We have a Service Provider that was created in .net Core 3.1 using ComponentSpace .net core version 3.0.0
Got ComponentSpace working before in .net core but now it's throwing an exception when
await _samlServiceProvider.ReceiveSsoAsync()
is called in our ServiceProvider from the Identity Provider.
We get the error message
The key{SOMEGUID LIKE fe0c5f73-807f-438f-82de-e316cf0427d5} was not found in the key ring.
Here is the stack trace - it is thrown directly from the ComponentSpace code
Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)\n at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean& requiresMigration, Boolean& wasRevoked)\n at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)\n at Microsoft.AspNetCore.DataProtection.DataProtectionCommonExtensions.Unprotect(IDataProtector protector, String protectedData)\n at ComponentSpace.Saml2.Session.CookieSsoSessionStore.DecodeCookieValue
T(String encodedCookieValue)\n at ComponentSpace.Saml2.Session.CookieSsoSessionStore.GetCookieValue(
We are not doing anything with Data Protection APIs in our code - only ComponentSpace is using the Data Protection API. We just provide an implementation of IDistributedCache
In case it helps we have this in our
services.TryAddSingleton<IDistributedCache, MyDistributedCache>();
And MyDistributedCache has the following code (which calls an IDistributedCache implementation that stores data in Redis)
public class MyDistributedCache : IDistributedCache
{
private readonly ICacheRepository _cacheRepository;
public MyDistributedCache(ICacheRepository cacheRepository)
{
_cacheRepository = cacheRepository;
}
public byte[] Get(string key)
{
if (!_cacheRepository.TryGet(key, out byte[] value))
value = null;
return value;
}
public async Task<byte[]> GetAsync(string key, CancellationToken token = default)
{
var (found, value) = await _cacheRepository.TryGetAsync<byte[]>(key);
return found ? value : null;
}
public void Refresh(string key)
{
var value = Get(key);
Set(key, value, new DistributedCacheEntryOptions());
}
public async Task RefreshAsync(string key, CancellationToken token = default)
{
var value = await GetAsync(key, token);
await SetAsync(key, value, new DistributedCacheEntryOptions(), token);
}
public void Remove(string key)
{
_cacheRepository.Remove(key);
}
public async Task RemoveAsync(string key, CancellationToken token = default)
{
await _cacheRepository.RemoveAsync(key);
}
public void Set(string key, byte[] value, DistributedCacheEntryOptions options)
{
_cacheRepository.TryAdd(key, value);
}
public async Task SetAsync(string key, byte[] value, DistributedCacheEntryOptions options, CancellationToken token = default)
{
await _cacheRepository.TryAddAsync(key, value);
}
Read the web farm guide and it said as long as IDistributedCache can be resolved everything should work.
It seems like this was working earlier - what should we do to fix this issue?