diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs
index c5d42bd84f..816b91a283 100644
--- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs
+++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs
@@ -17,7 +17,7 @@
namespace Microsoft.IdentityModel.JsonWebTokens
{
///
- /// A designed for creating and validating Json Web Tokens.
+ /// A designed for creating and validating Json Web Tokens.
/// See: https://datatracker.ietf.org/doc/html/rfc7519 and http://www.rfc-editor.org/info/rfc7515.
///
public partial class JsonWebTokenHandler : TokenHandler
@@ -38,7 +38,7 @@ public partial class JsonWebTokenHandler : TokenHandler
public static bool DefaultMapInboundClaims = false;
///
- /// Gets the Base64Url encoded string representation of the following JWT header:
+ /// Gets the Base64Url encoded string representation of the following JWT header:
/// { , }.
///
/// The Base64Url encoded string representation of the unsigned JWT header.
@@ -85,7 +85,7 @@ public static string ShortClaimTypeProperty
}
///
- /// Gets or sets the property which is used when determining whether or not to map claim types that are extracted when validating a .
+ /// Gets or sets the property which is used when determining whether or not to map claim types that are extracted when validating a .
/// If this is set to true, the is set to the JSON claim 'name' after translating using this mapping. Otherwise, no mapping occurs.
/// The default value is false.
///
@@ -104,7 +104,7 @@ public bool MapInboundClaims
}
///
- /// Gets or sets the which is used when setting the for claims in the extracted when validating a .
+ /// Gets or sets the which is used when setting the for claims in the extracted when validating a .
/// The is set to the JSON claim 'name' after translating using this mapping.
/// The default value is ClaimTypeMapping.InboundClaimTypeMap.
///
@@ -331,7 +331,7 @@ private ClaimsIdentity CreateClaimsIdentityPrivate(JsonWebToken jwtToken, TokenV
}
///
- /// Decrypts a JWE and returns the clear text
+ /// Decrypts a JWE and returns the clear text
///
/// the JWE that contains the cypher text.
/// contains crypto material.
@@ -811,7 +811,7 @@ private static JsonWebToken ValidateSignatureUsingDelegates(JsonWebToken jsonWeb
throw LogHelper.LogExceptionMessage(new SecurityTokenInvalidSignatureException(LogHelper.FormatInvariant(TokenLogMessages.IDX10505, jsonWebToken)));
if (!(validatedToken is JsonWebToken validatedJsonWebToken))
- throw LogHelper.LogExceptionMessage(new SecurityTokenInvalidSignatureException(LogHelper.FormatInvariant(TokenLogMessages.IDX10506, LogHelper.MarkAsNonPII(typeof(JsonWebToken)), LogHelper.MarkAsNonPII(validatedToken.GetType()), jsonWebToken)));
+ throw LogHelper.LogExceptionMessage(new SecurityTokenInvalidSignatureException(LogHelper.FormatInvariant(LogMessages.IDX10506, LogHelper.MarkAsNonPII(typeof(JsonWebToken)), LogHelper.MarkAsNonPII(validatedToken.GetType()), jsonWebToken)));
return validatedJsonWebToken;
}
@@ -822,7 +822,7 @@ private static JsonWebToken ValidateSignatureUsingDelegates(JsonWebToken jsonWeb
throw LogHelper.LogExceptionMessage(new SecurityTokenInvalidSignatureException(LogHelper.FormatInvariant(TokenLogMessages.IDX10505, jsonWebToken)));
if (!(validatedToken is JsonWebToken validatedJsonWebToken))
- throw LogHelper.LogExceptionMessage(new SecurityTokenInvalidSignatureException(LogHelper.FormatInvariant(TokenLogMessages.IDX10506, LogHelper.MarkAsNonPII(typeof(JsonWebToken)), LogHelper.MarkAsNonPII(validatedToken.GetType()), jsonWebToken)));
+ throw LogHelper.LogExceptionMessage(new SecurityTokenInvalidSignatureException(LogHelper.FormatInvariant(LogMessages.IDX10506, LogHelper.MarkAsNonPII(typeof(JsonWebToken)), LogHelper.MarkAsNonPII(validatedToken.GetType()), jsonWebToken)));
return validatedJsonWebToken;
}
diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/LogMessages.cs b/src/Microsoft.IdentityModel.JsonWebTokens/LogMessages.cs
index b7dd1b2519..112481aabc 100644
--- a/src/Microsoft.IdentityModel.JsonWebTokens/LogMessages.cs
+++ b/src/Microsoft.IdentityModel.JsonWebTokens/LogMessages.cs
@@ -13,6 +13,9 @@ internal static class LogMessages
{
#pragma warning disable 1591
+ // This reuses the ID of TokenLogMessages.IDX10506 to provide a message more specific to JsonWebTokens while allowing people searching the ID to search solutions provided for the old message like those at https://stackoverflow.com/questions/77515249/custom-token-validator-not-working-in-net-8
+ internal const string IDX10506 = "IDX10506: Signature validation failed. The user defined 'Delegate' specified on TokenValidationParameters did not return a '{0}', but returned a '{1}' when validating token: '{2}'. If you are using ASP.NET Core 8 or later, see https://learn.microsoft.com/en-us/dotnet/core/compatibility/aspnet-core/8.0/securitytoken-events for more details.";
+
// signature creation / validation
internal const string IDX14000 = "IDX14000: Signature validation of this JWT is not supported for: Algorithm: '{0}', SecurityKey: '{1}'.";