Send HTTP API request While JDBC Provisioning Rule

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
1

Hello Everyone,

At the request of a customer, we need to send an HTTP request to an API that encrypts email information during the execution of a JDBC Provisioning Rule.
When I try to insert a URL into the json code, the escape sequence is not working properly. I need help with this problem.
please help me if you know how to modify the existing code or you know of a better way,

The Java code that was inserted into the JSON string

import java.util.Date;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.Statement;
import java.sql.SQLException;
import java.sql.ResultSet;
import java.sql.Types;
import java.util.List;
import java.util.Map;
import sailpoint.api.SailPointContext;
import sailpoint.connector.JDBCConnector;
import sailpoint.object.Application;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.object.ProvisioningPlan.PermissionRequest;
import sailpoint.object.ProvisioningResult;
import sailpoint.object.Schema;
import sailpoint.object.ResourceObject;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.logging.Log;
import sailpoint.tools.Util;
import java.io.*;
import java.net.*;
import java.nio.charset.StandardCharsets;
import java.util.function.Consumer;



//
// JDBC Provisioning Rule Body
//
// We will handle these cases right now: 
// 
// Account Request Create
// Account Request Modify
// Account Request Delete
// Account Lock/Unlock
// Account Enable/Disable
//
	
Date now = new Date();

log.warn("****************************************");
log.warn("Entering Provisioning Rule for JDBC System");
log.warn(" Current Time =  " + now.toString());
log.warn("****************************************");

//
// The ProvisioningResult is the return object for this type of rule. We\'ll create it here and then populate it later
//

ProvisioningResult result = new ProvisioningResult();

//
// Check if the plan is null or not, if not null, process it... 
//
if ( plan != null ) {
	log.debug("Starting the global JDBC provisioning rule name...");
	log.warn("xml : " + plan);
	List accounts = plan.getAccountRequests();
	log.debug("accounts.size() : "+accounts.size());
	String sql = "";


	// 
	//  Get all Account Requests out of the plan
	// 

	if ( ( accounts != null ) && ( accounts.size() > 0 ) ) {
	
		//
		// If the plan contains one or more account requests, we\'ll iterate through them
		//
		
		for ( AccountRequest account : accounts ) {
			
			try {			
				// 
				// All of the account operations will reside in a try block in case we have any errors, we can mark the provisioningresult as "Failed" if we have an issue.
				//

				if (AccountRequest.Operation.Create.equals(account.getOperation())) {
					//
					// CREATE Operation
					//

                    URL url = null;


                    //escape sequence did not proceed                    
                    url = new URL("http://12.123.12.123:8080/api/api.do");


                    HttpURLConnection postConnect = (HttpURLConnection) url.openConnection();
                    postConnect.setRequestMethod("POST");
                    postConnect.setDoOutput(true);
                    postConnect.setRequestProperty("Content-Type","application/json");
                    postConnect.setRequestProperty("Accept","application/json");
                    postConnect.setRequestProperty("Authorization","shbVRQR0WJxJRYirQ9356WhUQ0GvPpsefyb20ylP0oTvU=");

                    // writing post body content
                    String postBody = "email: \'"+getAttributeRequestValue(account, "EMAIL")+"\',"
                                    + "mobile: \'"+getAttributeRequestValue(account, "MOBILE_NO")+"\',";
                    byte[] input = postBody.getBytes(StandardCharsets.UTF_8);
                    postConnect.getOutputStream().write(input, 0, input.length);


                    //
                    // **Error occured right here**
                    //
                    BufferedReader reader = new BufferedReader(new InputStreamReader(postConnect.getInputStream()));
                    
                    
                    StringBuilder response = new StringBuilder();
                    reader.lines().forEach(response::append);


                    log.warn("encrypt API response: " + response);
                } 

                ...


            } catch (IOException e){
                log.warn("IOException: "+e );
            }
        }

        ...
    }
}

The error code that occurred

"message":"
result after method exit : 
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE ProvisioningResult PUBLIC \"sailpoint.dtd\" \"sailpoint.dtd\">
<ProvisioningResult status=\"failed\">
  <Errors>
    <Message key=\"java.io.FileNotFoundException: http:\/\/12.123.12.123:8080\/api\/api.do\" type=\"Error\"\/>
  <\/Errors>
<\/ProvisioningResult>
"

Thanks in advance.

2

Hi @sec_tech ! As far as I remember you should not access files or external services from rules, but I think you can achieve this with a workflow, with a Provisioning Completed trigger, followed by a Get Identity action to obtain email and mobile attributes, and a HTTP Request to send it to your web service.

2 Likes
3

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.