Return unwrapped keys if able #2812
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
JsonWebTokenHandler would only return unwrapped keys if there was no errors. This change is to align with the behavior in JwtSecurityTokenHandler, that is it returns the keys that were able to be unwrapped, and only throw if no keys were able to be unwrapped. Relates to #2695
keegan-caruso
commented
Sep 5, 2024
test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandlerTests.cs
Show resolved
Hide resolved
|
Should the logic here in JsonWebTokenHandler.DecryptToken be updated as well? |
Yeah, good idea. done. |
pmaytak
approved these changes
Sep 6, 2024
test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.DecryptTokenTests.cs
Show resolved
Hide resolved
iNinja
approved these changes
Sep 6, 2024
test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.DecryptTokenTests.cs
Outdated
Show resolved
Hide resolved
Add test case for no unwrapped keys
| } | ||
|
|
||
| if (unwrappedKeys.Count > 0 && exceptionStrings is null) | ||
| if (unwrappedKeys.Count > 0 || exceptionStrings is null) |
There was a problem hiding this comment.
Why do we care about exceptionStrings if we have found any possible keys?
| } | ||
|
|
||
| if (unwrappedKeys.Count > 0 && exceptionStrings is null) | ||
| if (unwrappedKeys.Count > 0 || exceptionStrings is null) |
There was a problem hiding this comment.
Why do we care about exceptionStrings if we have some keys?
This was referenced Aug 6, 2025
Bump Microsoft.IdentityModel.Protocols.OpenIdConnect from 8.0.1 to 8.13.0
statisticssweden/PxWeb#693
Closed
This was referenced Aug 15, 2025
Bump Microsoft.IdentityModel.Protocols.OpenIdConnect from 8.0.1 to 8.13.1
statisticssweden/PxWeb#706
Closed
This was referenced Aug 22, 2025
This was referenced Sep 3, 2025
This was referenced Sep 15, 2025
This was referenced Oct 24, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
JsonWebTokenHandler would only return unwrapped keys if there was no errors. This change is to align with the behavior in JwtSecurityTokenHandler, that is it returns the keys that were able to be unwrapped, and only throw if no keys were able to be unwrapped.
Relates to #2695