adjust error message (#3482)

westin-m · web-flow · commit d0bdcea5c5cc · 2026-05-12T08:53:48.000-07:00
diff --git a/src/Microsoft.IdentityModel.Tokens/Experimental/Validation/Validators.SignatureKey.cs b/src/Microsoft.IdentityModel.Tokens/Experimental/Validation/Validators.SignatureKey.cs
@@ -79,7 +79,6 @@ public static ValidationResult<ValidatedSignatureKey, ValidationError> ValidateS
                     nameof(validationParameters),
                     ValidationError.GetCurrentStackFrame());
 
-            // TODO error message IDX10253 is not correct and needs adjusting.
             if (securityKey == null)
                 return new SignatureKeyValidationError(
                     new MessageDetail(LogMessages.IDX10253, nameof(securityKey)),
diff --git a/src/Microsoft.IdentityModel.Tokens/LogMessages.cs b/src/Microsoft.IdentityModel.Tokens/LogMessages.cs
@@ -74,7 +74,7 @@ internal static class LogMessages
         public const string IDX10250 = "IDX10250: The associated certificate is valid. ValidFrom (UTC): '{0}', Current time (UTC): '{1}'.";
         public const string IDX10251 = "IDX10251: The associated certificate is valid. ValidTo (UTC): '{0}', Current time (UTC): '{1}'.";
         public const string IDX10252 = "IDX10252: RequireSignedTokens property on ValidationParameters is set to false and the issuer signing key is null. Exiting without validating the issuer signing key.";
-        public const string IDX10253 = "IDX10253: RequireSignedTokens property on ValidationParameters is set to true, but the issuer signing key is null.";
+        public const string IDX10253 = "IDX10253: Signature key validation failed. The security key is null. A valid signing key is required for validation.";
         public const string IDX10254 = "IDX10254: '{0}.{1}' failed. The virtual method '{2}.{3}' returned null. If this method was overridden, ensure a valid '{4}' is returned.";
         public const string IDX10255 = "IDX10255: TypeValidator property on ValidationParameters is null and ValidTypes is either null or empty. Exiting without validating the token type.";
         public const string IDX10256 = "IDX10256: Unable to validate the token type. TokenValidationParameters.ValidTypes is set, but the 'typ' header claim is null or empty.";
diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/SigningKeyValidationResultTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/SigningKeyValidationResultTests.cs
@@ -60,7 +60,6 @@ public static TheoryData<SigningKeyValidationTheoryData> InvalidTestCases
 
                 return new TheoryData<SigningKeyValidationTheoryData>
                 {
-                    // TODO Error message IDX10253 message is not accurate.
                     new SigningKeyValidationTheoryData("SecurityKeyIsNull")
                     {
                         ExpectedException = ExpectedException.SecurityTokenInvalidSigningKeyException(substringExpected: "IDX10253:"),

Original file line number	Diff line number	Diff line change
`@@ -60,7 +60,6 @@ public static TheoryData<SigningKeyValidationTheoryData> InvalidTestCases`
`60`	`60`
`61`	`61`	`return new TheoryData<SigningKeyValidationTheoryData>`
`62`	`62`	`{`
`63`		`- // TODO Error message IDX10253 message is not accurate.`
`64`	`63`	`new SigningKeyValidationTheoryData("SecurityKeyIsNull")`
`65`	`64`	`{`
`66`	`65`	`ExpectedException = ExpectedException.SecurityTokenInvalidSigningKeyException(substringExpected: "IDX10253:"),`