Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Duo REST connector issue

GauravJain
Regular Contributor III
Regular Contributor III

‎02/08/2024 05:08 AM

Hi - I am trying to setup REST connector for Duo Integration. Following is my ConnectionJSON and error message in log while clicking on "Save & Test Connection" button on REST connector UI.

ConnectionJSON

{
"authentications": {
"acctAuth": {
"authType": "BasicWithHmac",
"url": "",
"httpMethod": "POST",
"properties": {
"IKEY": "{IKEY}",
"SKEY": "{SKEY}"
},
"authError": [
"InvalidAuthenticationToken",
"AuthenticationFailed",
"Authentication_MissingOrMalformed",
"Authentication_ExpiredToken"
],
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"accessToken": "Basic {toekn generated with Basic authentication using "IKEY:SKEY"}",
"testConnectionParams": {
"http": {
"url": "https://abc.duosecurity.com/admin/v1/admins",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GET"
},
"successResponses": {
"statusCode": [
200
]
},
"successResponsePath": "",
"errors": [
"Couldn't authenticate you"
],
"errorPath": "error"
}
}
}
}

Exception message in logs

Exception in signRequest :
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--groovy.lang.GroovyRuntimeException: Ambiguous method overloading for method java.lang.String#<init>.
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--Cannot resolve which method to invoke for [null] due to overlapping prototypes between:
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--[class [B]
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--[class [C]
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--[class java.lang.String]
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.saviynt.provisoning.rest.RestProvisioningService.canonRequest(RestProvisioningService.groovy:3865)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.saviynt.provisoning.rest.RestProvisioningService.signRequest(RestProvisioningService.groovy:3835)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.saviynt.provisoning.rest.RestProvisioningService.populateHttpParamsForBasicWithHmac(RestProvisioningService.groovy:3598)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.saviynt.provisoning.rest.RestProvisioningService.populateHttpParams(RestProvisioningService.groovy:3454)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.saviynt.provisoning.rest.RestProvisioningService.testConnectionRest(RestProvisioningService.groovy:10978)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.saviynt.ecm.integration.ExternalConnectionCallService.testExternalConnection(ExternalConnectionCallService.groovy:947)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.saviynt.ecm.utility.domain.EcmConfigController$_closure21.doCall(EcmConfigController.groovy:769)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.saviynt.webservice.SaviyntRestAuthenticationFilter.doFilter(SaviyntRestAuthenticationFilter.groovy:155)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
2024-02-08T18:19:09+05:30-ecm--null-dpp2s--at java.lang.Thread.run(Thread.java:750)

 

Labels:
0 Kudos
10 REPLIES 10

rushikeshvartak
All-Star
All-Star

‎02/08/2024 05:10 AM

"successResponsePath": "responseText",


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

GauravJain
Regular Contributor III
Regular Contributor III
In response to rushikeshvartak

‎02/08/2024 05:14 AM

Hi @rushikeshvartak its a problem with "signRequest".

i have still tried your suggestion with "successResponsePath": "response", but getting same error.

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to GauravJain

‎02/08/2024 05:20 AM

Share postman response screen 

Please share curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

GauravJain
Regular Contributor III
Regular Contributor III
In response to rushikeshvartak

‎02/08/2024 05:30 AM

Its working in postman but the difference is in postman i select "Basic Auth" and then

username=IKEY

password = an HMAC signature of the request (not using SKEY directly)

In headers i pass "Date" 

but in Saviynt's REST connector i am mentioning Base64 encoded value of "IKEY:SKEY".

Is this information sufficient or do you still require curl command? not sure if i can include "postman-toekn" & "Authorization" string in curl command. 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to GauravJain

‎02/08/2024 05:32 AM

Postman for comparing json


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

GauravJain
Regular Contributor III
Regular Contributor III
In response to rushikeshvartak

‎02/08/2024 05:36 AM

Response looks like this in postman (Status=200)

{
"metadata": {
"total_objects": 20
},
"response": [
{
"admin_id": "",
"admin_units": [],
"created": ,
"email": "",
},
{
"admin_id": "",
"admin_units": [],
"created": ,
"email": "",
}
],
"stat": "OK"
}

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to GauravJain

‎02/08/2024 08:45 PM

Please share curl command [Refer https://codingnconcepts.com/postman/how-to-generate-curl-command-from-postman/ ]


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

GauravJain
Regular Contributor III
Regular Contributor III
In response to rushikeshvartak

‎02/08/2024 10:13 PM

curl -X GET \
https://abc.duosecurity.com/admin/v1/admins \
-H 'Authorization: Basic RElZR1lUUUdLV1E0OTBMUktLNE46ZjQ0YWE5MjE3M2RhOGZkOTJlY2NjOTgwNTZiYjA2MzNjZmNmODFmMA==' \
-H 'Cache-Control: no-cache' \
-H 'Date: Thu, 08 Feb 2024 13:30:17 +0000' \
-H 'Postman-Token: 2ff55d66-02c2-4727-819c-59750b0ed2d1'

0 Kudos

GauravJain
Regular Contributor III
Regular Contributor III
In response to rushikeshvartak

‎02/08/2024 11:07 PM

If i just remove "testConnectionParams" configuration then i don't see that error any more in logs?

any issue with "testConnectionParams"? is it supported for REST connector with HMAC authentication? or any other issue?

error message is just not user friendly.

0 Kudos

GauravJain
Regular Contributor III
Regular Contributor III

‎02/15/2024 12:44 AM

Hi - can someone please revert on this issue?

0 Kudos
Copyright © 2024 Khoros, LLC