当我要验证 jwt 令牌时,不解码不返回“alg”并且始终使令牌验证无效。默认情况下在 System.IdentityModel.Tokens.Jwt
中验证例外:
IDX10503: Signature validation failed. Token does not have a kid. Keys tried: 'Microsoft.IdentityModel.Tokens.RsaSecurityKey, KeyId: '', InternalId: 'Y-aoLdlxdepu_g1odJVOn_g-FlaitSghcGfrV1vSuxg'. , KeyId:
'. Number of keys in TokenValidationParameters: '0'.
Number of keys in Configuration: '0'.
Exceptions caught:
'Microsoft.IdentityModel.Tokens.SecurityTokenInvalidAlgorithmException: IDX10696: The algorithm 'Null' is not in the user-defined accepted list of algorithms.
我已将软件包
System.IdentityModel.Tokens.Jwt
从 7.2.0
更新为 7.4.1
并且可以正常使用。