-
Notifications
You must be signed in to change notification settings - Fork 413
How to replace usage of SecurityTokenUnableToValidateException in code
Tim Hannifin edited this page Apr 25, 2023
·
3 revisions
Beginning with 6.28.0, SecurityTokenUnableToValidateException
is no longer getting thrown by Microsoft.IdentityModel
/Wilson. In the 7.* major release of Wilson this exception type will be removed completely.
Callers of Wilson should be sure to handle SecurityTokenValidationException
s individually, or at the very least, handle all exception types of SecurityTokenValidationException
.
If you were previously ONLY handling SecurityTokenUnableToValidateException
, you should replace that with SecurityTokenValidationException
and ideally have exception handling for derrived types (e.g. SecurityTokenExpiredException
, SecurityTokenInvalidIssuerException
, SecurityTokenNotYetValidException
, etc.)
Conceptual Documentation
- Using TokenValidationParameters.ValidateIssuerSigningKey
- Scenarios
- Validating tokens
- Outbound policy claim type mapping
- How ASP.NET Core uses Microsoft.IdentityModel extensions for .NET
- Using a custom CryptoProvider
- SignedHttpRequest aka PoP (Proof-of-Possession)
- Creating and Validating JWEs (Json Web Encryptions)
- Caching in Microsoft.IdentityModel
- Resiliency on metadata refresh
- Use KeyVault extensions
- Signing key roll over