'SecurityTokenException when trying to authenticate ASPNET Core MVC app with Ws-Fed

I have an ASPNet Core 2.2 app which I'm trying to configure to use WsFed Auth for authenticating with our STS. I've added the following to startup.

  services.AddAuthentication(sharedOptions =>
            {
                sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                sharedOptions.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme;
            })
            .AddWsFederation(options =>
            {
                options.Configuration = new WsFederationConfiguration
                {
                    TokenEndpoint = Configuration["Sts:Issuer"],
                    Issuer = "FP",
                    KeyInfos = { new KeyInfo(GetStsIssuerCert(Configuration["Sts:Thumbprint"])) },

                };
                options.CallbackPath = new PathString("/Home/CallBack");
                options.ClaimsIssuer = Configuration["Sts:Issuer"];
                options.Wtrealm = Configuration["Sts:Realm"];
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidAudience = Configuration["Sts:Realm"]
                };
            })
            .AddCookie();

This works as expected when trying to hit main controller action which has "Authorize" attribute, however the User.Identity data is not populated. If I then add the following in startup.

   app.UseAuthentication();

I get the following error.

   SecurityTokenException: No token validator was found for the given token.  
Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler.HandleRemoteAuthenticateAsync()

Do I need to use UseAuthentication()?

Any help on this would be greatly appreciated.

asp.net-corews-federation


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

API Gateway Ocelot and Kubernetes

API Gateway Ocelot and Kubernetes

Using remote validation with ASP.NET Core

Unable to create an object of type 'DbContext'

automapper map interface to interface or object

Serilog set flush interval

Issue with API Versioning .NET Core 2.2 UnsupportedApiVersion

How to mock an IFormFile for a unit/integration test in ASP.NET Core?

No authentication handler is registered for the scheme 'Cookies'. The registered schemes are: Application, Bearer, ASOS

How do I solve a "view not found" exception in asp.net core mvc project

How to return a specific status code and no contents from Controller?

Why ASP Net Core 2.2 do not release memory?

How to use jquery in ASP.​NET Core

Using 'UseMvc' to configure MVC is not supported while using Endpoint Routing

How to cancel .Net Core Web API request using Angular?