Update of System.IdentityModel.Tokens.Jwt causing breaking change in IdentityServer3 Client

Asked 28/6, 2016 at 15:39 Answered 19/7, 2016 at 17:30

Hopefully an easy one to resolve.

Microsoft's System.IdentityModels.Tokens.Jwt package was updated yesterday on NuGet from 4.0.2.206211351 to v5.0. This is unfortunately causing a breaking change with some "standard" IdentityServer3 code. i.e. taken from their code samples so I imagine quite a few developers might see this issue over the coming days.

Original Code

using v4.0.2.xxxxxx version of the package. I have

using System.IdentityModel.Tokens;

in the namespace.

then in the Configuration method begins as:

public void Configuration(IAppBuilder app)
    {
        AntiForgeryConfig.UniqueClaimTypeIdentifier = "sub";

        JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = "Cookies"
        });

        app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        { ... };

After Updating

After updating the confgiuration line:

JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();

Is causing an issue.

The first thing being that the Class has, apparently, moved into the System.IdentityModel.Tokens.Jwt namespace, this isn't so bad to resolve.

However, I'm now getting an Object reference required for a non-static field error on the JwtSecurityTokenHandler.InboundClaimTypeMap.

Am I missing something here, another library that's required or is there something happening before the Startup.Configuration() is called that needs digging into?

Adamec answered 28/6, 2016 at 15:39 Comment(0)

When you go to the doctor and say "it always hurts when I do this" - the doctor will reply "then stopping doing this" ;)

v4 -> v5 is by definition a breaking change. Do you need v5?

That being said - a simple intellisense exploration would have brought up that they renamed InboundClaimTypeMap to DefaultInboundClaimTypeMap.

Be prepared for more breaking changes along the way.

Indemnity answered 29/6, 2016 at 6:6 Comment(3)

Many thanks. Ah,... no we're not ready for v5 yet, this was me doing a general update of NuGet packages before starting an unrelated story. I'm going to have to live with those Update Alerts not being cleared for a while. In one sense I'm glad that it's an easy fix; in another I feel a bit daft for asking... But, I suppose that's software development in a nutshell :-) – Adamec 29/6, 2016 at 6:43

Using the latest version (5.X.X) it is now System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.DefaultInboundClaimTypeMap – Skater 15/1, 2017 at 21:37

The information is helpful but you don't have to be that way about it. – Lemniscate 19/6 at 22:14

Access token validation in OWIN is not compatible with system.identitymodel v5 - you need to downgrade to v4 - See issue here

Airsickness answered 19/7, 2016 at 17:30 Comment(1)

Please note that this is not true anymore, see github.com/AzureAD/… – Rein 11/3, 2022 at 14:40

Original Code

After Updating

Recommended topics

Hot tags