While following tutorial
Create a RESTful API with authentication using Web API and Jwt I'm having trouble getting the CustomJwtFormat
class to compile:
using System.IdentityModel.Tokens;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.DataHandler.Encoder;
using Thinktecture.IdentityModel.Tokens;
namespace BooksAPI.Identity
{
public class CustomJwtFormat : ISecureDataFormat<AuthenticationTicket>
{
private static readonly byte[] _secret =
TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings["secret"]);
private readonly string _issuer;
public CustomJwtFormat(string issuer)
{
_issuer = issuer;
}
public string Protect(AuthenticationTicket data)
{
if (data == null)
throw new ArgumentNullException(nameof(data));
var signingKey = new HmacSigningCredentials(_secret);
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
return new JwtSecurityTokenHandler().WriteToken(
new JwtSecurityToken( _issuer, null, data.Identity.Claims,
issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey));
}
public AuthenticationTicket Unprotect(string protectedText) {
throw new NotImplementedException();
}
}
}
The build error I'm getting is:
Cannot convert from 'Thinktecture.IdentityModel.Tokens.HmacSigningCredentials' to 'Microsoft.IdentityModel.Tokens.SigningCredentials'
Having searched for this I found this SO post:
ASP.NET v5 Multiple SigningCredentials
I have tried the recommendation in the answer post but to no avail. I followed the link:
Ambiguous reference issue (Microsoft.AspNet.Identity & Microsoft.AspNet.Identity.Core)
But am still seeing the conflict. Which package and namespace combination should I use?
Signing credentials are used to protect against tampering. They can be either asymmetric (e.g a RSA or ECDSA key) or symmetric.
Adds a claim for the specified authentication method to the subject of the current instance. The authentication instant is set to the current time.
original method:
var signingKey = new HmacSigningCredentials(_secret);
new method:
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(_secret);
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(
securityKey,SecurityAlgorithms.HmacSha256Signature);
//---
var issued = data.Properties.IssuedUtc;
var expires = data.Properties.ExpiresUtc;
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingCredentials);
I ran into the same problem. You have to use an older version of System.IdentityModel.Tokens.Jwt.
open nuget package manager console and run:
Install-Package System.IdentityModel.Tokens.Jwt -Version 4.0.2.206221351
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With