SimpleIdServer icon indicating copy to clipboard operation
SimpleIdServer copied to clipboard
verified publisher icon simpleidserver

Error in JwksRequestHandler.cs (ConvertSigningKey) when migrating to .NET 8

Open poulsen-diana opened this issue 1 year ago • 3 comments

SimpleIdServer version 4.0.4

Receiving the following error trying to migrate a .NET 7 solution to .NET 8:

System.TypeLoadException HResult=0x80131522 Message=Could not load type 'System.IdentityModel.Tokens.Jwt.JsonExtensions' from assembly 'System.IdentityModel.Tokens.Jwt, Version=7.4.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'. Source=SimpleIdServer.IdServer StackTrace: at SimpleIdServer.IdServer.Api.Jwks.JwksRequestHandler.<Get>g__ConvertSigningKey|2_0(SigningCredentials signingCredentials) in SimpleIdServer.IdServer.Api.Jwks\JwksRequestHandler.cs:line 39 at SimpleIdServer.IdServer.Api.Jwks.JwksRequestHandler.Get(String realm) in SimpleIdServer.IdServer.Api.Jwks\JwksRequestHandler.cs:line 26

Details:

  1. Upgraded all Microsoft.AspNetCore., Microsoft.EntityFrameworkCore., and Microsoft.Extensions.* package references to version 8.0.0 when migrating the solution from .NET 7 to .NET 8
  2. Two of those packages, Microsoft.AspNetCore.Authentication.JwtBearer and Microsoft.AspNetCore.Authentication.OpenIdConnect have a dependency on Microsoft.IdentityModel.Protocols.OpenIdConnect (>= 7.0.3)
  3. That package has a dependency on System.IdentityModel.Tokens.Jwt (>= 7.0.3)
  4. Stepped through code and determined the error is occurring in SimpleIdServer.IdServer.Api.Jwks.JwksRequestHandler.Get -- specifically in the Convert...Key methods:
JsonObject ConvertSigningKey(SigningCredentials signingCredentials)
{
    var publicJwk = signingCredentials.SerializePublicJWK();
    return JsonNode.Parse(JsonExtensions.SerializeToJson(publicJwk)).AsObject();
}

JsonObject ConvertEncryptionKey(EncryptingCredentials encryptingCredentials)
{
    var publicJwk = encryptingCredentials.SerializePublicJWK();
    return JsonNode.Parse(JsonExtensions.SerializeToJson(publicJwk)).AsObject();
}

Erroring on: return JsonNode.Parse(JsonExtensions.SerializeToJson(publicJwk)).AsObject(); 5. Checked the source code for System.IdentityModel.Tokens.Jwt.JsonExtensions (v 7.0.3) to try to find the issue and found there is no JsonExtensions.cs 6. Tracked back through their repo to find that the file was removed in v 7.0.0 (when they moved from Newtonsoft.Json to System.Text.Json) 7. SimpleIdServer.IdServer is using an earlier version of System.IdentityModel.Tokens.Jwt (6.26.0) - pulled down the latest from SimpleIdServer 4.0.7 to verify the version is still at 6.26.0 to see if we needed to upgrade SimpleIdServer (trying not to do that given time constraints), but 4.0.7 is still referencing 6.26.0

Believe the issue is a package version mismatch that I could use help resolving.

Questions/Comments:

  1. Is there a current workaround for this? I tried to go through all of the issues/PRs here, and I didn't find anything (apologies if I did not look long enough)
  2. I noticed in SimpleIdServer.IdServer.Domains that there is a JsonSerializerExtension.cs using System.Text.Json that might work in place of the System.IdentityModel.Tokens.Jwt.JsonExtensions call
  3. Is it at all possible that v 4.0.4 could get a patch to fix this package issue if a workaround hasn't already been determined?

poulsen-diana avatar Apr 04 '24 23:04 poulsen-diana

Hello,

We have made some modifications in the release/4.0.4 branch to migrate the startup project from dotnet7 to dotnet8. You can take a look at our modifications here:

  • Startup.cs : https://github.com/simpleidserver/SimpleIdServer/blob/release/4.0.4/src/Scim/SimpleIdServer.Scim.Startup/Startup.cs
  • CSPROJ : https://github.com/simpleidserver/SimpleIdServer/blob/release/4.0.4/src/Scim/SimpleIdServer.Scim.Startup/SimpleIdServer.Scim.Startup.csproj

The nuget package Microsoft.AspNetCore.Authentication.JwtBearer is no longer used. Instead, we are using the Nuget package AspNetCore.Authentication.ApiKey to check the API Key. Additionally, the functions ConvertSigningKey and ConvertEncryptionKey can be removed.

By the way, all projects will be migrated to DOTNET8 in the next release 5.0.0.

simpleidserver avatar Apr 08 '24 11:04 simpleidserver

We are using the SimpleIdServer.IdServer project and not SimpleIdServer.Scim. I may be able to leverage these changes, but I don't see any updates to the Startup.cs file linked above.

poulsen-diana avatar Apr 08 '24 18:04 poulsen-diana

Apologies for my misunderstanding :(

I have made some modifications in the release/4.0.4 branch to migrate the SimpleIdServer projects to DOTNET8.

All Nuget packages will be migrated to DOTNET8 in release 5.0.0 :)

https://github.com/simpleidserver/SimpleIdServer/commit/07122474763720d8c438748bfc110c0fa95c060f

simpleidserver avatar Apr 10 '24 12:04 simpleidserver

All the projects have been migrated to DOTNET 8. You can use the version 5.0.0

simpleidserver avatar Jun 07 '24 14:06 simpleidserver

Awesome. Also thank you so much for taking the time to update the 4.0.4 branch for us prior to the release.

poulsen-diana avatar Jun 07 '24 15:06 poulsen-diana