小贝子编程

将 jwt 令牌发送到 wif wcf 服务



我在发送 jwt 令牌时也遇到问题 wcf 服务。

遵循这个,它几乎有效。将 JWT 安全令牌传递到 WCF 客户端

所以我发送了一个GenericXmlSecurityToken,如上面的链接所示。并创建了以下处理程序:

public class CustomJwtSecurityTokenHandler : JwtSecurityTokenHandler
{
    public override ReadOnlyCollection<ClaimsIdentity> ValidateToken(SecurityToken token)
    {
        var jwtToken = (JwtSecurityToken)(token);
        SecurityToken securityToken;
        var principal = ValidateToken(jwtToken.RawData, new TokenValidationParameters(), out securityToken);
        var collection = new ReadOnlyCollection<ClaimsIdentity>(principal.Identities.ToList());
        return collection;
    }
    public override ClaimsPrincipal ValidateToken(string jwt, TokenValidationParameters validationParameters, out SecurityToken token)
    {
        validationParameters.ValidateAudience = false;
        validationParameters.ValidateIssuer = false;
        var certificateBytes = Convert.FromBase64String("long text...");
        validationParameters.IssuerSigningKey = new X509SecurityKey(new X509Certificate2(certificateBytes));
        return base.ValidateToken(jwt, validationParameters, out token);
    }
}

到目前为止,令牌验证一切正常,但在此之后发生了一些事情。

服务器抛出

System.ServiceModel.Security.MessageSecurityException : Message security verification failed. System.IndexOutOfRangeException: The index was outside the bounds of the array.

StackTrace of innerexception

<StackTrace>
   at System.Xml.XmlBufferReader.GetChars(Int32 offset, Int32 length, Char[] chars)
   at System.Xml.XmlBufferReader.GetString(Int32 offset, Int32 length)
   at System.Xml.StringHandle.GetString()
   at System.Xml.XmlBaseReader.ReadEndElement()
   at System.ServiceModel.Security.ReceiveSecurityHeader.ExecuteFullPass(XmlDictionaryReader reader)
   at System.ServiceModel.Security.ReceiveSecurityHeader.Process(TimeSpan timeout, ChannelBinding channelBinding, ExtendedProtectionPolicy extendedProtectionPolicy)
   at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessageCore(Message&amp; message, TimeSpan timeout)
   at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message&amp; message, TimeSpan timeout)
</StackTrace>

这可能是 WCF 中的一个问题。

请参阅:如何将 JWT 令牌与 WCF 和 WIF 一起使用?

一个可能的解决方法可能是将JWT作为GenericXmlSecurityToken中的声明传输,正如 http://leastprivilege.com/2015/07/02/give-your-wcf-security-architecture-a-makeover-with-identityserver3/

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium