ASP.NET从Azure ACS(访问控制服务)处理JWT令牌

时间:2016-03-30 04:31:33

标签: c# asp.net .net azure accesscontrolservice

我正在尝试让我的ASP.NET应用程序处理来自ACS的JWT令牌,而不是 SAML 2.0 - 它完美无缺。

我已将web.config配置为使用System.IdentityModel.Tokens.Jwt中的默认Jwt处理程序,如下所示

<system.identityModel>
<identityConfiguration saveBootstrapContext="true">
  <audienceUris>
    <add value="http://localhost:57547/" />
  </audienceUris>
  <securityTokenHandlers>
         <add type="System.IdentityModel.Tokens.JwtSecurityTokenHandler, System.IdentityModel.Tokens.Jwt" />
           <securityTokenHandlerConfiguration>
              <certificateValidation certificateValidationMode="PeerTrust"/>

    </securityTokenHandlerConfiguration>

  </securityTokenHandlers>
  <issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">

    <authority name="https://nithish.accesscontrol.windows.net/">

      <keys>
        <add thumbprint="xxxx" />
        <add symmetricKey="xxxx" />
      </keys>
      <validIssuers>
        <add name="https://nithish.accesscontrol.windows.net/" />
      </validIssuers>
    </authority>
  </issuerNameRegistry>

  <issuerTokenResolver type="System.IdentityModel.Tokens.NamedKeyIssuerTokenResolver, System.IdentityModel.Tokens.Jwt">
    <securityKey symmetricKey="xxxx"
                  name="https://nithish.accesscontrol.windows.net/" />
  </issuerTokenResolver>
  <!--certificationValidationMode set to "None" by the the Identity and Access Tool for Visual Studio. For development purposes.-->
  <certificateValidation certificateValidationMode="None" />
</identityConfiguration>

                               

我收到如下错误

[NotSupportedException: IDX11008: This method is not supported to validate a 'jwt' use the method: ValidateToken(String, TokenValidationParameters, out SecurityToken).]
   System.IdentityModel.Tokens.JwtSecurityTokenHandler.ValidateToken(SecurityToken token) in c:\workspace\WilsonForDotNet45Release\src\System.IdentityModel.Tokens.Jwt\JwtSecurityTokenHandler.cs:641
   System.IdentityModel.Tokens.SecurityTokenHandlerCollection.ValidateToken(SecurityToken token) +73
   System.IdentityModel.Services.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri) +118
   System.IdentityModel.Services.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequestBase request) +489
   System.IdentityModel.Services.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args) +361
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +136
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69

更奇怪的是System.IdentityModel.Tokens.JwtSecurityTokenHandler.ValidateToken(SecurityToken token) in c:\workspace\WilsonForDotNet45Release\src\System.IdentityModel.Tokens.Jwt\JwtSecurityTokenHandler.cs:641
甚至不是我自己的源代码的有效文件位置。我不知道这个错误来自何处,似乎来自框架本身。

我做错了什么?

0 个答案:

没有答案
相关问题
最新问题