Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

DNX Core 5.0 JwtSecurityTokenHandler "IDX10640: Algorithm is not supported: 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256'"

Tags:

json

c#

jwt

adal

I'm trying to implement JWT tokens but keep running into the following exception: IDX10640: Algorithm is not supported: 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256' when trying to write the token to compact json string.

const string issuer = "issuer";
const string audience = "audience";
byte[] keyForHmacSha256 = new byte[32];
new Random().NextBytes(keyForHmacSha256);

var claims = new List<Claim> { new Claim("deviceId", "12") };
var now = DateTime.UtcNow;
var expires = now.AddHours(1);
var signingCredentials = new SigningCredentials(
    new SymmetricSecurityKey(keyForHmacSha256), 
    SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest);

var token = new JwtSecurityToken(issuer, audience, claims, now, expires, signingCredentials);
return _tokenHandler.WriteToken(token);

Any ideas on solving this?

Update 1:

The error above occurs with "System.IdentityModel.Tokens.Jwt": "5.0.0-beta7-208241120"

Update 2:

Updated code

like image 658
sboulema Avatar asked Sep 07 '15 12:09

sboulema

2 Answers

Support will be in the RC2 release. Tested with the nightly nuget packages from http://myget.org/gallery/azureadwebstacknightly

Only slight code changes needed to get everything to work

const string issuer = "issuer";
const string audience = "audience";
var keyForHmacSha256 = Encoding.ASCII.GetBytes("<tokenSecret>");
var key = new SymmetricSecurityKey(keyForHmacSha256);
var claims = new List<Claim> { new Claim("deviceId", "12") };
var now = DateTime.UtcNow;
var expires = now.AddHours(1);
var signingCredentials = new SigningCredentials(key, SecurityAlgorithms.HMAC_SHA256);

var token = new JwtSecurityToken(issuer, audience, claims, now, expires, signingCredentials);
return _tokenHandler.WriteToken(token);

Validating the token can be done with the next bit of code

SecurityToken securityToken;
var validationParameters = new TokenValidationParameters
{
    ValidateLifetime = true,
    ValidateAudience = true,
    ValidateIssuer = true,
    RequireExpirationTime = true,
    ValidateSignature = true,
    ValidAudience = audience,
    ValidIssuer = issuer,
    IssuerSigningKey = key,
    RequireSignedTokens = true,
    ValidateIssuerSigningKey = true               
};

tokenHandler.ValidateToken(token, validationParameters, out securityToken);
like image 83
sboulema Avatar answered Nov 17 '22 19:11

sboulema

We don't have support for symmetric keys right now. Hope to get that in soon.

like image 33
Brent Schmaltz Avatar answered Nov 17 '22 18:11

Brent Schmaltz
Sign in to Comment

Related questions

Mapping to existing table using Entity Framework
What would +- do as an operator in c#
How can I extract part of an IEnumerable based on known elements of the collection?
Can't access related data after disposal of DataContext in Linq to SQL
Call to web service webmethod throws HTTP/1.1 404 Not Found
OpenXML - Get Image Alt Text Title
How to use C++ class in Windows 10 C# universal app? [closed]
Async Await to Keep Event Firing
Running external processes asynchronously in a windows service
Forcing EF ApplicationUser To Load Navigation Properties
Is it possible to concatenate a list of strings using only a single allocation?
return enum as string in asp.mvc and json
Cant access Variables in JS/jQuery via <%= variable %>
Binary serialization slow (sometimes) in .NET 4.6
Selecting rows in a DBSet with Entity Framework
SQLite Entity Framework without App.config
If using DI + MEF, what is a good method to pass events between classes in the container?
Modify elements in list with ForEach lambda
Ninject dynamically bind to implementation
Windows Phone 8: How to animate page navigation?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!