Attempts to use WSBO rule produces cannot be cast to class java.lang.String error

Identity Security Cloud (ISC) ISC Discussion and Questions
1

Regardless of how minimal I make the rule, and even if I use the default “Before Operation Rule Template for Web Services Connector” I always get this error:

Details:
This source couldn’t be connected due to an error.
class sailpoint.tools.xml.PersistentHashMap cannot be cast to class java.lang.String (sailpoint.tools.xml.PersistentHashMap is in unnamed module of loader ‘app’; java.lang.String is in module java.base of loader ‘bootstrap’).

This rule is attached as a WSBO rule on a Custom Authentication source (attempting to authenticate to Google APIs for Ad Manager / DFP).

Looking at ccg.log hasn’t helped.

Note, this is my first attempt at rules.
Thanks for the help.

2

Can you please share the WSBO code(after removing all sensitive/client specific data) that will help to find out the cause of the error you are seeing?

3

Thank you for your assistance. The error seems to happen regardless of the rule I try, but below is the one I expected to work (at least I think it is the one, as I have gone through many iterations) - sensitive data has been removed/truncated/replaced:

{
    "description": "This rule is used by the Web Services connector before performing any operation like testconnection, aggregation, etc.",
    "type": "WebServiceBeforeOperationRule",
    "signature": {
        "input": [
            {
                "name": "application",
                "description": "The application whose data file is being processed.",
                "type": null
            },
            {
                "name": "requestEndPoint",
                "description": "The current request information contain header, body, context url, method type, response attribute map, successful response code",
                "type": null
            },
            {
                "name": "oldResponseMap",
                "description": "earlier response object ",
                "type": null
            },
            {
                "name": "restClient",
                "description": "REST Client Object",
                "type": null
            }
        ],
        "output": {
            "name": "EndPoint",
            "description": "Updated EndPoint Object",
            "type": null
        }
    },
    "sourceCode": {
        "version": "1.0",
        "script": "import org.bouncycastle.jce.provider.BouncyCastleProvider;\r\nimport org.bouncycastle.util.io.pem.PemObject;\r\nimport org.bouncycastle.util.io.pem.PemReader;\r\nimport org.jose4j.jws.JsonWebSignature;\r\nimport org.jose4j.jwt.JwtClaims;\r\nimport org.jose4j.lang.JoseException;\r\nimport org.json.JSONException;\r\nimport org.json.JSONObject;\r\nimport com.squareup.okhttp.OkHttpClient;\r\nimport com.squareup.okhttp.Request;\r\nimport com.squareup.okhttp.RequestBody;\r\nimport com.squareup.okhttp.Response;\r\nimport java.io.BufferedReader;\r\nimport java.io.IOException;\r\nimport java.io.InputStream;\r\nimport java.io.InputStreamReader;\r\nimport java.io.OutputStream;\r\nimport java.io.StringReader;\r\nimport java.net.HttpURLConnection;\r\nimport java.net.URL;\r\nimport java.security.KeyFactory;\r\nimport java.security.NoSuchAlgorithmException;\r\nimport java.security.interfaces.RSAPrivateKey;\r\nimport java.security.spec.InvalidKeySpecException;\r\nimport java.security.spec.PKCS8EncodedKeySpec;\r\nimport java.time.Instant;\r\nimport java.time.temporal.ChronoUnit;\r\nimport java.util.Map;\r\nimport org.apache.http.client.*;\r\nimport org.apache.http.client.methods.HttpPost;\r\nimport org.apache.http.HttpResponse;\r\nimport org.apache.http.impl.client.*;\r\n\r\n\r\npublic String generateToken() throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, JoseException {\r\n    \r\n    java.security.Security.addProvider(new BouncyCastleProvider());\r\n\r\n    // Creating instance of PEM reader to get the Secret Key\r\n    PemReader pemReader = new PemReader(new StringReader(SECRET_KEY));\r\n    PemObject pemObject;\r\n    pemObject = pemReader.readPemObject();\r\n\r\n    //Getting the RSA instance for KeyFactory\r\n    KeyFactory factory = KeyFactory.getInstance(\"RSA\");\r\n    byte[] content = pemObject.getContent();\r\n    PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(content);\r\n    RSAPrivateKey privateKey = (RSAPrivateKey) factory.generatePrivate(privKeySpec);\r\n    log.debug(\"Custom Authentication : ----------------------------------------------RSA PRIVATE KEY DONE------------------------------------------------------\");\r\n\r\n    //Getting the Unix time for UTC\r\n    long unixTime = Instant.now().getEpochSecond();\r\n    //Adding a minute to Unix time UTC\r\n    long unixTime1 = Instant.now().plus(1, ChronoUnit.MINUTES).getEpochSecond();\r\n    \r\n    JwtClaims claims = new JwtClaims();\r\n    claims.setClaim(\"iss\",\"[email protected]\");\r\n    claims.setClaim(\"aud\",\"https://oauth2.googleapis.com/token\");\r\n    claims.setClaim(\"scope\",\"https://www.googleapis.com/auth/dfp\");\r\n    claims.setClaim(\"iat\",unixTime);\r\n    claims.setClaim(\"exp\",unixTime1);\r\n        \r\n    JsonWebSignature jws = new JsonWebSignature();\r\n    jws.setDoKeyValidation(false);\r\n    jws.setPayload(claims.toJson());\r\n    jws.setKey(privateKey);\r\n    jws.setAlgorithmHeaderValue(\"RS256\");\r\n    return jws.getCompactSerialization();\r\n\t}\r\n\r\n\r\n\tprivate  String jsonObjectCreator( String token) throws JSONException {\r\n    log.debug(\"Custom Auth Rule : Inside jsonObjectCreator()\" );\r\n    JSONObject obj=new JSONObject();\r\n    obj.put(\"grant_type\", \"urn:ietf:params:oauth:grant-type:jwt-bearer\");\r\n    obj.put(\"assertion\", token);\r\n      \r\n    String json = obj.toString();\r\n    log.debug(\"Custom Auth Rule : The json object is \" +  json.toString() );\r\n    return json;\r\n\t}\r\n\t\r\n\r\n// MAIN\r\n\r\nlog.debug(\"Custom Authentication : ----------------------------------------------RULE STARTED------------------------------------------------------\");\r\nlog.debug(\"Custom Authentication : Rule Started\");\r\n\r\nprivate static String SECRET_KEY = \"-----BEGIN PRIVATE KEY-----\nMIIE...\nRWZEi...\nVkzqI...\nrqma......\n-----END PRIVATE KEY-----\n\";\r\n\r\nString token= \"\";\r\nString jsonBody =\"\";\r\nString access_token=\"\";\r\nlog.debug(\"Custom Authentication : ----------------------------------------------1st BodyMap------------------------------------------------------\");\r\n\r\ntry {\r\n  token = generateToken();\r\n  String url = url = \"https://oauth2.googleapis.com/token?grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=\" + token;\r\n}catch (JoseException e) {\r\n  log.debug(\"Custom Auth Rule : Exception occurred : \" + e.toString());\r\n} catch (NoSuchAlgorithmException e) {\r\n  log.debug(\"Custom Auth Rule : Exception occurred : \" + e.toString());\r\n} catch (InvalidKeySpecException e) {\r\n  log.debug(\"Custom Auth Rule : Exception occurred : \" + e.toString());\r\n} catch (IOException e) {\r\n  log.debug(\"Custom Auth Rule : Exception occurred : \" + e.toString());\r\n}catch (JSONException e) {\r\n  log.debug(\"Custom Auth Rule : Exception occurred : \" + e.toString());\r\n}finally {\r\n  requestEndPoint.setFullUrl(url);\r\n  log.debug(\"Custom Authentication : ----------------------------------------------AUTHORIZATION SET------------------------------------------------------\");\r\n  log.debug(\"Custom Authentication : In Finally block \" + requestEndPoint);\r\n  return requestEndPoint;\r\n}"
    },
    "attributes": {
        "sourceVersion": "1.0"
    },
    "id": "42baa8dcf127469c99683bf07de2ad22",
    "name": "GAM Custom Authentication",
    "created": "2023-07-12T18:16:23.359Z",
    "modified": "2023-08-31T19:43:48.766Z"
}
4

UPDATE: The issue has been resolved and was related to an old/improper method of attaching the rule to the source.

1 Like
5

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.