Login/Register
Why do I get IDX20803 error after upgrading to IdentityModel v7 from v6?
Asked Answered
Solved c#jwtidentitymodel
I

1

17

After upgrading Microsoft.IdentityModel.Tokens and System.IdentityModel.Tokens.Jwt to 7.0.0, I get this error:

IDX20803: Unable to obtain configuration from: 'https://example.com/realms/Development/.well-known/openid-configuration'.

Could not load type 'Microsoft.IdentityModel.Json.JsonConvert' from assembly 'Microsoft.IdentityModel.Tokens, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'. Could not load type 'Microsoft.IdentityModel.Json.JsonConvert' from assembly 'Microsoft.IdentityModel.Tokens, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'. => Microsoft.IdentityModel.Json.JsonConvert

Before the update, my package references were:

<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.10" />
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.32.3" />
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.32.3" />
<PackageReference Include="System.Text.Json" Version="7.0.3" />

After the update, my package references are now:

<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.11" />
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.0.0" />
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.0.0" />
<PackageReference Include="System.Text.Json" Version="7.0.3" />

What's the issue?

Insure answered 17/9, 2023 at 7:48 Comment(1)
Make sure you do a clean build. Did you make same changes in client? The serializer in the client has to be compatible with the deserializer in server.Unleash
A
40

TLDR: add <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="7.0.0" />

Based on the release notes, between v6 and v7 of System.IdentityModel.Tokens.Jwt, the JSON serialiser/deserialiser has been changed from Newtonsoft Json.NET to System.Text.Json.

It has 2 implicit dependencies:

  • Microsoft.IdentityModel.Tokens (that you've made explicit in this case)
  • Microsoft.IdentityModel.JsonWebTokens

As defined, IdentityModel v7.0.0 also upgrades these implicit dependencies to their corresponding v7.0.0 - as expected & good so far.

The issue isn't with the upgraded packages but instead, highlights a problem with the Microsoft.AspNetCore.Authentication.JwtBearer package, which would be used alongside.

This package has an implicit dependency on Microsoft.IdentityModel.Protocols.OpenIdConnect.

However, the latest Microsoft.AspNetCore.Authentication.JwtBearer v7.0.11 package incorrectly still states that Microsoft.IdentityModel.Protocols.OpenIdConnect v6.15.1 is valid.

This is wrong in this case, as v6.15.1 isn't compatible with Identity Model 7 & its implicit dependencies.

The solution is making the Microsoft.IdentityModel.Protocols.OpenIdConnect dependency explicit and specifying v7.0.0 in your project, to override the implicit v6 package - fixing the dependency version mismatch.

This should be a temporary fix until Microsoft hopefully fix this in their upcoming package updates.

<PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="7.0.0" />

This is the most minimal set of packages that fix this issue:

<ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.11" />
    <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="7.0.0" />
    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.0.0" />
</ItemGroup>
Acme answered 17/9, 2023 at 13:1 Comment(7)
At 7.2 still not fixedZeldazelde
7.0.0 is Vulnerable github.com/advisories/GHSA-59j7-ghrg-fj52Selfdiscipline
@Selfdiscipline Not for the package override (Microsoft.IdentityModel.Protocols.OpenIdConnect); the other packages can/should be upgraded as normal - are the newer versions of the other libraries incompatible with the override?Acme
@Zeldazelde 7.2 didnt work for me unless I had Microsoft.Identity.Web.UI UpdatedSelfdiscipline
@Selfdiscipline That package isn't listed in the question but thank you :)Acme
Thanks for the detailed answer @ErmiyaEskandary , was struggling to find resolution of this issue.Giesecke
7.5.1 and same issue still exitsts.Mantic

© 2022 - 2024 — McMap. All rights reserved.