After I upgrade my project to .NET 8 from .NET 6, I faced this error:
System.ArgumentException: 'IDX12723: Unable to decode the payload '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]' as Base64Url encoded string.'
Inner Exception
JsonException: IDX11020: The JSON value of type: 'String', could not be converted to 'JsonTokenType.Number'. Reading: 'System.IdentityModel.Tokens.Jwt.JwtPayload.iat', Position: '52', CurrentDepth: '1', BytesConsumed: '82'.
I tried many ways but I can not solve it. The error appreared when go here:
var token = filterContext.HttpContext.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ")[1];
var tokenHandler = new JwtSecurityTokenHandler();
var authToken = tokenHandler.ReadToken(token) as JwtSecurityToken; // <=== ERROR HERE
Please help me! Thank you so much!
JsonException: IDX11020: The JSON value of type: 'String', could not be converted to 'JsonTokenType.Number'. Reading: 'System.IdentityModel.Tokens.Jwt.JwtPayload.iat', Position: '52', CurrentDepth: '1', BytesConsumed: '82'.
See this comment to this issue @github:
Based on the RFC 7519 this claim MUST be number.
The JWT that you are sending in the request has iat claim as string and the later version of the library is stricter about this. Without seeing the actual value (and how you are getting it) you can try:
JsonSerializerOptions.JsonNumberHandling to AllowReadingFromString (though I would guess it likely will not help).Microsoft.AspNetCore.Authentication.JwtBearer 7.0.14UPD
Based on the comments the last option applied - explicit DateTimeOffset.Now.ToString() value was set to JwtPayload.iat header. DateTimeOffset.Now.ToUnixTimeSeconds() was suggested as substitution, another option is EpochTime.GetIntDate(DateTime) (see this comment).