如何使用OWIN从PPE环境验证AAD令牌?
问题描述:
我正在使用下面的代码来验证AAD访问令牌。如何使用OWIN从PPE环境验证AAD令牌?
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = ConfigSettings.MicrosoftAadTenant,
TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = false
}
});
代码工作正常,直到我切换到使用来自PPE环境生成的令牌,它的国际空间站是“https://sts.windows-ppe.net/ ......”。我在下面粘贴了错误信息。你知道如何解决它吗?
Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationMiddleware Error: 0 : Authentication failed System.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10500: Signature validation failed. Unable to resolve SecurityKeyIdentifier: 'SecurityKeyIdentifier ( IsReadOnly = False, Count = 2, Clause[0] = X509ThumbprintKeyIdentifierClause(Hash = 0x871BE0E2BDD307841D01C8151AE2717D2DB9F376), Clause[1] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause ) ',
感谢,