2

I'm using Keycloak and .NET 6. I recently upgraded to .NET 6. Everything was working great with .NET Core 3.1.

Here's my code for security:

services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
    o.Authority = @$"{Config.GetSetting("KeycloakUrl").Trim('/')}/auth/realms/{Config.GetSetting("Realm")}";
    o.Audience = "account";
    o.Events = new JwtBearerEvents()
    {
        OnAuthenticationFailed = c =>
        {
            c.NoResult();

            Logger.LogException(c.Exception);

            c.Response.StatusCode = 500;
            c.Response.ContentType = "text/plain";
            if (Config.IsDeveloping)
            {
                return c.Response.WriteAsync(c.Exception.ToString());
            }
            return c.Response.WriteAsync("An error occured processing your authentication.");
        }
    };
});

This code was working. Now it breaks with this exception:

"IDX10516: Signature validation failed. Unable to match key: \nkid:

I can't find a solution for this. How can I troubleshoot this error. Is it related to upgrading to .NET 6?

AndrewSilver
  • 976
  • 2
  • 14
  • 25
Hossein Fallah
  • 1,859
  • 2
  • 18
  • 44
  • Try to see similar questions, for example https://stackoverflow.com/q/58856735/1752270 – AndrewSilver Dec 10 '21 at 12:26
  • The problem is that, it's not similar. Even the error code is different. – Hossein Fallah Dec 10 '21 at 13:53
  • Ok, but [this one](https://stackoverflow.com/q/67554056/1752270) matches your error code. Also, It looks like there were more details in you exception after the line break. Could you add full exception text here? – AndrewSilver Dec 10 '21 at 14:04

0 Answers0