Closed
Description
Which version of Microsoft.IdentityModel are you using?
Microsoft.IdentityModel 8.6.1
Where is the issue?
- M.IM.JsonWebTokens
- M.IM.KeyVaultExtensions
- M.IM.Logging
- M.IM.ManagedKeyVaultSecurityKey
- M.IM.Protocols
- M.IM.Protocols.OpenIdConnect
- M.IM.Protocols.SignedHttpRequest
- M.IM.Protocols.WsFederation
- M.IM.TestExtensions
- M.IM.Tokens
- M.IM.Tokens.Saml
- M.IM.Validators
- M.IM.Xml
- S.IM.Tokens.Jwt
- Other (please describe)
Is this a new or an existing app?
The app is in production with 8.1.2 and I have upgraded to a new version of Microsoft.IdentityModel.*
Repro
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(GetClaims()),
NotBefore = now,
Expires = ExpiryDate,
IssuedAt = now,
SigningCredentials = new SigningCredentials(
Settings.JWTKey,
SecurityAlgorithms.HmacSha256Signature),
};
var token = tokenHandler.CreateToken(tokenDescriptor);Expected behavior
Token gets created
Actual behavior
File name: 'Microsoft.Bcl.Memory, Version=9.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51'
at Microsoft.IdentityModel.Tokens.Base64UrlEncoder.Encode(Byte[] inArray, Int32 offset, Int32 length)
at Microsoft.IdentityModel.Tokens.Base64UrlEncoder.Encode(Byte[] inArray)
at Microsoft.IdentityModel.Tokens.Base64UrlEncoder.Encode(String arg)
at System.IdentityModel.Tokens.Jwt.JwtHeader.Base64UrlEncode()
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.CreateJwtSecurityTokenPrivate(SecurityTokenDescriptor tokenDescriptor)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.CreateToken(SecurityTokenDescriptor tokenDescriptor)
Possible solution
Additional context / logs / screenshots / links to code
It works on Ubuntu 22 and 24 but breaks on RHEL 8.6 and Rocky 8.10. Downgrading to 8.1.2 solves this problem.