diff --git a/src/AspNetCore/Authentication/Authentication/src/ClickView.GoodStuff.AspNetCore.Authentication.csproj b/src/AspNetCore/Authentication/Authentication/src/ClickView.GoodStuff.AspNetCore.Authentication.csproj
index 701c5ff..7a0deb1 100644
--- a/src/AspNetCore/Authentication/Authentication/src/ClickView.GoodStuff.AspNetCore.Authentication.csproj
+++ b/src/AspNetCore/Authentication/Authentication/src/ClickView.GoodStuff.AspNetCore.Authentication.csproj
@@ -10,7 +10,7 @@
-
+
diff --git a/src/AspNetCore/Authentication/Authentication/src/TokenValidation/TokenValidator.cs b/src/AspNetCore/Authentication/Authentication/src/TokenValidation/TokenValidator.cs
index 6236105..10a36c3 100644
--- a/src/AspNetCore/Authentication/Authentication/src/TokenValidation/TokenValidator.cs
+++ b/src/AspNetCore/Authentication/Authentication/src/TokenValidation/TokenValidator.cs
@@ -67,13 +67,13 @@ public async Task ValidateLogoutTokenAsync(string logoutToken,
private async Task ValidateJwtAsync(string jwt, string? validAudience)
{
- var disco = await _discoveryCache.GetAsync();
+ var discoveryDocument = await _discoveryCache.GetAsync();
var parameters = new TokenValidationParameters
{
- ValidIssuer = disco.Issuer,
+ ValidIssuer = discoveryDocument.Issuer,
ValidAudience = validAudience,
- IssuerSigningKeys = GetSecurityKeys(disco.KeySet),
+ IssuerSigningKeys = GetSecurityKeys(discoveryDocument.KeySet),
NameClaimType = JwtClaimTypes.Name,
RoleClaimType = JwtClaimTypes.Role
@@ -85,8 +85,11 @@ private async Task ValidateJwtAsync(string jwt, string? validAu
return handler.ValidateToken(jwt, parameters, out _);
}
- private static IEnumerable GetSecurityKeys(JsonWebKeySet keySet)
+ private static IEnumerable GetSecurityKeys(JsonWebKeySet? keySet)
{
+ if (keySet is null)
+ yield break;
+
foreach (var webKey in keySet.Keys)
{
var e = Base64Url.Decode(webKey.E);