问题描述
我也无法通过wcf服务发送jwt令牌.
I have problem sending jwt token too a wcf service.
已遵循此步骤,并且几乎可以正常运行.将JWT SecurityToken交付给WCF客户端
Have followed this and it almost works.Delivering a JWT SecurityToken to a WCF client
因此,我按照上面的链接发送GenericXmlSecurityToken.并创建了以下处理程序:
So i send a GenericXmlSecurityToken as in the link above.And have created the following handler:
public class CustomJwtSecurityTokenHandler : JwtSecurityTokenHandler
{
public override ReadOnlyCollection<ClaimsIdentity> ValidateToken(SecurityToken token)
{
var jwtToken = (JwtSecurityToken)(token);
SecurityToken securityToken;
var principal = ValidateToken(jwtToken.RawData, new TokenValidationParameters(), out securityToken);
var collection = new ReadOnlyCollection<ClaimsIdentity>(principal.Identities.ToList());
return collection;
}
public override ClaimsPrincipal ValidateToken(string jwt, TokenValidationParameters validationParameters, out SecurityToken token)
{
validationParameters.ValidateAudience = false;
validationParameters.ValidateIssuer = false;
var certificateBytes = Convert.FromBase64String("long text...");
validationParameters.IssuerSigningKey = new X509SecurityKey(new X509Certificate2(certificateBytes));
return base.ValidateToken(jwt, validationParameters, out token);
}
}
到目前为止,所有有效的令牌都可以通过验证,但是在此之后发生了一些事情.
服务器抛出
System.ServiceModel.Security.MessageSecurityException : Message security verification failed. System.IndexOutOfRangeException: The index was outside the bounds of the array.
内部异常的StackTrace
StackTrace of innerexception
<StackTrace>
at System.Xml.XmlBufferReader.GetChars(Int32 offset, Int32 length, Char[] chars)
at System.Xml.XmlBufferReader.GetString(Int32 offset, Int32 length)
at System.Xml.StringHandle.GetString()
at System.Xml.XmlBaseReader.ReadEndElement()
at System.ServiceModel.Security.ReceiveSecurityHeader.ExecuteFullPass(XmlDictionaryReader reader)
at System.ServiceModel.Security.ReceiveSecurityHeader.Process(TimeSpan timeout, ChannelBinding channelBinding, ExtendedProtectionPolicy extendedProtectionPolicy)
at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessageCore(Message& message, TimeSpan timeout)
at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout)
</StackTrace>
推荐答案
这可能是WCF中的问题.
This might be an issue in WCF.
一个潜在的解决方法可能是按照 http://leastprivilege.com/2015/07/02/give-your-wcf-security-architecture-a-makeover-with-identityserver3 /
A potential workaround might be to transport the JWT as a claim in a GenericXmlSecurityToken
, as proposed by http://leastprivilege.com/2015/07/02/give-your-wcf-security-architecture-a-makeover-with-identityserver3/
这篇关于将JWT令牌发送到WIF WCF服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!