This project has moved and is read-only. For the latest updates, please go here.

NullReference exception from JwtBearerAuthentication Middleware

Jun 17, 2014 at 10:34 PM
Hi All,
I am using the beta version of the JwtBearerAuthenticationMiddleware (specificially 3.0.0-beta2-30617-079-dev), and I am experiencing some issues with it. Getting the following exception from the code:
System.NullReferenceException: Object reference not set to an instance of an obj
   at Microsoft.Owin.Security.Jwt.JwtFormat.Unprotect(String protectedText)
   at Microsoft.Owin.Security.Infrastructure.AuthenticationTokenReceiveContext.D
eserializeTicket(String protectedData)
   at Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationHandler.<Authentica
Here is the configuration I am using:
 var jwtBearerOptions = new JwtBearerAuthenticationOptions()
                Realm = System.Configuration.ConfigurationManager.AppSettings["ida:Realm"],
                Provider = new OAuthBearerAuthenticationProvider(),
                IssuerSecurityTokenProviders = new [] {
                    new SymmetricKeyIssuerSecurityTokenProvider
                        issuer: System.Configuration.ConfigurationManager.AppSettings["ida:Issuer"],
                        base64Key: SymmetricKey
                AllowedAudiences = new[] { System.Configuration.ConfigurationManager.AppSettings["ida:AudienceUri"] }
httpConfiguration.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
This was working with some of the earlier nuget packages, beta1 for e.g.. So not sure what has changed.

Jun 17, 2014 at 11:18 PM
Erf, you're not very lucky with Katana's security stuff :P

Any chance you can debug JwtFormat.Protect and see exactly what's causing the NullReferenceException?
Jun 17, 2014 at 11:21 PM
Sorry, I broke it. My tester just reported the same issue. The fix should be available on the feed in about 10 minutes.
Marked as answer by masterkidan on 6/25/2014 at 5:59 PM
Jun 18, 2014 at 12:46 AM
Thanks that fixed it!.