Microsoft.Agents.Authentication.Msal: AddJwtBearer should returns JsonWebToken

[karamem0]

Version

What package version of the SDK are you using.

• Nuget package version: 0.1.26.29702
• dll product version: 0.1.26+7406fcd041

Describe the bug
I got HTTP 401 error after setting up authentication as per the README.md instructions.

IDX10506: Signature validation failed. The user defined 'Delegate' specified on TokenValidationParameters did not return a 'Microsoft.IdentityModel.JsonWebTokens.JsonWebToken', but returned a 'System.IdentityModel.Tokens.Jwt.JwtSecurityToken' when validating token

https://learn.microsoft.com/en-us/dotnet/core/compatibility/aspnet-core/8.0/securitytoken-events

To Reproduce

1. Imprement a bot authentication.
2. Add AddMicrosoftIdentityWebApiAuthentication.

• Program.cs

builder.Services.AddMicrosoftIdentityWebApiAuthentication(configuration, "AzureAd", "WebApiAuthencation");
builder.Services.AddBotAuthentication(configuration, "BotAuthentication");

• ServiceCollectionExtensions.cs

public static void AddBotAspNetAuthentication(this IServiceCollection services, IConfiguration configuration, string jwtSchemaName, string botConnectionConfig = "Connections:BotServiceConnection:Settings")
{
    ...
    .AddJwtBearer(jwtSchemaName, options =>
    ...

• BotController.cs

[ApiController()]
[Authorize(AuthenticationSchemes = "BotAuthentication")]
[Route("api/messages")]
public class BotController(IBotHttpAdapter adapter, IBot bot) : ControllerBase
{

    private readonly IBotHttpAdapter adapter = adapter;

    private readonly IBot bot = bot;

    [HttpPost()]
    public async Task PostAsync()
    {
        await this.adapter.ProcessAsync(this.Request, this.Response, this.bot);
    }

}

• TokenController.cs

[ApiController()]
[Authorize(AuthenticationSchemes = "WebApiAuthencation")]
[Route("api/token")]
public class TokenController(IConfiguration configuration) : ControllerBase
{

    private readonly IConfiguration configuration = configuration;

    [HttpGet()]
    public async Task<IActionResult> GetAsync()
    {
        return await Task.Run<IActionResult>(() =>
        {
            var token = this.configuration.GetValue<string>("AzureBot:DirectLineToken");
            if (token is null)
            {
                return this.BadRequest();
            }
            return this.Ok(new TokenResponse()
            {
                Token = token
            });
        });
    }

}

Expected behavior
AddJwtBearer should return instead JsonWebToken of JwtSecurityToken.

    .AddJwtBearer(options =>
    {
        options.SaveToken = true;
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateIssuer = true,
            ValidateAudience = true,
            ValidateLifetime = true,
            ClockSkew = TimeSpan.FromMinutes(5),
            ValidIssuers = validTokenIssuers,
            ValidAudience = configuration[$"{botConnectionConfig}:ClientId"],
            RequireSignedTokens = true,
-           SignatureValidator = (token, parameters) => new JwtSecurityToken(token),
+           SignatureValidator = (token, parameters) => new JsonWebToken(token),
        };
    });

Screenshots
N/A

Hosting Information (please complete the following information):

• How are you Hosting this: Azure
• Are you deploying: AppServices
• Are you using Azure Bot Services: Yes
• What Client are you using: WebChat
• What .net version is your build in: .NET 8

Additional context
Add any other context about the problem here.

[tracyboehrer]

@karamem0 The next push to this repo includes a number of changes around JWT token authentication. The version in main is not validating the signature properly at all. The next version will contains a Microsoft compliant way of handling it.