I am using asp.net core with openiddict , for authorization i am using jwtmiddleware
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true,
RequireHttpsMetadata = false,
Authority= "http://localhost"
});
but for some reason its throwing this error, any help will be appreciated.
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware[7] Bearer was not authenticated. Failure message: IDX10501: Signature validat ion failed. Unable to match 'kid': '7FG4SQ4TIATESTLI-ZDHTLRYPWIEDU_RA1FVG91D', token: '{"alg":"RS256","typ":"JWT","kid":"7FG4SQ4TIATESTLI-ZDHTLRYPWIEDU_RA1FVG9 1D"}.{"unique_name":"asd","email":"asd","AspNet.Identity.SecurityStamp":"eb93ee4 4-6dbf-41b8-b1d6-157e4aa23ea7","jti":"4f0f5395-e565-4489-8baf-6361d5c4cb94","usa ge":"access_token","confidential":true,"scope":["offline_access","profile","emai l","roles"],"sub":"9125d8c5-5739-4f46-8747-e3423a464969","azp":"firebaseApp","nb f":1466997962,"exp":1466999762,"iat":1466997962,"iss":"http://localhost:5000/"}' . warn: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[1] Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.A uthorization.AuthorizeFilter'. warn: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[1] Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.A uthorization.AuthorizeFilter'.
Authority should contains the base address of your OIDC server. You should specify Authority URL with port (5000 in your case accordingly to "iss" claim in token info):
Authority="http://localhost:5000"
You may disable Authority validation by setting ValidateIssuerSigningKey = false. JwtBearerOptions contains property TokenValidationParameters, that aggregate settings about validations:
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
...
TokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = false}
}