Migration To NET6

Question

I tried to migrate my ASP CORE project to NET6 My project uses next packages

IdentityServer4.AccessTokenValidation - 3.0.1

IdentityModel.AspNetCore.OAuth2Introspection - 4.0.1

IdentityModel - 5.2.0

The build of project is success. But when I run application I get error

MissingMethodException: Method not found: 'IdentityModel.Client.DiscoveryEndpoint IdentityModel.Client.DiscoveryEndpoint.ParseUrl(System.String)'.
IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationOptions.ConfigureJwtBearer(JwtBearerOptions jwtOptions)
IdentityServer4.AccessTokenValidation.ConfigureInternalOptions.Configure(string name, JwtBearerOptions options)
Microsoft.Extensions.Options.OptionsFactory<TOptions>.Create(string name)
Microsoft.Extensions.Options.OptionsMonitor<TOptions>+<>c__DisplayClass10_0.<Get>b__0()

Anybody had this issue ?

score 15 · Answer 1 · edited Jan 04 '23 at 14:28

Roman's answer is correct, we can fix it by doing the IdentityModel downgrade, but another way to fix that issue is by replacing the IdentityServer4.AccessTokenValidation by Microsoft.AspNetCore.Authentication.JwtBearer, and we can change a little bit the token validation, using IdentityServer4.AccessTokenValidation we were doing the validation like this:

services
    .AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
    .AddIdentityServerAuthentication(
        options =>
        {
            options.Authority = configuration["Authentication:Authority"];
            options.ApiName = configuration["Authentication:ApiName"];
        });

Now we can do the token validation using the Microsoft.AspNetCore.Authentication.JwtBearer like that:

services
    .AddAuthentication(options =>
    {
        options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    })
    .AddJwtBearer(options =>
    {
        options.Authority = configuration["Authentication:Authority"];
        options.RequireHttpsMetadata = false;
        options.TokenValidationParameters.ValidAudiences = new List<string>() { configuration["Authentication:ApiName"] };
    });

score 12 · Accepted Answer · edited Nov 25 '22 at 17:20

12

I investigated this problem and found cause. I used IdentityModel V 4,2,2 before update. When I update my project to NET 6, IdentityModel was upgrated to version 5.2.0. The difference between IdentityModel V 4,2,2 and IdentityModel version 5.2.0 was in signature method.

public static DiscoveryEndpoint ParseUrl(string input, string path = null) version 5,2,0
public static DiscoveryEndpoint ParseUrl(string input) version 4,2,2

So we see that in new version default parameter was added. But this method is called by method from IdentityServer4.AccessTokenValidation package. And this package was not compiled to call updated ParseUrl function.

See this topic about this problem c# method with default parameter value does not generate overload without parameter?

edited Nov 25 '22 at 17:20

Dan Beaulieu

19,406
19
101
135

answered Nov 17 '21 at 06:48

Roman

371
2
3
15

Did you end up solving the issue? If so, how? – Jon Halliday Nov 30 '21 at 13:46
1

@JonHalliday YEs. I solved. I did not update IdentityModel package from 4.2.2. Just stayed old version – Roman Dec 01 '21 at 14:18
3

Yeah, I had this same thing as well. Have to roll back IdentityModel to 4.6 (the latest 4.x.x) to get it working – Mark McGookin Dec 06 '21 at 12:17
So, for now, the only solution is to use a version lower than 5, right? I'm thinking why they didn't fix that problem, the IdentityModel lib is now in the version 6 and the error is still ocurring – Matheus Xavier Jan 26 '22 at 00:25
i was able to use `IdentityModel 5.1.1`. it seems `5.2.0` is the one that stops supporting `IdentityServer4.AccessTokenValidation 3.0.1` – Mario Torres Aug 01 '22 at 19:13
In my case, I upgrade to asp net core 7.0, but IdentityModel >=5.2.0 is not working. – Varsh Jul 25 '23 at 11:03

score 3 · Answer 3 · answered Jan 31 '22 at 12:03

IdentityServer4.AccessTokenValidation library is deprecated, and hence does not have a version, which is compiled against IdentityModel version 5.2.0.

You should use the new approach described in https://leastprivilege.com/2020/07/06/flexible-access-token-validation-in-asp-net-core/

score 1 · Answer 4 · answered Apr 16 '23 at 09:28

I think you can try with IdentityModel.AspNetCore.OAuth2Introspection 6.2.0. It's working for me when I migrate IdentityServer4.AccessTokenValidation to .Net 6 Web API.

Configuration:

services.AddAuthentication(OAuth2IntrospectionDefaults.AuthenticationScheme)
    .AddOAuth2Introspection(options =>
    {
        options.Authority = "https://base_address_of_token_service";

        options.ClientId = "client_id_for_introspection_endpoint";
        options.ClientSecret = "client_secret_for_introspection_endpoint";
    })

Please find more details at https://github.com/IdentityModel/IdentityModel.AspNetCore.OAuth2Introspection

Nuget : https://www.nuget.org/packages/IdentityModel.AspNetCore.OAuth2Introspection/6.2.0?_src=template

Migration To NET6

4 Answers4