Question

1
Replies
225
Views
ShantanuN0145 Member since 2015 3 posts
NZ Police
Posted: 1 year ago
Last activity: 1 year 2 months ago
Closed

JSON Web Token is not validated correctly despite being correct

Hi Everyone,

We are generating a JSON Web Token using the Generation Token Profile and sending it to the front end.

For every subsequent service calls from the front end we are receiving the same generated token for validation.

The issue is sometime pega is able to process the token using the Processing Token profile and sometimes it fails.

This is issue is happening irregularly and after debugging and tracing we notice the claims under the processing token are not getting mapped on to the clipboard and the logs show something like following:

Unable to process the Json Web Token
com.pega.pegarules.pub.PRRuntimeException: JSON web token is rejected during signature verification due to bad signature : Expired JWT
at com.pega.pegarules.integration.engine.internal.security.jwt.NimbusJWTProcessor.verifySignedJSONWebToken(NimbusJWTProcessor.java:588) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.security.jwt.NimbusJWTProcessor.validateSignedJWT(NimbusJWTProcessor.java:554) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.security.jwt.NimbusJWTProcessor.processGeneratedJsonWebToken(NimbusJWTProcessor.java:421) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.security.jwt.JWTUtilsImpl.processJSONWebToken(JWTUtilsImpl.java:210) ~[printegrint.jar:?]
at com.pegarules.generated.activity.ra_action_pxprocessjwt_b0ef86dd175b625d97616556f8dcb044.step3_circum0(ra_action_pxprocessjwt_b0ef86dd175b625d97616556f8dcb044.java:374) ~[?:?]
at com.pegarules.generated.activity.ra_action_pxprocessjwt_b0ef86dd175b625d97616556f8dcb044.perform(ra_action_pxprocessjwt_b0ef86dd175b625d97616556f8dcb044.java:108) ~[?:?]
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3597) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10845) ~[prprivate.jar:?]
at com.pegarules.generated.activity.ra_action_validatejwt_cf6c4e265daba181f2048adb3c180c55.step6_circum0(ra_action_validatejwt_cf6c4e265daba181f2048adb3c180c55.java:616) ~[?:?]
at com.pegarules.generated.activity.ra_action_validatejwt_cf6c4e265daba181f2048adb3c180c55.perform(ra_action_validatejwt_cf6c4e265daba181f2048adb3c180c55.java:170) ~[?:?]
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3597) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.mgmt.Executable.invokeActivity(Executable.java:10845) ~[prprivate.jar:?]
at com.pegarules.generated.activity.ra_action_getptibbankruptadminscases_21c42cb9323c57c636d30920baccd8e9.step5_circum0(ra_action_getptibbankruptadminscases_21c42cb9323c57c636d30920baccd8e9.java:633) ~[?:?]
at com.pegarules.generated.activity.ra_action_getptibbankruptadminscases_21c42cb9323c57c636d30920baccd8e9.perform(ra_action_getptibbankruptadminscases_21c42cb9323c57c636d30920baccd8e9.java:145) ~[?:?]
at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:3597) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.mgmt.base.ThreadRunner.runActivitiesAlt(ThreadRunner.java:646) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.mgmt.PRThreadImpl.runActivitiesAlt(PRThreadImpl.java:481) ~[prprivate.jar:?]
at com.pega.pegarules.integration.engine.internal.RuleExecutionUtils.runServiceActivity(RuleExecutionUtils.java:436) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.services.ServiceAPI.runActivities(ServiceAPI.java:1946) ~[printegrint.jar:?]
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequestInner(EngineAPI.java:399) ~[prenginext.jar:?]
at sun.reflect.GeneratedMethodAccessor31.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_152]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_152]
at com.pega.pegarules.session.internal.PRSessionProviderImpl.performTargetActionWithLock(PRSessionProviderImpl.java:1338) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:1075) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.PRSessionProviderImpl.doWithRequestorLocked(PRSessionProviderImpl.java:930) ~[prprivate.jar:?]
at com.pega.pegarules.session.external.engineinterface.service.EngineAPI.processRequest(EngineAPI.java:336) ~[prenginext.jar:?]
at com.pega.pegarules.integration.engine.internal.services.StatelessServiceAPI.processRequest(StatelessServiceAPI.java:51) ~[printegrint.jar:?]
at com.pega.pegarules.integration.engine.internal.services.http.HTTPService.invoke(HTTPService.java:508) ~[printegrint.jar:?]
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl._invokeEngine_privact(EngineImpl.java:331) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:274) ~[prprivate.jar:?]
at com.pega.pegarules.session.internal.engineinterface.etier.impl.EngineImpl.invokeEngine(EngineImpl.java:251) ~[prprivate.jar:?]
at com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngineInner(JNDIEnvironment.java:278) ~[prpublic.jar:?]
at com.pega.pegarules.priv.context.JNDIEnvironment.invokeEngine(JNDIEnvironment.java:223) ~[prpublic.jar:?]
at com.pega.pegarules.web.impl.WebStandardImpl.makeEtierRequest(WebStandardImpl.java:678) ~[prwebj2ee.jar:?]
at com.pega.pegarules.web.impl.WebStandardImpl.doPost(WebStandardImpl.java:390) ~[prwebj2ee.jar:?]
at sun.reflect.GeneratedMethodAccessor30.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_152]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_152]
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethod(PRBootstrap.java:370) ~[prbootstrap-7.3.1-218.jar:7.3.1-218]
at com.pega.pegarules.internal.bootstrap.PRBootstrap.invokeMethodPropagatingThrowable(PRBootstrap.java:411) ~[prbootstrap-7.3.1-218.jar:7.3.1-218]
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethodPropagatingThrowable(AppServerBridgeToPega.java:224) ~[prbootstrap-api-7.3.1-218.jar:7.3.1-218]
at com.pega.pegarules.boot.internal.extbridge.AppServerBridgeToPega.invokeMethod(AppServerBridgeToPega.java:273) ~[prbootstrap-api-7.3.1-218.jar:7.3.1-218]
at com.pega.pegarules.internal.web.servlet.WebStandardBoot.doPost(WebStandardBoot.java:129) ~[prbootstrap-api-7.3.1-218.jar:7.3.1-218]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) ~[jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar!/:1.0.0.Final-redhat-1]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) ~[jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar!/:1.0.0.Final-redhat-1]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.websockets.jsr.JsrWebSocketFilter.doFilter(JsrWebSocketFilter.java:130) ~[undertow-websockets-jsr-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) ~[?:?]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) ~[?:?]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175) ~[undertow-servlet-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:792) ~[undertow-core-1.3.21.Final-redhat-1.jar!/:1.3.21.Final-redhat-1]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_152]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_152]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_152]
We have even initialized the clipboard page on which we are trying to capture the token claims however, the object is not updated with the data.
Can someone please guide us in this issue?
Thanks,
Shantanu
Data Integration
Moderation Team has archived post
Share this page LinkedIn