ADAL - Bearer token not authenticated (IDX10500: Signature validation failed)
ADAL - Bearer token not authenticated (IDX10500: Signature validation failed)
我正在开发一个使用.NET WebApi中间件的Xamarin Forms应用程序。
在Xamarin层面上,我正在执行ADAL登录,像这样(iOS实现):
var authContext = new AuthenticationContext(authority + tenantId);
if (authContext.TokenCache.ReadItems().Any())
authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority);
var controller = GetVisibleViewController();
var uri = new Uri(returnUri);
var platformParams = new PlatformParameters(controller);
var authResult = await authContext.AcquireTokenAsync(resource,
clientId, uri, platformParams, UserIdentifier.AnyUser);
登录成功,我得到了令牌,并将其传递给WebAPI层,像这样:
httpClient.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer",
authResult.AccessToken);
我的WebAPI层已经设置为接受jwt bearer验证:
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
Authority = Configuration["Authentication:AzureAd:AADInstance"]
+ Configuration["Authentication:AzureAd:TenantId"],
Audience = Configuration["Authentication:AzureAd:Audience"]
});
但是,当我向一个带有[Authorize]的控制器发出请求时,我收到以下错误:
2017-12-29 11:50:41.134 +00:00 [Information] Failed to validate the token "....". Microsoft.IdentityModel.Tokens.SecurityTokenInvalidSignatureException: IDX10500: Signature validation failed. No security keys were provided to validate the signature. at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.d__1.MoveNext() 2017-12-29 11:50:41.149 +00:00 [Information] "Bearer" was not authenticated. Failure message: "IDX10500: Signature validation failed. No security keys were provided to validate the signature."
这个签名是指什么?
问题出现在客户端还是中间件层?