Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] For JWE, JsonWebTokenHandler.ValidateJWEAsync does not consider the decrypt keys in the configuration #2737

Closed
jmprieur opened this issue Jul 22, 2024 · 0 comments · Fixed by #2738
Closed

[Bug] For JWE, JsonWebTokenHandler.ValidateJWEAsync does not consider the decrypt keys in the configuration #2737

jmprieur opened this issue Jul 22, 2024 · 0 comments · Fixed by #2738
Labels
Bug Product is not functioning as expected
Milestone
8.0.1

Comments

@jmprieur
Copy link
Contributor

Which version of Microsoft.IdentityModel are you using?
8.0.0

Where is the issue?

  • [ x] M.IM.JsonWebTokens

Is this a new or an existing app?
App trying to use decrypt keys from the OIDC configuration

Repro

var your = (code) => here;

Expected behavior
If the key from the JWE token is not present in the TokenValidationParameters, attempt to use the decrypt keys in the configuration

Actual behavior
the configuration is not attempted as it's not passed to DecryptToken

TokenValidationResult tokenValidationResult = ReadToken(DecryptToken(jwtToken, validationParameters), validationParameters);

Possible solution
Use the right override of DecryptToken from that accepts the configuration

- TokenValidationResult tokenValidationResult = ReadToken(DecryptToken(jwtToken, validationParameters), validationParameters);
+ TokenValidationResult tokenValidationResult = ReadToken(DecryptToken(jwtToken, validationParameters, configuration), validationParameters);

Used for auto-decrypt
@jmprieur jmprieur mentioned this issue Jul 22, 2024
Merged
@jennyf19 jennyf19 added this to the 8.0.1 milestone Jul 22, 2024
@jennyf19 jennyf19 added Bug Product is not functioning as expected and removed needs attention untriaged labels Jul 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Product is not functioning as expected
Projects
None yet
Milestone
8.0.1
Development

Successfully merging a pull request may close this issue.

Fixes 2737 AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet
2 participants
@jmprieur @jennyf19