CODEWITHSUNDEEP
c#.netasp.net-coreidentityserver4identityserver3
diyath.nelaka
diyath.nelaka

Reputation: 305

Identity Server 3 Access Token Validation Library Cannot Validates Tokens Generated from Identity Server 4

I have an Identity server that was developed on Identity server 4 (v3.1.2) and a .NET Web API that was developed on .NET Framework 4.6. In the web API, I am using the Identity Server 3 Access Token Validation library (v2.14.0) to validate the Incoming request's tokens.

When I try to access a resource on the .NET web API using a JWT tokens which was generated by the identity server I always get unauthorized 401 response. I have set up the Owin middleware as below in the .NET web API.

public class Startup
{
    public void Configuration(IAppBuilder app)
    {

        app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
        {
            Authority = "http://localhost:9080/IdentityServer"
        });

        var config = new HttpConfiguration();
        config.MapHttpAttributeRoutes();

        app.UseWebApi(config);
    }
}

However, in order to find out whether this is an issue between Identity server 4 tokens and Identity server 3 access token validation library, I have created a separate Identity server with Identity server 3 library (v2.6.3) and provided a token generated from it to the same web API I used previously (same Startup.cs as above).

This request was authorized successfully and all were working as expected.

My Question is :

Is it possible to use a token from identity server 4 to validate using the Identity server 3 access token validation library? or is there something I am doing wrong?

Upvotes: 4

Views: 822

Answers (1)

Mahesh More
Mahesh More

Reputation: 855

I am not sure but I think your Authority URL is incorrect. I had a similar scenario as you have and I resolved it using IdentityServer3.AccessTokenValidation NuGet package and it's working perfectly fine. So I am sure that your issue is not related to middleware.

Try to replace the below code in your startup.cs file and everything will work.

public class Startup
{
    public void Configuration(IAppBuilder app)
    {

        IdentityServerBearerTokenAuthenticationOptions options = new IdentityServerBearerTokenAuthenticationOptions
            {
                Authority = "http://localhost:9080",
                AuthenticationType = "Bearer"
            };

        app.UseIdentityServerBearerTokenAuthentication(options);

        var config = new HttpConfiguration();
        config.MapHttpAttributeRoutes();

        app.UseWebApi(config);
    }
}

I hope this will resolve your issue!

Upvotes: 0

Related Questions