JwtBearerAuthenticationOptions does not contain a definition for IssuerSecurityTokenProviders

Asked 9/6, 2019 at 18:41 Answered 10/5, 2024 at 15:19

Currently following this tutorial on how to implement OAuth JWT Authentication. Stuck on two things at the moment which have become a bit of a pain to solve.

This code below throws 'definition' and 'namespace' errors.

app.UseJwtBearerAuthentication(
                new JwtBearerAuthenticationOptions
                {
                    AuthenticationMode = AuthenticationMode.Active,
                    AllowedAudiences = new[] { audienceId },
                    IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
                    {
                        new SymmetricKeyIssuerSecurityTokenProvider(issuer, audienceSecret)
                    }
                });

As shown in the image below are the errors:

Not sure why I am getting this error as all the necessary packages are installed. On the other IssuerSecurityKeyProviders exists instead if I chose to use this one or run the build with the errors, it will generate the token but when I try to access any of the authroised endpoints on the api I get the dreaded "message": "Authorization has been denied for this request."

When i debug the token all seems to be matching. The issuer is the same, the audience id is the same and the user does exist in the database too but the changepassword endpoint always fails as shown in the screenshot below.

Last but not least looking for a good tutorial I can follow to help me get up and running with Web API Authentication using JWT and OWIN. Most are outdated and the packages have changed over the years for example this one and it is hard finding answers to problems encountered. A touch frustrating

Mariano answered 9/6, 2019 at 18:41 Comment(0)

Newer versions of the "Microsoft.Owin.Security.Jwt" library may have had some renaming that needs to be taken into account. Try this instead:

        // Api controllers with an [Authorize] attribute will be validated with JWT
        app.UseJwtBearerAuthentication(
            new JwtBearerAuthenticationOptions
            {
                AuthenticationMode = AuthenticationMode.Active,
                AllowedAudiences = new[] { audienceId },
                IssuerSecurityKeyProviders = new IIssuerSecurityKeyProvider[] {
                    new SymmetricKeyIssuerSecurityKeyProvider(issuer, audienceSecret)
                }
            });

This essentially substitutes "IssuerSecurityKeyProviders" in place of "IssuerSecurityTokenProviders" and "IIssuerSecurityKeyProvider" in place of "IIssuerSecurityTokenProvider".

Misreckon answered 23/6, 2019 at 17:26 Comment(1)

tried it with exactly that a while back and was still getting the same problem. I have never gotten over this hurdle but it is very difficult to find good material that makes sense on this topic – Mariano 27/6, 2019 at 1:47

Regarding a good tutorial, I found this which helped me troubleshoot a similar issue I faced

Being more specific about this article, in my situation I had to set the log level to verbose to inspect log messages generated by OWIN middleware. So I got more details about the dreaded "message": "Authorization has been denied for this request."

    <system.diagnostics>
        <switches>
            <add name="Microsoft.Owin" value="Verbose" />
        </switches>
    </system.diagnostics>

Fisher answered 10/5, 2024 at 15:19 Comment(0)

Recommended topics

Hot tags