-
Notifications
You must be signed in to change notification settings - Fork 409
How to replace usage of SecurityTokenUnableToValidateException in code
Tim Hannifin edited this page Apr 25, 2023
·
3 revisions
Beginning with 6.28.0, SecurityTokenUnableToValidateException is no longer getting thrown by Microsoft.IdentityModel/Wilson. In the 7.* major release of Wilson this exception type will be removed completely.
Callers of Wilson should be sure to handle SecurityTokenValidationExceptions individually, or at the very least, handle all exception types of SecurityTokenValidationException.
If you were previously ONLY handling SecurityTokenUnableToValidateException, you should replace that with SecurityTokenValidationException and ideally have exception handling for derrived types (e.g. SecurityTokenExpiredException, SecurityTokenInvalidIssuerException, SecurityTokenNotYetValidException, etc.)
Conceptual Documentation
- Using TokenValidationParameters.ValidateIssuerSigningKey
- Scenarios
- Validating tokens
- Outbound policy claim type mapping
- How ASP.NET Core uses Microsoft.IdentityModel extensions for .NET
- Using a custom CryptoProvider
- SignedHttpRequest aka PoP (Proof-of-Possession)
- Creating and Validating JWEs (Json Web Encryptions)
- Caching in Microsoft.IdentityModel
- Resiliency on metadata refresh
- Use KeyVault extensions
- Signing key roll over