Question

1
Replies
289
Views
Close popover
Shantanu Nalawade (ShantanuN0145)
Datacom Systems Ltd.
Pega Cosultant
Datacom Systems Ltd.
NZ
ShantanuN0145 Member since 2015 3 posts
Datacom Systems Ltd.
Posted: July 8, 2019
Last activity: July 8, 2019
Closed

JSON Web Token is not validated correctly despite being correct

Hi Everyone,

We are generating a JSON Web Token using the Generation Token Profile and sending it to the front end.

For every subsequent service calls from the front end we are receiving the same generated token for validation.

The issue is sometime pega is able to process the token using the Processing Token profile and sometimes it fails.

This is issue is happening irregularly and after debugging and tracing we notice the claims under the processing token are not getting mapped on to the clipboard and the logs show something like following:

Unable to process the Json Web Token
com.pega.pegarules.pub.PRRuntimeException: JSON web token is rejected during signature verification due to bad signature : Expired JWT
at com.pega.pegarules.integration.engine.internal.security.jwt.NimbusJWTProcessor.verifySignedJSONWebToken(NimbusJWTProcessor.java:588) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.security.jwt.NimbusJWTProcessor.validateSignedJWT(NimbusJWTProcessor.java:554) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.security.jwt.NimbusJWTProcessor.processGeneratedJsonWebToken(NimbusJWTProcessor.java:421) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.security.jwt.JWTUtilsImpl.processJSONWebToken(JWTUtilsImpl.java:210) ~[printegrint.jar:?]
at com.pegarules.generated.activity.ra_action_pxprocessjwt_b0ef86dd175b625d97616556f8dcb044.step3_circum0(ra_action_pxprocessjwt_b0ef86dd175b625d97616556f8dcb044.java:374) ~[?:?]
at com.pegarules.generated.activity.ra_action_pxprocessjwt_b0ef86dd175b625d97616556f8dcb044.perform(ra_action_pxprocessjwt_b0ef86dd175b625d97616556f8dcb044.java:108) ~[?:?]
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3597) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10845) ~[prprivate.jar:?]
at com.pegarules.generated.activity.ra_action_validatejwt_cf6c4e265daba181f2048adb3c180c55.step6_circum0(ra_action_validatejwt_cf6c4e265daba181f2048adb3c180c55.java:616) ~[?:?]
at com.pegarules.generated.activity.ra_action_validatejwt_cf6c4e265daba181f2048adb3c180c55.perform(ra_action_validatejwt_cf6c4e265daba181f2048adb3c180c55.java:170) ~[?:?]
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3597) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10845) ~[prprivate.jar:?]
at com.pegarules.generated.activity.ra_action_getptibbankruptadminscases_21c42cb9323c57c636d30920baccd8e9.step5_circum0(ra_action_getptibbankruptadminscases_21c42cb9323c57c636d30920baccd8e9.java:633) ~[?:?]
at com.pegarules.generated.activity.ra_action_getptibbankruptadminscases_21c42cb9323c57c636d30920baccd8e9.perform(ra_action_getptibbankruptadminscases_21c42cb9323c57c636d30920baccd8e9.java:145) ~[?:?]
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3597) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.mgmt.base.ThreadRunner.runActivitiesAlt(ThreadRunner.java:646) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.mgmt.PRThreadImpl.runActivitiesAlt(PRThreadImpl.java:481) ~[prprivate.jar:?]
at com.pega.pegarules.integration.engine.internal.RuleExecutionUtils.runServiceActivity(RuleExecutionUtils.java:436) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.services.ServiceAPI.runActivities(ServiceAPI.java:1946) ~[printegrint.jar:?]
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequestInner(EngineAPI.java:399) ~[prenginext.jar:?]
at sun.reflect.GeneratedMethodAccessor31.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_152]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_152]
at com.pega.pegarules.session.internal.PRSessionProviderImpl.performTargetActionWithLock(PRSessionProviderImpl.java:1338) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:1075) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:930) ~[prprivate.jar:?]
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequest(EngineAPI.java:336) ~[prenginext.jar:?]
at com.pega.pegarules.integration.engine.internal.services.StatelessServiceAPI.processRequest(StatelessServiceAPI.java:51) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.services.http.HTTPService.invoke(HTTPService.java:508) ~[printegrint.jar:?]
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl._invokeEngine_privact(EngineImpl.java:331) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:274) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:251) ~[prprivate.jar:?]
at com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngineInner(JNDIEnvironment.java:278) ~[prpublic.jar:?]
at com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngine(JNDIEnvironment.java:223) ~[prpublic.jar:?]
at com.pega.pegarules.web.impl.WebStandardImpl.makeEtierRequest(WebStandardImpl.java:678) ~[prwebj2ee.jar:?]
at com.pega.pegarules.web.impl.WebStandardImpl.doPost(WebStandardImpl.java:390) ~[prwebj2ee.jar:?]
at sun.reflect.GeneratedMethodAccessor30.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_152]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_152]
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethod(PRBootstrap.java:370) ~[prbootstrap-7.3.1-218.jar:7.3.1-218]
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethodPropagatingThrowable(PRBootstrap.java:411) ~[prbootstrap-7.3.1-218.jar:7.3.1-218]
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethodPropagatingThrowable(AppServerBridgeToPega.java:224) ~[prbootstrap-api-7.3.1-218.jar:7.3.1-218]
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethod(AppServerBridgeToPega.java:273) ~[prbootstrap-api-7.3.1-218.jar:7.3.1-218]
at com.pega.pegarules.internal.web.servlet.WebStandardBoot.doPost(WebStandardBoot.java:129) ~[prbootstrap-api-7.3.1-218.jar:7.3.1-218]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) ~[jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar!/:1.0.0.Final-redhat-1]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) ~[jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar!/:1.0.0.Final-redhat-1]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.websockets.jsr.JsrWebSocketFilter.doFilter(JsrWebSocketFilter.java:130) ~[undertow-websockets-jsr-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) ~[?:?]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) ~[?:?]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_152]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_152]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_152]
We have even initialized the clipboard page on which we are trying to capture the token claims however, the object is not updated with the data.
Can someone please guide us in this issue?
Thanks,
Shantanu
Data Integration
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.