Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Microsoft.IdentityModel.Tokens 5.4.0 changes kid value when using X509SecurityKey #3172

Closed
scottbrady91 opened this Issue Apr 7, 2019 · 4 comments

Comments

Projects
None yet
3 participants
@scottbrady91
Copy link
Member

commented Apr 7, 2019

Microsoft.IdentityModel.Tokens version 5.4.0 adds support for x5t to JWTs when using an X509SecurityKey. However, this also changes the kid value in generated tokens and the kid value in IdentityServer's discovery document.

See AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1084

Issue / Steps to reproduce the problem

  1. Use x509 signing cert
  2. Check kid value in discovery document
  3. Update Microsoft.IdentityModel.Tokens to 5.4.0
  4. Check kid value in discovery document
@leastprivilege

This comment has been minimized.

Copy link
Member

commented Apr 8, 2019

nice...

@scottbrady91

This comment has been minimized.

Copy link
Member Author

commented Apr 8, 2019

@brockallen

This comment has been minimized.

Copy link
Member

commented Apr 10, 2019

So this is a breaking change if there's a version mismatch for them? Is there an action item for us?

@leastprivilege

This comment has been minimized.

Copy link
Member

commented Apr 11, 2019

it's a shit show as usual ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.