Announcement

Collapse
No announcement yet.

Issue getting a response from Security Token Service

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Issue getting a response from Security Token Service

    I'm trying to use Mirth to connect to an STS to retrieve a JSON web token however I have been unsuccessful in doing so and only get a HTTP/1.1 500 Internal Server Error returned.

    When I try the interaction using Postman or curl I get a response just fine:

    e.g.

    Code:
    [[email protected] ~]# curl -X POST -G 'https://85.91.40.18:443/csp/healthshare/ldppatients/passthrough/EnsLib.REST.GenericService.cls' -d CfgItem=RestPassThrough -H 'Authorization: LHCIE-JWT eyJTdWJqZWN0SUQiOiJFU1RIIFN5c3RlbSBBY2NvdW50IiwiU3ViamVjdE9yZ2FuaXphdGlvbiI6IkVwc29tIGFuZCBTdCBIZWxpZXIgTkhTIFRydXN0IiwiU3ViamVjdE9yZ2FuaXphdGlvbklEIjoiMS4yLjMuNCIsIlN1YmplY3RSb2xlIjoiMi4xNi44NDAuMS4xMTM4ODMuMi4xLjMuNDYuMi4xLjEuMi4xLjIuNyIsIlB1cnBvc2VPZlVzZSI6IjIuMTYuODQwLjEuMTEzODgzLjIuMS4zLjQ2LjEuNS4xMDEifQ' -H 'Content-Type: application/x-www-form-urlencoded' -k
    {"access_token":"eyJ0eXAiOiJJVUEtSldUIiwia2lkIjoiRU1BSUxBRERSRVNTPW1hc3NpbWlsaWFuby5tYXNpQHRpYW5pLXNwaXJpdC5jb20sIENOPXNlcnZlcjEsIE9VPURlbW8gRW52aXJvbm1lbnQsIE89VGlhbmkgU3Bpcml0IEdtYkgsIFNUPUF1c3RyaWEsIEM9QVQiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJ1cm46b2lkOjIuMTYuODQwLjEuMTEzODgzLjIuMS4zLjQ2LjIuMS4xLjEuMS41LjEiLCJzdWIiOm51bGwsImF1ZCI6Imh0dHA6Ly9paGUuY29ubmVjdGhhdG9uLlhVQS9YLVNlcnZpY2VQcm92aWRlci1JSEUtQ29ubmVjdGF0aG9uIiwiZXhwIjoxNTIzNjE5NzIyLCJuYmYiOjE1MjM2MDUzODIsImlhdCI6MTUyMzYwNTM4MiwianRpIjoiVjJIY29vMGZ4SDdhN0czUHpZQmhYQSIsIlN1YmplY3RJRCI6IkVTVEggU3lzdGVtIEFjY291bnQiLCJTdWJqZWN0T3JnYW5pemF0aW9uIjoiRXBzb20gYW5kIFN0IEhlbGllciBOSFMgVHJ1c3QiLCJTdWJqZWN0T3JnYW5pemF0aW9uSUQiOiIxLjIuMy40IiwiSG9tZUNvbW11bml0eUlEIjoidXJuOm9pZDoyLjE2Ljg0MC4xLjExMzg4My4yLjEuMy40Ni4yLjEuMS4xLjEuNiIsIlN1YmplY3Q6Um9sZSI6W3sic3lzdGVtIjoiMi4xNi44NDAuMS4xMTM4ODMuMi4xLjMuNDYuMi4xLjEuMi4xLjIiLCJjb2RlIjoiMi4xNi44NDAuMS4xMTM4ODMuMi4xLjMuNDYuMi4xLjEuMi4xLjIuNyIsImRpc3BsYXkiOiJFeHQgRG9jdW1lbnQgU291cmNlIn1dLCJQdXJwb3NlT2ZVc2UiOlt7InN5c3RlbSI6IjIuMTYuODQwLjEuMTEzODgzLjIuMS4zLjQ2LjEuNSIsImNvZGUiOiJUUkVBVCIsImRpc3BsYXkiOiJUcmVhdG1lbnQifV19.23Lq7blGdjFWOevg_ETzlGjgEaLHENT5lzsarvl4LglSboU-dHEEFqQA9hSSjQAdW33qN6BWTuB9M7hvdWT9m0eyQUBwZa9W9jLRIVF6Jr98qQI8CuHpFPftjD2UIccjKIw6AEPE1GvYY2IVC0kLlZ3AGjl-Mx7hgKeDOL5LkAZVNsNw7qo-eWdR4U7vMCSI299cr4jgka8EJiEdpNDGwGvNe2UBFOs9c8pxs1zM9QA_aXtE-sFjeGSCYXJSAPQff8bC6gngZUqIlkj2G4rUwqFZPuCMeanrXsS40OFq-Vf53fs-3pCwRbKHzFULXV8scUg0Bz7_3O8a3W04eScM0w","token_type":"IHE-JWT"}

    I have attached the channel and a full description in the hope that somebody may spot what may be the issue.
    Attached Files

  • #2
    Hmm I think your problem is here

    Code:
    channelMap.put('jsonclaim',jsonclaimstring);
    //var encodedclaim = FileUtil.encode(new java.lang.String(jsonclaimstring).getBytes());
    var urlsafeencoder = Packages.java.util.Base64.getUrlEncoder();
    var encodedclaim = urlsafeencoder.withoutPadding().encodeToString(new java.lang.String(jsonclaimstring).getBytes());
    channelMap.put('encodedjsonclaim',encodedclaim);
    Are you trying to base64 encode the JSON Claim and send it to the API? or you are trying to URI encode it? Because those two are seperate. Below is how I URI encode using a JS function.

    Code:
    //Converts your refreshToken to a URI encoded format, essentially replacing special characters.
        encodedtoken = encodeURIComponent(refreshToken);
    HL7v2.7 Certified Control Specialist!

    Comment


    • #3
      Thank you for looking at this and appreciate your input but I have already verified that the base64 encoded claim copied from the output that my code is giving in Mirth and pasted into the curl command, and on Postman, works, and returns a response when these methods are used.

      Here is what Mirth has generated and is sending:

      Code:
      URL: https://85.91.40.18:443/csp/healthshare/ldppatients/passthrough/EnsLib.REST.GenericService.cls
      METHOD: POST
      
      [HEADERS]
      Authorization: LHCIE-JWT eyJTdWJqZWN0SUQiOiJFU1RIIFN5c3RlbSBBY2NvdW50IiwiU3ViamVjdE9yZ2FuaXphdGlvbiI6IkVwc29tIGFuZCBTdCBIZWxpZXIgTkhTIFRydXN0IiwiU3ViamVjdE9yZ2FuaXphdGlvbklEIjoiMS4yLjMuNCIsIlN1YmplY3RSb2xlIjoiMi4xNi44NDAuMS4xMTM4ODMuMi4xLjMuNDYuMi4xLjEuMi4xLjIuNyIsIlB1cnBvc2VPZlVzZSI6IjIuMTYuODQwLjEuMTEzODgzLjIuMS4zLjQ2LjEuNS4xMDEifQ
      
      [PARAMETERS]
      CfgItem: RestPassThrough
      
      [CONTENT]
      Same header in the curl command:


      Code:
      curl -X POST -G 'https://85.91.40.18:443/csp/healthshare/ldppatients/passthrough/EnsLib.REST.GenericService.cls' \
      -d CfgItem=RestPassThrough \
      -H 'Authorization: LHCIE-JWT eyJTdWJqZWN0SUQiOiJFU1RIIFN5c3RlbSBBY2NvdW50IiwiU3ViamVjdE9yZ2FuaXphdGlvbiI6IkVwc29tIGFuZCBTdCBIZWxpZXIgTkhTIFRydXN0IiwiU3ViamVjdE9yZ2FuaXphdGlvbklEIjoiMS4yLjMuNCIsIlN1YmplY3RSb2xlIjoiMi4xNi44NDAuMS4xMTM4ODMuMi4xLjMuNDYuMi4xLjEuMi4xLjIuNyIsIlB1cnBvc2VPZlVzZSI6IjIuMTYuODQwLjEuMTEzODgzLjIuMS4zLjQ2LjEuNS4xMDEifQ' \
      -H 'Content-Type: application/x-www-form-urlencoded' -k
      Last edited by seaston; 04-13-2018, 03:20 AM.

      Comment


      • #4
        Do you have to add the Content-Type: application/x-www-form-urlencoded header in mirth?

        Comment


        • #5
          I believe so. That is what their specification says and I have added the same in the curl command which works. If I change it in Mirth then I have to put something in the body and that does not work either. I've tried it.

          Comment


          • #6
            I asked because it wasn't showing it in your mirth output, but it was in your curl command.

            Comment


            • #7
              Thank you for looking at this but it is definitely set in the destination form for the http sender as content type application/x-www-form-urlencoded. As far as I can see all the settings match, and I have tried the curl from the same server as the Mirth service is running on, but the response it gets back are different. Completely stuck with this.

              Comment


              • #8
                I added this as a header as well in Mirth (seem to be two places you could put this)

                Code:
                URL: https://85.91.40.18:443/csp/healthsh...ricService.cls
                METHOD: POST
                
                [HEADERS]
                Authorization: LHCIE-JWT eyJTdWJqZWN0SUQiOiJFU1RIIFN5c3RlbSBBY2NvdW50IiwiU3ViamVjdE9yZ2FuaXphdGlvbiI6IkVwc29tIGFuZCBTdCBIZWxpZXIgTkhTIFRydXN0IiwiU3ViamVjdE9yZ2FuaXphdGlvbklEIjoiMS4yLjMuNCIsIlN1YmplY3RSb2xlIjoiMi4xNi44NDAuMS4xMTM4ODMuMi4xLjMuNDYuMi4xLjEuMi4xLjIuNyIsIlB1cnBvc2VPZlVzZSI6IjIuMTYuODQwLjEuMTEzODgzLjIuMS4zLjQ2LjEuNS4xMDEifQ
                Content-Type: application/x-www-form-urlencoded
                
                [PARAMETERS]
                CfgItem: RestPassThrough
                
                [CONTENT]
                I still get this back though so it makes no difference:

                Code:
                <html>
                    <head>
                        <title>Error</title>
                    </head>
                    <body>Internal Server Error</body>
                </html>

                Comment


                • #9
                  This is a puzzler. Maybe we are missing something in the fine print. Can you attach a POSTMAN collection of the same call, one that works.
                  HL7v2.7 Certified Control Specialist!

                  Comment


                  • #10
                    I've attached the postman json export file as a .txt below. It contains the post that works and returns a response that I need to get the mirth channel to do.
                    Attached Files

                    Comment


                    • #11
                      This is the error at the STS side:

                      Code:
                      ERROR [io.undertow.request] (default task-6) UT005023: Exception handling request to /SpiritIdentityProvider2/lhciejwtsts: javax.servlet.ServletException: javax.servlet.ServletException: Wrong content Type
                             at com.spirit.sts.LHCIEJwtReceiver.doPost(LHCIEJwtReceiver.java:169)
                      { POST /Spirit
                      IdentityProvider2/lhciejwtsts request {connection=[Keep-Alive], authorization=[LHCIE-JWT eyJTdWJqZWN0SUQiOiJFU1RIIFN5c3RlbSBBY2NvdW50IiwiU3ViamVjdE9yZ2FuaXphdGlvbiI6IkVwc29tIGFuZCBTdCBIZWxpZXIgTkhTIFRydXN0IiwiU3ViamVjdE9yZ2FuaXphdGlvbklEI
                      joiMS4yLjMuNCIsIlN1YmplY3RSb2xlIjoiMi4xNi44NDAuMS4xMTM4ODMuMi4xLjMuNDYuMi4xLjEuMi4xLjIuNyIsIlB1cnBvc2VPZlVzZSI6IjIuMTYuODQwLjEuMTEzODgzLjIuMS4zLjQ2LjEuNS4xMDEifQ], accept-encoding=[gzip,deflate], cookie=[CacheBrowserId=XFs0ShTVVlvVwO7fWkq
                      Pag--], Content-Length=[29], Content-Type=[application/x-www-form-urlencoded; charset=UTF-8], user-agent=[Apache-HttpClient/4.5.1 (Java/1.8.0_91)], Host=[server1:8443]} response {X-Powered-By=[Undertow/1], Server=[WildFly/10]}}
                      It does not appear to like the fact that Mirth is sending charset in the content-type, but I have no way to stop Mirth doing this.

                      NB confirmed by adding charset=UTF-8 to postman.

                      Comment


                      • #12
                        hmm..Try calling the same thing using this below method. Use a JS writer, paste this function and pass that Base64 as a parameter to this function


                        Code:
                        function testGETClaims(jsonClaim) {
                            
                        sURL='https://85.91.40.18:443/csp/healthshare/ldppatients/passthrough/EnsLib.REST.GenericService.cls?CfgItem=RestPassThrough'
                        
                            // Create url object
                            url = new java.net.URL(sURL);
                            data = '';
                            
                            data= encodeURIComponent(jsonClaim);
                        
                            conn = url.openConnection();
                        
                            //Set Headers
                            conn.setDoOutput(true);
                            conn.setDoInput(true);
                            conn.setRequestMethod("POST");
                            conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
                        
                            // Send request
                            outStream = conn.getOutputStream();
                            outWriter = new java.io.OutputStreamWriter(outStream);
                            outWriter.write(data);
                            outWriter.close();
                        
                        
                            //Capture Response
                            respCode = conn.getResponseCode();
                            inputStream = conn.getInputStream();
                            streamReader = new java.io.InputStreamReader(inputStream);
                            respStream = new java.io.BufferedReader(streamReader);
                            buffer = '';
                            line = null;
                            while ((line = respStream.readLine()) != null) {
                                buffer = buffer + line;
                            }
                            respStream.close();
                            return buffer;
                        }
                        You might have to tweak a little bit, but I believe this should work.

                        On related note, Are you getting 403 in response ?
                        Last edited by siddharth; 04-16-2018, 10:44 AM. Reason: foo
                        HL7v2.7 Certified Control Specialist!

                        Comment


                        • #13
                          I'm having a problem getting that to work at the moment because I think I need to disable hostname verification.

                          Code:
                          Wrapped javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
                          	at 521d9d29-038a-4914-b3e3-6c74f0dcd9d7:429 (testGETClaims)
                          The response I get is a 500

                          Comment


                          • #14
                            This one above is a certificate error, the remote server has denied your request because It wants the certificate for verification.

                            I would suggest you to join the Mirth slack channel for real time assistance.
                            HL7v2.7 Certified Control Specialist!

                            Comment


                            • #15
                              This is basically the same problem:

                              http://www.mirthproject.org/communit...d.php?t=216877

                              Work around is to add the content type to a channel map variable:

                              Code:
                              channelMap.put('contentType','application/x-www-form-urlencoded');
                              and put this in the Content Type in the destination then set data type to Binary and set Content to be ${message.encodedData}

                              Comment

                              Working...
                              X