsSuccessStatusCode)
{
Console.WriteLine(response.StatusCode);
return null;
}
var content = await response.Content.ReadAsStringAsync();
var ajaxResponse = JsonConvert.DeserializeObject<AjaxResponse<PagedResultDto<UserListDto>>>(content);
if (!ajaxResponse.Success)
{
throw new Exception(ajaxResponse.Error?.Message ?? "Remote service throws exception!");
}
Console.WriteLine();
Console.WriteLine("Total user count: " + ajaxResponse.Result.TotalCount);
Console.WriteLine();
foreach (var user in ajaxResponse.Result.Items)
{
Console.WriteLine($"### UserId: {user.Id}, UserName: {user.UserName}");
Console.WriteLine(user.ToJsonString(indented: true));
}
return ajaxResponse.Result;
}
catch (Exception exception)
{
Console.WriteLine(exception);
throw;
}
}
}
And when it hits ValidateToken, during the user list GET request, it errors out with this error:
IDX10501: Signature validation failed. Unable to match key: kid: '{key here}'
I have looked around to see what this might be caused by, and at the very least I know it means that the key does not match the validationParameters that it is checking against, but I have not been able to determine why, or what could fix this.
I would appreciate any help that can be provided for this issue.
public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken)
...
var principal = _tokenHandler.ValidateToken(securityToken, validationParameters, out validatedToken); //error here
2 Answer(s)
-
0
This error will only appear in the log and will not cause your application to fail.
Can I check it remotely? Please send teamviewer connection information to [email protected]
-
0
This issue is closed because it has not had recent activity for a long time.
