問題描述
以下代碼:
using System.IdentityModel.Tokens;
JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(rawToken);
產生以下異常:
Jwt10113: Unable to decode the 'header'
The value "0" is not of type "System.String" and cannot be used in this generic collection. Parameter name: value
當 rawToken 的 'header' 部分是:
When the 'header' section of the rawToken is:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6MH0
可以解碼為:
{"alg":"HS256","typ":"JWT","kid":0}
錯誤令牌的來源是 Azure 移動服務.
The source of the faulting token is Azure Mobile Services.
請注意,當'header'部分是:調用同一行代碼時不會發生異常:
Please note that the exception does not occur when calling the same line of code while the 'header' section is:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjAifQ
可以解碼為:
{"alg":"HS256","typ":"JWT","kid":"0"}
我怎樣才能克服這個問題,并正確驗證這樣的令牌?
How can I overcome this problem, and properly validate such a token?
推薦答案
這是 Azure 移動服務中的一個錯誤,它與 JWT 規范的一致性有關.該錯誤已得到修復,因此移動服務生成的 JWT 現在應該在其標頭的kid"字段中具有正確的字符串值.
This was a bug in the Azure Mobile Services with respect to its conformance with the JWT spec. The bug has since been fixed, so the JWTs generated by the mobile services should now have a correct string value in the "kid" field of its header.
這篇關于解碼 Azure 移動服務 JWT 令牌時出現 JwtSecurityToken 異常的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!