After updating to 9.3.1, when trying to log in using OpenID (Microsoft Azure), we get this exception:
2025-08-12T07:54:13|ERROR|authserver-69f45bbbbb-g444g |authserver-69f45bbbbb-g444g\app |10.51.2.244 | |T:34 |OpenIdConnectHandler | | || |Exception occurred while processing message.
EXCEPTION: System.MissingMethodException: Method not found: 'Void Microsoft.IdentityModel.Tokens.TokenValidationResult..ctor(Microsoft.IdentityModel.Tokens.SecurityToken, Microsoft.IdentityModel.Tokens.TokenHandler, Microsoft.IdentityModel.Tokens.TokenValidationParameters, System.String, System.Collections.Generic.List`1<Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken>)'.
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.ValidateTokenUsingHandlerAsync(String idToken, AuthenticationProperties properties, TokenValidationParameters validationParameters)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
2025-08-12T07:54:13|ERROR|authserver-69f45bbbbb-g444g |authserver-69f45bbbbb-g444g\app |10.51.2.244 | |T:34 |ExceptionHandlerMiddleware | | || |An unhandled exception has occurred while executing the request.
EXCEPTION: Microsoft.AspNetCore.Authentication.AuthenticationFailureException: An error was encountered while handling the remote login.
---> System.MissingMethodException: Method not found: 'Void Microsoft.IdentityModel.Tokens.TokenValidationResult..ctor(Microsoft.IdentityModel.Tokens.SecurityToken, Microsoft.IdentityModel.Tokens.TokenHandler, Microsoft.IdentityModel.Tokens.TokenValidationParameters, System.String, System.Collections.Generic.List`1<Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken>)'.
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.ValidateTokenUsingHandlerAsync(String idToken, AuthenticationProperties properties, TokenValidationParameters validationParameters)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.InterfaceMiddlewareBinder.<>c__DisplayClass2_0.<<CreateMiddleware>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at Volo.Abp.AspNetCore.Tracing.AbpCorrelationIdMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.InterfaceMiddlewareBinder.<>c__DisplayClass2_0.<<CreateMiddleware>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.<Invoke>g__Awaited|10_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task)
Microsoft Packages are all updated, Microsoft.IdentityModel.Tokens resolved Version seems to be 8.12.1
The release notes for this Version do say they had a little accident with leaking experimental code:
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/releases/tag/8.12.1
(PR https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3259 for remediation)
I don't know if this is something in ABP to solve or upstream, but external login for us does not work in 9.3.1.
└─ Volo.Abp.AspNetCore.MultiTenancy (v9.3.1)
│ └─ Volo.Abp.AspNetCore (v9.3.1)
│ └─ Microsoft.AspNetCore.Authentication.OpenIdConnect (v9.0.8)
│ └─ Microsoft.IdentityModel.Protocols.OpenIdConnect (v8.12.0)
│ ├─ Microsoft.IdentityModel.Protocols (v8.12.0)
│ │ └─ Microsoft.IdentityModel.Tokens (v8.12.1)
│ └─ System.IdentityModel.Tokens.Jwt (v8.12.0)
│ ├─ Microsoft.IdentityModel.JsonWebTokens (v8.12.0)
│ │ └─ Microsoft.IdentityModel.Tokens (v8.12.1)
│ └─ Microsoft.IdentityModel.Tokens (v8.12.1)
11 Answer(s)
-
0
The exception you are encountering is due to a breaking change in the Microsoft.IdentityModel.Tokens package version 8.12.1, where experimental code was accidentally released and then removed in a subsequent patch. This causes a MissingMethodException when libraries (such as Microsoft.AspNetCore.Authentication.OpenIdConnect) expect the removed constructor.
To resolve this issue:
Downgrade Microsoft.IdentityModel.Tokens
Change your project's dependency to use Microsoft.IdentityModel.Tokens version 8.11.x (or any version before 8.12.1). This will restore the missing method and resolve the exception.In your .csproj or via your package manager:
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.11.2" />Clear NuGet Cache and Rebuild
After downgrading, clear your NuGet cache and perform a clean rebuild to ensure the correct version is used throughout your solution.Monitor Upstream Fixes
The issue is upstream and tracked by Microsoft. You can follow the official remediation and future releases here:Wait for ABP/Upstream Updates
Once Microsoft and/or ABP update their dependencies to a fixed version, you can safely upgrade again.
This is not an ABP-specific bug, but a result of a breaking change in a Microsoft dependency.
Sources:
- https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/releases/tag/8.12.1
- https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3259
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
-
0
Thanks AI Bot. I know how I can potentially resolve this, but it's probably something that should be handled in-product, but I'm not sure if it needs handling directly or via another dependent library.
-
0
hi
Does the
MissingMethodExceptiononly happen inAzure?Can you get the same exception in your local?
Thanks.
-
0
[maliming] said: hi
Does the
MissingMethodExceptiononly happen inAzure?Can you get the same exception in your local?
Thanks.
We are not running in Azure. This runs in Kubernetes as a Container. If you're asking if it works while logging in locally (Username/Password Authentication) - then yes, that works
-
0
hi
Does it work when signing in using OpenID on your local?
-
0
We do not have external login setup for local currently
-
0
hi
Can you resolve the problem by adding these packages with an explicit
8.12.0version?If so, It might be that the dependencies in your project are not consistent. Adding explicit packages is the solution.
Run
dotnet package list --include-prereleaseand share output.<PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="8.12.0" /> <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.12.0" /> <PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="8.12.0" />Thanks
-
0
I have now traced where the 8.12.1 version comes from. Owl.TokenWildcardIssuerValidator 2.0 :) :)
-
0
ok, you can use explicit package in your solution. Abp framework will update them to latest.
Thanks.
-
0
Yes, downgrading the package works
-
0
👍
