c# - 接收“JwtSecurityToken”不支持“SamlAssertionKeyIdentifierClause”创建。在 WCF 4.5 中使用已发行令牌创建通道时出错
问题描述
尝试使用“JwtSecurityToken”生成自定义 STS 令牌时,收到以下错误消息:
System.NotSupportedException:“JwtSecurityToken”不支持“SamlAssertionKeyIdentifierClause”创建。
我正在使用 .NET/WCF/WIF 4.5
JwtSecurityTokenHandler 来自
System.IdentityModel.Tokens.Jwt,版本=4.0.0.0,文化=中性,PublicKeyToken=31bf3856ad364e35
非常感谢任何帮助。
堆栈跟踪如下:
服务器堆栈跟踪:在 System.ServiceModel.Security.Tokens.SecurityTokenParameters.CreateKeyIdentifierClause[TExternalClause,TInternalClause](SecurityToken token, SecurityTokenReferenceStyle referenceStyle) 在 System.ServiceModel.Security.SendSecurityHeader.SignWithSupportingTokens() 的 System.IdentityModel.Tokens.SecurityToken.CreateKeyIdentifierClauseT在 System.ServiceModel.Security.SendSecurityHeader.CompleteSecurityApplication() 在 System.ServiceModel.Security.SecurityAppliedMessage.OnWriteMessage(XmlDictionaryWriter writer) 在 System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota) 在System.ServiceModel.Channels.TextMessageEncoderFactory.TextMessageEncoder.WriteMessage(消息消息,Int32 maxMessageSize,System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message, Boolean shouldRecycleBuffer) 在 System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout) 在 System.ServiceModel.Channels.HttpChannelFactory 的 BufferManager bufferManager, Int32 messageOffset)1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory1.SecurityRequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object [] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
WS2007FederationHttpBinding ws2007FederationHttpBinding = CreateStsBinding();
RequestSecurityToken request = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = new EndpointReference("appliestoURLGoeshere"),
KeyType = KeyTypes.Symmetric,
TokenType = "urn:ietf:params:oauth:token-type:jwt"
};
EndpointIdentity rpIdentity = new X509CertificateEndpointIdentity(new X509Certificate2(Convert.FromBase64String("base64CertificateValues")));
WSTrustChannelFactory factory = new WSTrustChannelFactory(ws2007FederationHttpBinding, new EndpointAddress(new Uri("endpointUri"), rpIdentity))
{
TrustVersion = TrustVersion.WSTrust13
};
factory.Credentials.SupportInteractive = false;
factory.Credentials.UseIdentityConfiguration = true;
factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
factory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
IWSTrustChannelContract channel = factory.CreateChannelWithIssuedToken(myJwtIssuedToken);
//...............Receive error here............
SecurityToken securityToken = channel.Issue(request);
return securityToken;
解决方案
推荐阅读
- javascript - 如何使 Quill.js 支持链接的附加 url 方案?
- python - 如果环境目录不为空,为什么命令 'pipenv --rm' 不起作用?(视窗)
- winapi - MFC:如何让 CMFCToolBarComboBoxButton 显示在 CMFCToolBar 上?
- tensorflow - 在 TensorFlow 1.15 中使用 BiLSTM-CRF 实现 CRF 层
- android - Android 中的 DTMF 接收
- angular - 使用 Ionic ion-infinite-scroll 作为子级(Ionic 4)测试任何组件时出错
- json - apache NiFi 将 JSON 转换为 avro
- python - 如何在python中一起添加到列表中的整数?
- python - 是否可以在 selenium 中拦截 websocket 流量?
- python - 如何在 2 个主题中划分 videoCapture 以在 opencv 中更快地处理视频?