Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Enable NativeAOT support for validating Json Web Tokens in ASP.NET #2035

Closed
1 of 2 tasks
eerhardt opened this issue Mar 15, 2023 · 2 comments
Closed
1 of 2 tasks

[Feature Request] Enable NativeAOT support for validating Json Web Tokens in ASP.NET #2035

eerhardt opened this issue Mar 15, 2023 · 2 comments
Labels
Customer reported Indicates issue was opened by customer Enhancement The issue is a new feature

Comments

@eerhardt
Copy link
Contributor

eerhardt commented Mar 15, 2023
edited
Loading

Is your feature request related to a problem? Please describe.
In .NET 8 our goal is to enable a subset of ASP.NET functionality to support publishing with NativeAOT. For more information on this goal, see Support publishing ASP.NET Core API apps with Native AOT.

One of the scenarios we are targeting is for an application to expose an HTTP API endpoint that is secured with JWT auth.
For example, an app like the following:

using System.Security.Claims;

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddAuthentication("Bearer").AddJwtBearer();
builder.Services.AddAuthorization();

var app = builder.Build();

app.MapGet("/", () => "Hello, World!");
app.MapGet("/secret", (ClaimsPrincipal user) => $"Hello {user.Identity?.Name}. My secret")
    .RequireAuthorization();

app.Run();

In order to make NativeAOT work in this application, we will need to make the JWT token validation library work with NativeAOT. See https://learn.microsoft.com/dotnet/core/deploying/native-aot/ for information on NativeAOT.

In short, we will need to address any NativeAOT and trimming warnings coming from the Microsoft.IdentityModel.* libraries when publishing an ASP.NET app for NativeAOT. Current known warnings are stemming from:

Describe the solution you'd like
I am able to publish the above ASP.NET application for NativeAOT with no warnings. The app works successfully. The app's RPS is within 5% of the same application published normally. And then app size on disk isn't bloated due to unnecessary/unused code being generated.

Describe alternatives you've considered
N/A

Additional context
N/A
@brentschmaltz brentschmaltz added Enhancement The issue is a new feature Customer reported Indicates issue was opened by customer labels Mar 20, 2023
@eerhardt eerhardt mentioned this issue Mar 20, 2023
Closed
@brentschmaltz
Copy link
Member

brentschmaltz commented Mar 21, 2023
edited
Loading

@eerhardt we will also need #2032 and have asp.net use JsonWebTokenHandler then we do not have to include JwtSecurityTokenHandler (another assembly).

eerhardt added a commit to eerhardt/azure-activedirectory-identitymodel-extensions-for-dotnet that referenced this issue Mar 21, 2023
@eerhardt
First Round of Trimming Analysis
5ffdf4a 
This enables trimming analysis on a subset of core assemblies:

* Microsoft.IdentityModel.Abstractions
* Microsoft.IdentityModel.Logging

It also enables trimming analysis for the JsonWebToken constructor. More scenarios will be analyzed in the future, as we enable more scenarios for trimming.

Contributes to AzureAD#2035
This was referenced Mar 21, 2023
Closed
Merged
@eerhardt eerhardt mentioned this issue Mar 29, 2023
Closed
2 tasks
eerhardt added a commit that referenced this issue Apr 14, 2023
@eerhardt
First Round of Trimming Analysis
0aac923 
This enables trimming analysis on a subset of core assemblies:

* Microsoft.IdentityModel.Abstractions
* Microsoft.IdentityModel.Logging

It also enables trimming analysis for the JsonWebToken constructor. More scenarios will be analyzed in the future, as we enable more scenarios for trimming.

Contributes to #2035
brentschmaltz pushed a commit that referenced this issue Apr 14, 2023
@eerhardt @brentschmaltz
First Round of Trimming Analysis
e65930f 
This enables trimming analysis on a subset of core assemblies:

* Microsoft.IdentityModel.Abstractions
* Microsoft.IdentityModel.Logging

It also enables trimming analysis for the JsonWebToken constructor. More scenarios will be analyzed in the future, as we enable more scenarios for trimming.

Contributes to #2035
@eerhardt eerhardt mentioned this issue Jul 7, 2023
Closed
@brentschmaltz
Copy link
Member

7.x is compatible with AOT

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Customer reported Indicates issue was opened by customer Enhancement The issue is a new feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@brentschmaltz @eerhardt