getting System.ObjectDisposedException: Cannot access a disposed object. Object name: 'RSA'. while using manual key management in identity server 6
Question
I'm getting this error returning from api "Cannot access a disposed object. Object name: 'RSA'" while i'm trying to use manual keymanagement for duende identity 6. When i try to create RSA parameter from code it does work but it doesn't work with private public keys.
Please tell me what's the issue in below code. Also if someone can tell me of any other way apart from this.
Code in Program.cs
// this will return signing credentials
SigningCredentials GetSigningCredentials()
{
var p = @"MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAKj/nCpvB71XiFgH
3ykjGU/8SutC680yQjqQdEGh/SDxPAncW5SfavcFSt0K/1UuyyXNc5o9RIcns2rE
4W49T0T4VIP4WhVkAQEvBc4NeLX+o9W3pj6A3dNb+M+2VzZGcFPRtkypNtgxsNJ8
s0b4pmGP9zeMzCkd3UJgCLlZOdz/AgMBAAECgYAzHUywkPB4VjdI2OioWpNXW+mV
CqKjZ6YcbICdMU+MXSpZmSqh4y3JFPK1tJPRwdtzzZY/enR1pI5hprbATw7gQUK1
1SxRIhyC70DSuX6C4dSLQBnXCUzcWokY1IB+iyftHamrtVdTK2IBS7Q9iMAUX49o
XcmDsn8vbAze6mg4YQJBAOCPDcELQtZeZAhEp7Zy4Ks2MGt3YASoDySPrJxCRn5x
WvBynmS+pDbptY7bnV9tk9pIBfxXgooUwbjqGT5WoTcCQQDAqRYhYFtk+8l8Yjmo
Fhr859U6wnjhq9BCzwtRVzPfkpYjOUeHaEJozEUtAKN2y68Aq9zNDdq6SL+9QIcP
MqZ5AkAYsAF+GKPXd3c6Cno5t7V1fTajifM3b9aCWX1LjIm9eu7ZgnBheQgKtXTt
aL2LcTuRAtwNmv1R+ug1UR9HWDTPAkAJHDXCsEbCGLHnYtGtJBZ0nRXVKHsE2NYJ
QrcbSo9WZB0bX0sFmSWCxR4EScJxDKKi2n2faKdOJcCDV3jLfC6pAkBSn5HYh1Wm
ycOUmv6MANXgrmUnmhD23hAMQeJmU4Rs6mzVXCwlJUO3EvgkONjtOUh6NFM9G2gJ
Y1AmxhQIrusw";
var privateKey = p.ToByteArray();
using RSA rsa = RSA.Create();
RSAParameters rsaKeyInfo = rsa.ExportParameters(false);
rsa.ImportPkcs8PrivateKey(privateKey, out _);
var signingCredentials = new SigningCredentials(new RsaSecurityKey(rsa), SecurityAlgorithms.RsaSha256)
{
CryptoProviderFactory = new CryptoProviderFactory { CacheSignatureProviders = false }
};
return signingCredentials;
}
builder.Services.AddIdentityServer(options =>
{
options.LicenseKey =
"xyz";
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
options.EmitStaticAudienceClaim = true;
options.KeyManagement.Enabled = false;
}).AddConfigurationStore(options => options.ConfigureDbContext = b => b.UseSqlServer(connectionString,
opt => opt.MigrationsAssembly(migrationsAssembly)))
.AddOperationalStore(options => options.ConfigureDbContext = b => b.UseSqlServer(connectionString,
opt => opt.MigrationsAssembly(migrationsAssembly)))
.AddSigningCredential(GetSigningCredentials())
.AddAspNetIdentity<ApplicationUser>();
I am trying to create jwt token using manual key management in duende identity server. I tried to do it symmetric algorithm but identity server 6 doesn't support this the only option is asymmetric now(RSA algorithm). And i want to do it using private and public key not RSA parameters.
1 answers
solution1
3 ACCPTED 2022-12-15 11:24:18
This line:
using RSA rsa = RSA.Create();
causes a call to rsa.Dispose() when returning from the GetSigningCredentials function.
This disposes of the rsa object.
Before that happens, this line:
new SigningCredentials(new RsaSecurityKey(rsa)
passes the RSA object to the SigningCredentials object that is returned from the function.
This means that the SigningCredentials object contains a reference to a disposed object and as soon as that object uses the rsa object it throws the exception.
Removing using from the first line prevents the disposal.
So use:
RSA rsa = RSA.Create();
instead.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.