我执行JwtSecurityTokenHandler()时遇到以下错误.ValidateToken()函数:
这是我的伪代码:
var jwtToken = {...}
var tokenHandler = new JwtSecurityTokenHandler();
var validationParameters = new TokenValidationParameters {...};
var claimsPrincipal = tokenHandler.ValidateToken(jwtToken, validationParameters);
这是错误:
Jwt10316: Signature validation failed. Keys tried: 'System.IdentityModel.Tokens.X509AsymmetricSecurityKey'.
Exceptions caught:
'System.InvalidOperationException: Jwt10518: AsymmetricSecurityKey.GetHashAlgorithmForSignature( 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256' ) threw an exception.
AsymmetricSecurityKey: 'System.IdentityModel.Tokens.X509AsymmetricSecurityKey'
SignatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256', check to make sure the SignatureAlgorithm is supported.
Exception: 'System.NotSupportedException: Crypto algorithm 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256' not supported in this context.
at System.IdentityModel.Tokens.X509AsymmetricSecurityKey.GetHashAlgorithmForSignature(String algorithm)
at System.IdentityModel.Tokens.AsymmetricSignatureProvider..ctor(AsymmetricSecurityKey key, String algorithm, Boolean willCreateSignatures)'.
---> System.NotSupportedException: Crypto algorithm 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256' not supported in …我收到这条消息:
使用以下搜索条件找不到X.509证书:StoreName'My',StoreLocation'LocalMachine',FindType'FindBySubjectDistinguishedName',FindValue'CN = HighBall'.
我的web.config设置看起来像这样;
身份验证设置如...
<authentication mode="Windows" />
为wsHttpBinging设置绑定
我的服务行为设置如此......
<behavior name="HighBall.Services.ServiceVerificationBehavior">
<serviceAuthorization principalPermissionMode="UseAspNetRoles"
roleProviderName="HighBallRoleProvider" />
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<serviceCertificate findValue="CN=HighBall" />
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="HighBallMembershipProvider" />
</serviceCredentials>
</behavior>
我试图找出一种方法来验证证书存储的内容,方式和位置,但我不知道如何做到这一点.如果有人对此错误消息有任何想法,我将非常感谢您的帮助.