diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml
index 1e062867fae0..5794d7ea0681 100644
--- a/eng/Version.Details.xml
+++ b/eng/Version.Details.xml
@@ -185,9 +185,9 @@
https://github.com/dotnet/runtime
5d54b08d5fc40d0b1c156f430a487a94c1e34f79
-
+
https://github.com/dotnet/source-build-externals
- ac076c101e6fe5e8fbfbd0a0ab878bd3313d9138
+ 844e2cd86e7525d7eb32358e63a0c554187eb26b
diff --git a/eng/Versions.props b/eng/Versions.props
index c6f87d65fcc7..b005e112e16c 100644
--- a/eng/Versions.props
+++ b/eng/Versions.props
@@ -163,7 +163,7 @@
8.0.0-beta.23328.1
- 8.0.0-alpha.1.23329.1
+ 8.0.0-alpha.1.23368.1
8.0.0-alpha.1.23356.4
diff --git a/src/SignalR/clients/csharp/Client/test/FunctionalTests/Startup.cs b/src/SignalR/clients/csharp/Client/test/FunctionalTests/Startup.cs
index 91286fa5378d..b20a20325aa2 100644
--- a/src/SignalR/clients/csharp/Client/test/FunctionalTests/Startup.cs
+++ b/src/SignalR/clients/csharp/Client/test/FunctionalTests/Startup.cs
@@ -5,6 +5,7 @@
using System.IdentityModel.Tokens.Jwt;
using System.IO;
using System.Security.Claims;
+using System.Security.Cryptography;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authentication.Negotiate;
using Microsoft.AspNetCore.Authorization;
@@ -21,7 +22,7 @@ namespace Microsoft.AspNetCore.SignalR.Client.FunctionalTests;
public class Startup
{
- private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(Guid.NewGuid().ToByteArray());
+ private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(SHA256.HashData(Guid.NewGuid().ToByteArray()));
private readonly JwtSecurityTokenHandler JwtTokenHandler = new JwtSecurityTokenHandler();
public void ConfigureServices(IServiceCollection services)
diff --git a/src/SignalR/clients/ts/FunctionalTests/Startup.cs b/src/SignalR/clients/ts/FunctionalTests/Startup.cs
index 9182753d6a2e..2dda5dc55538 100644
--- a/src/SignalR/clients/ts/FunctionalTests/Startup.cs
+++ b/src/SignalR/clients/ts/FunctionalTests/Startup.cs
@@ -5,6 +5,7 @@
using System.IdentityModel.Tokens.Jwt;
using System.Reflection;
using System.Security.Claims;
+using System.Security.Cryptography;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.Http.Connections;
@@ -19,7 +20,7 @@ namespace FunctionalTests;
public class Startup
{
- private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(Guid.NewGuid().ToByteArray());
+ private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(SHA256.HashData(Guid.NewGuid().ToByteArray()));
private readonly JwtSecurityTokenHandler JwtTokenHandler = new JwtSecurityTokenHandler();
private int _numRedirects;
diff --git a/src/SignalR/common/Http.Connections/test/HttpConnectionDispatcherTests.cs b/src/SignalR/common/Http.Connections/test/HttpConnectionDispatcherTests.cs
index f083e9b6b897..d0ecdcf21560 100644
--- a/src/SignalR/common/Http.Connections/test/HttpConnectionDispatcherTests.cs
+++ b/src/SignalR/common/Http.Connections/test/HttpConnectionDispatcherTests.cs
@@ -10,6 +10,7 @@
using System.Net.Http;
using System.Net.WebSockets;
using System.Security.Claims;
+using System.Security.Cryptography;
using System.Security.Principal;
using System.Text;
using Microsoft.AspNetCore.Authentication;
@@ -2988,7 +2989,7 @@ public async Task ConnectionClosedRequestedTriggeredOnAuthExpiration()
[InlineData(HttpTransportType.WebSockets)]
public async Task AuthenticationExpirationSetOnAuthenticatedConnectionWithJWT(HttpTransportType transportType)
{
- SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(Guid.NewGuid().ToByteArray());
+ SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(SHA256.HashData(Guid.NewGuid().ToByteArray()));
JwtSecurityTokenHandler JwtTokenHandler = new JwtSecurityTokenHandler();
using var host = CreateHost(services =>
@@ -3150,7 +3151,7 @@ public async Task AuthenticationExpirationSetOnAuthenticatedConnectionWithCookie
[InlineData(HttpTransportType.WebSockets)]
public async Task AuthenticationExpirationUsesCorrectScheme(HttpTransportType transportType)
{
- var SecurityKey = new SymmetricSecurityKey(Guid.NewGuid().ToByteArray());
+ var SecurityKey = new SymmetricSecurityKey(SHA256.HashData(Guid.NewGuid().ToByteArray()));
var JwtTokenHandler = new JwtSecurityTokenHandler();
using var host = CreateHost(services =>
diff --git a/src/SignalR/samples/JwtSample/Startup.cs b/src/SignalR/samples/JwtSample/Startup.cs
index 18b1ae21ea35..cefde00a4cd0 100644
--- a/src/SignalR/samples/JwtSample/Startup.cs
+++ b/src/SignalR/samples/JwtSample/Startup.cs
@@ -11,7 +11,7 @@ namespace JwtSample;
public class Startup
{
- private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(RandomNumberGenerator.GetBytes(16));
+ private readonly SymmetricSecurityKey SecurityKey = new SymmetricSecurityKey(RandomNumberGenerator.GetBytes(32));
private readonly JwtSecurityTokenHandler JwtTokenHandler = new JwtSecurityTokenHandler();
public void ConfigureServices(IServiceCollection services)