Casey Crookston
Reputation: 13965
Invalid JWT Signature
I know. I know. LOTS of questions with this exact title. But of all the ones I've looked at, I can't find one that is creating the JWT using a List<Claim>, an issuer and an audience.
private string GetTokenString()
{
var claims = new List<Claim>()
{
new Claim("claim1", "foo-anything"),
new Claim("claim2", "bar-anything")
};
string keyValue = "1234567890qwertyuiopasdfghjklzxcvbnm"; // NOT THE REAL KEY (changed for this SO question)
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(keyValue));
var jwtToken = new JwtSecurityToken
(
issuer: "https://xxxxxx.net",
audience: "https://www.xxxxxx.com",
claims: claims,
signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature),
expires: DateTime.Now.AddMinutes(30)
);
var handler = new JwtSecurityTokenHandler();
string tokenString = handler.WriteToken(jwtToken);
return tokenString;
}
Then if I take tokenString and plug it into https://jwt.io/, I get
Invalid Signature
Is there something wrong with the way I'm creating the JWT?
Upvotes: 0
Views: 1336
Answers (1)
Soumen Mukherjee
Reputation: 3272
See the base64 encoding of your signing key
1234567890qwertyuiopasdfghjklzxcvbnm
comes out to be this
MTIzNDU2Nzg5MHF3ZXJ0eXVpb3Bhc2RmZ2hqa2x6eGN2Ym5t
Please use this value to validate the generated token, in this case the check box should be checked.
If you leave the check box blank then use the same value as you have in your code.
Upvotes: 1
Related Questions
- JWT Validation fails
- JWT error IDX10634: Unable to create the SignatureProvider C#
- .NET: Invalid Signature in RS256 signed JWT
- Invalid JWT token in a simple C# API
- JWT Invalid Signatures in .NET libraries
- Invalid Signature for token generate in c# with JWT
- ASP.NET Core authentication with JWT: 'The signature is invalid'
- JWT invalid signature
- C# Cannot sign JWT using certificate
- Can't get Signature from JwtSecurityToken