Okta SDK.NET 8.1.5 Triggers a transient dependency breaking issue #745
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Describe the bug?
This is not a bug per-se, but existing applications can experience a breaking change to their application behavior, due to a mismatch in dependency versions needed by Microsoft.AspNetCore.Authentication.JwtBearer
I have documented the issue further in
dotnet/aspnetcore#57940
The normal list of dependencies for Microsoft.AspNetCore.Authentication.JwtBearer are shown here
When importing just the two updated versions of packages that were included with the 8.1.5 release, there is now a mismatch between the cooperating packages
To fix two additional packages must be referenced in the project.
What is expected to happen?
Documentation of this library may want to call out, at least on a temporary basis, the need to import additional dependencies to ensure JWTBearer token authentication does not break, if being used.
What is the actual behavior?
JWTBearer authentication fails at runtime with
IDX10500: Signature validation failed. No security keys were provided to validate the signature
Reproduction Steps?
The description is sufficient since there isn't an actual bug in the SDK code.
Additional Information?
No response
.NET Version
8.0.401
SDK Version
8.1.5
OS version
No response
The text was updated successfully, but these errors were encountered: