GlideEncrypter Decryption Not Working

lmcmanamon · ‎02-15-2017

Below is a class I'm working on. I'm trying to decrypt a Client Secret, but for some reason, the sendPOST function will only return the encrypted value. Any ideas?

var laurensVSTSOauth = Class.create();
laurensVSTSOauth.prototype = {
       initialize: function() {
             var OAuthClient = new GlideRecord('u_oauth_client');
             if (OAuthClient.get('sys_id', 'c09a2bd60fccf6008e2a4b9ce1050e56'))
             {
                       this.client = OAuthClient;
             }
       },
       sendPOST: function(authorizationCode) {
         
             var encrypter = new GlideEncrypter();
             var clientSecret;
             clientSecret = encrypter.decrypt(this.client.getValue('u_secret'));
             return clientSecret;
         
       },
       type: 'laurensVSTSOauth'
};

ed_harrisburg · ‎02-24-2017

I was having the same problem in my instance and found that the field length was the issue, the max length was set by default to 40 which is not large enough to handle the size of the encrypted password, once I changed the max length to 256 and reentered my password. I was able to successful encrypt and decrypt the pasword

View solution in original post

Abhinay Erra · ‎02-15-2017

If it is a 2 way encrypted, it should work. Can you try this in background script and see what it shows

var OAuthClient = new GlideRecord('u_oauth_client');

if (OAuthClient.get('c09a2bd60fccf6008e2a4b9ce1050e56')) {

var encrypter = new GlideEncrypter();

var clientSecret = encrypter.decrypt(OAuthClient.u_secret);

gs.print(clientSecret);

}

lmcmanamon · ‎02-16-2017

This doesn't work either

lmcmanamon · ‎02-16-2017

Could it have to do with the fact hat the OAuth Client Table is in another scope?

Abhinay Erra · ‎02-16-2017

Yes. Do you have application access setup on so that the table can be

accessed from a different scope.

On Thu, Feb 16, 2017 at 13:08 lmcmanamon <community-no-reply@servicenow.com>

lmcmanamon · ‎02-16-2017

Those are the Application Access setting for the OAuth Client Table. That's correct right?