TokenValidationParameters for JwtSecurityStub

Question

TokenValidationParameters for JwtSecurityStub

paulczy opened this issue 2 years ago · 0 comments

I am leaving breadcrumbs for others, not sure if this intended behavior or a bug. I am using NET6 and have noticed Alba's JwtSecurityStub does not work if you don't specify a ValidAlgorithms and ValidAudience.
I wasn't setting ValidAlgorithms and using ValidAudiences instead. I don't mind setting the algorithms although NET6 functions fine without them specified. I would prefer to use the audience enumeration prop instead, but since this is for testing I understand you would only have one. It seems confusing I have to set both ValidAudience and ValidAudiences. I will leave good comments for now.

Working under NET6 but not Alba

services.AddAuthentication()
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters()
        {
            ValidateIssuer = true,
            ValidateAudience = true,
            ValidAudiences = jwtValidAudiences,
            ValidIssuer = jwtValidIssuer,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSecretKey)),
        };
    });

Working under NET6 and Alba

services.AddAuthentication()
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters()
        {
            ValidateIssuer = true,
            ValidateAudience = true,
            ValidAlgorithms = new []{ "HS256" },
            ValidAudience = "https://localhost:7287",
            ValidAudiences = jwtValidAudiences,
            ValidIssuer = jwtValidIssuer,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSecretKey)),
        };
    });