1. 首页
  2. 问答
  3. TypeLoadException与与JWT身份验证相关的AsymmetricSignatureProvider

TypeLoadException与与JWT身份验证相关的AsymmetricSignatureProvider

2016-05-31 92 views
1

我有一个ASP.NET 5/Core RC1 MVC(WebApi)应用程序与auth0进行接口,以使用JWT令牌进行承载身份验证。该应用程序使用dnx451作为框架(由于不受支持的依赖关系而不是CoreCLR)。TypeLoadException与与JWT身份验证相关的AsymmetricSignatureProvider

在Windows上运行应用程序时,它工作得很好。 但是我想在Ubuntu上使用Mono作为运行时运行它dnx451。在那里,应用程序运行,但只要我向它发出请求,它就会返回Internal Server Error 500

日志输出:

info: Microsoft.AspNet.Hosting.Internal.HostingEngine[3] 
     Request finished in 0.0006ms 500 
fail: Microsoft.AspNet.Server.Kestrel[13] 
     An unhandled exception was thrown by the application. 
     System.IdentityModel.Tokens.SecurityTokenInvalidSignatureException: IDX10503: Signature validation failed. Keys tried: 'System.IdentityModel.Tokens.X509SecurityKey , KeyId: MTZBREFEQ0M5NUQ2RDY3RDkzM0E0RDYwMDdCM0I4QUY1MDc3RUNDNA 
     '. 
     Exceptions caught: 
     'System.TypeLoadException: Could not load type 'System.IdentityModel.Tokens.AsymmetricSignatureProvider' from assembly 'System.IdentityModel.Tokens, Version=5.0.0.112, Culture=neutral, PublicKeyToken=31bf3856ad364e35'. 
     at System.IdentityModel.Tokens.SignatureProviderFactory.CreateForVerifying (System.IdentityModel.Tokens.SecurityKey key, System.String algorithm) <0x4067def0 + 0x0001b> in <filename unknown>:0 
     at System.IdentityModel.Tokens.X509SecurityKey.GetSignatureProvider (System.String algorithm, Boolean verifyOnly) <0x4067de30 + 0x00057> in <filename unknown>:0 
     at System.IdentityModel.Tokens.SecurityKey.GetSignatureProviderForValidating (System.String algorithm) <0x4067de00 + 0x0001a> in <filename unknown>:0 
     at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature (System.Byte[] encodedBytes, System.Byte[] signature, System.IdentityModel.Tokens.SecurityKey key, System.String algorithm) <0x4067dcb0 + 0x0003f> in <filename unknown>:0 
     at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature (System.String token, System.IdentityModel.Tokens.TokenValidationParameters validationParameters) <0x40679070 + 0x004b3> in <filename unknown>:0 
     '. 
     token: '{"alg":"RS256","typ":"JWT","kid":"MTZBREFEQ0M5NUQ2RDY3RDkzM0E0RDYwMDdCM0I4QUY1MDc3RUNDNA"}.{"iss":"**********","sub":"*****************","aud":"****************","exp":1464737848,"iat":1464701848}' 
     at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature (System.String token, System.IdentityModel.Tokens.TokenValidationParameters validationParameters) <0x40679070 + 0x0096b> in <filename unknown>:0 
     at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken (System.String token, System.IdentityModel.Tokens.TokenValidationParameters validationParameters, System.IdentityModel.Tokens.SecurityToken& validatedToken) <0x406782f0 + 0x0021d> in <filename unknown>:0 
     at Microsoft.AspNet.Authentication.JwtBearer.JwtBearerHandler+<HandleAuthenticateAsync>d__1.MoveNext() <0x41f5bcf0 + 0x011c4> in <filename unknown>:0

这是单声道/ ASP.NET 5一般不兼容或者是有什么关系呢?

来源

2016-05-31 valorl

+0

你使用的是哪个版本的ubuntu和哪个版本的mono? – user1623521

+0

'单声道JIT编译器版本4.2.3(稳定的4.2.3.4/832de4b)'和'Ubuntu 14.04.4 LTS' – valorl

+0

你是如何在这样一个老发行版中安装这样的现代单声道的? – user1623521

回答

1

该问题只发生,因为AsymmetricSignatureProvider有窗户编组即使您正在使用SymmetricSecurityKey加载。如果你乐于使用这里SymmetricSecurityKey是一种变通方法:

signingKey.CryptoProviderFactory = new MonoFriendlyCryptoProviderFactory(_LoggerFactory.CreateLogger<MonoFriendlyCryptoProviderFactory>()); 


public class MonoFriendlyCryptoProviderFactory : CryptoProviderFactory 
{ 
    private readonly ILogger _Logger; 

    public MonoFriendlyCryptoProviderFactory(ILogger logger) 
    { 
     _Logger = logger; 
    } 

    public override SignatureProvider CreateForSigning(SecurityKey key, string algorithm) 
    { 
     return CreateProvider(key, algorithm, true); 
    } 

    public override SignatureProvider CreateForVerifying(SecurityKey key, string algorithm) 
    { 
     return CreateProvider(key, algorithm, false); 
    } 

    private SignatureProvider CreateProvider(SecurityKey key, string algorithm, bool willCreateSignatures) 
    { 
     _Logger?.LogDebug($"Creating {algorithm} provider for {key.KeyId} for {(willCreateSignatures ? "signing" : "verifying")}"); 
     if (key == null) 
      throw new ArgumentNullException(nameof(key)); 
     if (string.IsNullOrWhiteSpace(algorithm)) 
      throw new ArgumentNullException(nameof(algorithm)); 

     //AsymmetricSecurityKey asymmetricSecurityKey = key as AsymmetricSecurityKey; 
     //if (asymmetricSecurityKey != null) 
     // return new AsymmetricSignatureProvider(asymmetricSecurityKey, algorithm, willCreateSignatures, this.AsymmetricAlgorithmResolver); 
     SymmetricSecurityKey symmetricSecurityKey = key as SymmetricSecurityKey; 
     if (symmetricSecurityKey != null) 
      return new SymmetricSignatureProvider(symmetricSecurityKey, algorithm); 
     JsonWebKey jsonWebKey = key as JsonWebKey; 
     if (jsonWebKey != null && jsonWebKey.Kty != null) 
     { 
      //if (jsonWebKey.Kty == "RSA" || jsonWebKey.Kty == "EC") 
      // return new AsymmetricSignatureProvider(key, algorithm, willCreateSignatures, this.AsymmetricAlgorithmResolver); 
      if (jsonWebKey.Kty == "oct") 
       return new SymmetricSignatureProvider(key, algorithm); 
     } 
     throw new ArgumentException($"{typeof(SignatureProvider)} supports: '{typeof(SecurityKey)}' of types: '{typeof(AsymmetricSecurityKey)}' or '{typeof(AsymmetricSecurityKey)}'. SecurityKey received was of type: '{key.GetType()}'."); 
    } 
}

这是除如果您不使用AsymmetricSecurityKey它没有功能注释掉部分相同的Microsoft.IdentityModel.Tokens的RC2版本。

net45x是自dnx被删除以来,唯一的选择,各种驱动程序将不会针对coreclr几个月。

来源

2016-06-14 02:45:59 KCD

相关问题

 相关问题