Unauthorized, HTTP Error Code: 401 is coming for before operation rule

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
1

I have to get admin users from zsacler end point. Using web service connector and wrote before operation for authentication and getting admin users. But facing Unauthorized, HTTP Error Code: 401.

Python script is present already available which I am replicating in before operation rule.

In the python script first authenticated session is made and that session is passed to get admin users.

Before Operation Rule:

import java.util.*;
import org.json.JSONObject;
import sailpoint.connector.webservices.EndPoint;
 public String obfuscateApiKey(String apiKey) {
	String seed = apiKey;
	long now = new Date().getTime();
	String n = Long.toString(now).substring(Long.toString(now).length() - 6);
	String r = String.format("%06d", Integer.parseInt(n) >> 1);
	StringBuilder key = new StringBuilder();
	for (int i = 0; i < n.length(); i++) {
		key.append(seed.charAt(Integer.parseInt(String.valueOf(n.charAt(i)))));
	}
	for (int j = 0; j < r.length(); j++) {
		key.append(seed.charAt(Integer.parseInt(String.valueOf(r.charAt(j))) + 2));
	}
	return key.toString();
}
//Creating authenticated session
public EndPoint authrequestEndPoint(){
	EndPoint authrequestEndPoint = new EndPoint();
	long timestamp = new Date().getTime();
	String apiKey = "";
	String apiKeyObfuscate = obfuscateApiKey(apiKey);
	log.error("apiKeyObfuscate " + apiKeyObfuscate);
	JSONObject jsonBody = new JSONObject();
	jsonBody.put("username","");
	jsonBody.put("password","");
	jsonBody.put("apiKey",apiKeyObfuscate);
	jsonBody.put("timestamp",timestamp);
	String bodyString = jsonBody.toString();
	Map bodyMap = new HashMap();
	bodyMap.put("bodyFormat", "raw");
	bodyMap.put("jsonBody", bodyString);
	log.error("jsonBody : " + jsonBody);
	log.error("bodyMap : " + bodyMap);
	authrequestEndPoint.setFullUrl("https://domain/api/v1/authenticatedSession");
	authrequestEndPoint.setHttpMethodType("POST");
	authrequestEndPoint.setBody(bodyMap);
	log.error("AuthEP " + authrequestEndPoint);
	return authrequestEndPoint;
}
//Getting the cookie from authentication endpoint and using it to get admin users
String cookie = authrequestEndPoint().getHeader().get("Set-Cookie");
log.error("AuthCookie " + cookie);
requestEndPoint.setFullUrl("https://domain/api/v1/adminUser");
Map headerMap = new HashMap();
headerMap.put("Cookie", cookie);
requestEndPoint.setHeader(headerMap);
requestEndPoint.setHttpMethodType("GET");
log.error("AdminEP " + requestEndPoint);
return requestEndPoint;

I have also tried by using /authenticatedSession as test connection operation and /adminUsers in account aggregation and using test connection as parent endpoint for account aggregation. But authentication itself is not working.

Can anyone please suggest what is getting missed?

2

Here is my theory:
In Python code from the link you shared, variable now = int(time.time() * 1000) in both createSessionCC and obfuscateApiKey.

In Python time.time() returns EPOCH time in seconds and likely to result now to have same value in both methods. However, in your code in Java you are using new Date().getTime() which returns time in milliseconds. This will result now to have different values in your 2 methods.

As the timestamp passed in the method createSessionCC (or authrequestEndPoint in your code) should have the same value as now used inside obfuscateApiKey as the server would use the same to check the original apiKey. Try to set value of now inside your authrequestEndPoint method and pass it to obfuscateApiKey to be used as now instead of creating a new variable there

3

Thanks @iamology for the suggestion. I tried this, have tried earlier as well.
Thing is when first time place the updated code and i click on test connection it works on next click gives 401.
Here I have removed the part to get admin user just doing authentication and this rule is attached with test connection operation.

import java.util.*;
import org.json.JSONObject;
import sailpoint.connector.webservices.EndPoint;
public String obfuscateApiKey(String apiKey,String timestamp) {
String seed = apiKey;
long now = new Date().getTime();
String n = timestamp.substring(timestamp.length() - 6);
String r = String.format("%06d", Integer.parseInt(n) >> 1);
StringBuilder key = new StringBuilder();
for (int i = 0; i < n.length(); i++) {
key.append(seed.charAt(Integer.parseInt(String.valueOf(n.charAt(i)))));
}
for (int j = 0; j < r.length(); j++) {
key.append(seed.charAt(Integer.parseInt(String.valueOf(r.charAt(j))) + 2));
}
return key.toString();
}
long timestamp = new Date().getTime();
String timestampString = Long.toString(timestamp);
String apiKey = "";
String apiKeyObfuscate = obfuscateApiKey(apiKey, timestampString);
log.error("apiKeyObfuscate " + apiKeyObfuscate);
JSONObject jsonBody = new JSONObject();
jsonBody.put("username","");
jsonBody.put("password","");
jsonBody.put("apiKey",apiKeyObfuscate);
jsonBody.put("timestamp",timestampString);
String bodyString = jsonBody.toString();
Map bodyMap = new HashMap();
bodyMap.put("bodyFormat", "raw");
bodyMap.put("jsonBody", bodyString);
log.error("jsonBody : " + jsonBody);
log.error("bodyMap : " + bodyMap);
requestEndPoint.setFullUrl("https://domain/api/v1/authenticatedSession");
requestEndPoint.setHttpMethodType("POST");
requestEndPoint.setBody(bodyMap);
log.error("RespEP " + requestEndPoint);
return requestEndPoint;
4

Can anyone please suggest on this.

5

Can anyone please suggest on this.

6

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.