React to IdentityModel breaking change.

2016-01-26 14:28:49 -08:00 · 2016-01-26 14:28:49 -08:00 · 9c41eb958e
parent a1aeb4313e
commit 9c41eb958e
1 changed files with 1 additions and 1 deletions
--- a/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
+++ b/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
@ -511,7 +511,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect

            // no need to validate signature when token is received using "code flow" as per spec [http://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation].
            var validationParameters = Options.TokenValidationParameters.Clone();
-            validationParameters.ValidateSignature = false;
+            validationParameters.RequireSignedTokens = false;

            ticket = ValidateToken(tokenEndpointResponse.IdToken, message, properties, validationParameters, out jwt);