Amir Popovich Amir Popovich - 1 year ago 152
C# Question

Is there any way I can support JWTSecurityTokenHandler on WIF 4.5?

I wanted to support JWT(Json Web Token) on my WebAPI application that uses WIF 4.5.

I'm using the System.IdentityModel.Tokens.Jwt 5.0.0 nuget package that has a

that seems to integrate with older versions of WIF.

The problem is that the handler derives the
and not from
as the config section expects.

I therefore get an understandable exception:

Parser Error Message: ID1029: The custom type is not suitable because it does not extend the correct base class.
CustomType: 'System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler, System.IdentityModel.Tokens.Jwt, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
BaseClass: 'System.IdentityModel.Tokens.SecurityTokenHandler'

My configuration looks like:

<add value="http://localhost:49482/" />
<add type="System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler, System.IdentityModel.Tokens.Jwt" />
<certificateValidation certificateValidationMode="PeerTrust" />

How can I support JWT on WIF 4.5? Is there any way I can use this package for doing that? Am I doing something wrong?

Answer Source

This package is written against .net standard 1.4, which does not include the System.IdentityModel APIs, so the package does not have integration with WIF.

Based on if you want to use System.IdentityModel through the WIF configuration, you'll need to go back to version 3.x of the package.

You could of course always write your own System.IdentityModel.Tokens.SecurityTokenHandler implementation which wrap Microsoft.IdentityModel.Tokens.SecurityTokenHandle

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download