Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuthBearerAuthenticationHandler invalid bearer token received #362

Open
iamkarlson opened this issue Jun 23, 2020 · 4 comments
Open

OAuthBearerAuthenticationHandler invalid bearer token received #362

iamkarlson opened this issue Jun 23, 2020 · 4 comments
Milestone
Discussions

Comments

@iamkarlson
Copy link

Hi,
When I switched on logs for authentication I started receiving these messages without stating a reason why it's invalid:

w3wp[15608]: 2020-06-23 15:09:18.4038|WARN|Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationMiddleware|Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationHandler.AuthenticateCoreAsync|invalid bearer token received

However, everything works pretty well and I can get all the data from tokens and deserialize claims, etc.

What I understood from the code is that this occurs when asp.net can't properly deserialize an auth ticket from the context (https://github.com/aspnet/AspNetKatana/blob/dev/src/Microsoft.Owin.Security.OAuth/OAuthBearerAuthenticationHandler.cs#L62). Is there any chance that a proper reason specified in the message? I tried to figure out how can I do that myself but it seems that it's stuck on decrypting ticket from the binary.
@Tratcher
Copy link
Member

However, everything works pretty well and I can get all the data from tokens and deserialize claims, etc.

Were these tokens issued by the local OAuth server or from somewhere else?

How are you wiring up the middleware? UseJwtBearerAuthentication?

@iamkarlson
Copy link
Author

They are being issued by Azure B2C. Middleware configuration:

            TokenValidationParameters tvps = new TokenValidationParameters
            {
                ValidAudience = AppSettingConstant.ClientId,
                AuthenticationType = AppSettingConstant.DefaultPolicy
            };
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
            {
                AccessTokenFormat = new JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider(AppSettingConstant.WellKnownMetadata)),
            });

@Tratcher
Copy link
Member

Tratcher commented Jul 6, 2020

You're right that the layering and error reporting here isn't great. Looking through it I don't see why you'd get that error vs an exception, I don't see where the original error is suppressed. Trying it under the debugger with first chance exceptions enabled may give you a clue what the original error is and where it's being captured.

@iamkarlson
Copy link
Author

What do you mean trying it under debugger? I'm running it in the debug mode for quite a while and there's no error/exception popping up at all.

@Tratcher Tratcher added this to the Discussions milestone Sep 3, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Discussions
Development

No branches or pull requests
2 participants
@Tratcher @iamkarlson