Token returns null

Subramani3
Giga Contributor

‎03-20-2022 11:40 PM

In a scoped application, I am using the details stored in the Application Registry [oauth_entity] to generate access and refresh token. I am storing the tokens in the Manage Tokens [oauth_credential] table and will be using it to send REST API Request.

Code Snippet:

//Gliderecord on oauth_credential
var oauthRef = new GlideRecord('oauth_credential');
oauthRef.addEncodedQuery('type=access_token');
oauthRef.query();
if (oauthRef.next()){//Creating Rest Message
var restMessage = new sn_ws.RESTMessageV2('<rest_message_name>', '<rest_message_method_name>');
//Creating Authorization Header - Bearer Token Authorization
var authorization = r.getRequestHeader("Authorization");
authorization = authorization.replace('${accessToken}', oauthRef.getValue("token"));
gs.info("Value of Token : "+oauthRef.getValue("token"));
restMessage .setRequestHeader("Authorization", authorization);
var response = restMessage .execute();

}

 

There is no statement that I have written to update the oauth_credentials record. However, after I executed the above code snippet for the first time, I observed that the oauth_credential record was updated and when the same code is executed for the second time the oauthRef.getValue("token") return null.

Also when I executed the code snippet for the first time after creating the token, I received the below messages

StorageEncrypter: ignoring already encrypted text starting with: &fp:U...
StorageEncrypter: ignoring already encrypted text starting with: &fp:U...
StorageEncrypter: ignoring already encrypted text starting with: &fp:U...
StorageEncrypter: ignoring already encrypted text starting with: &fp:N...
StorageEncrypter: ignoring already encrypted text starting with: &fp:N...
StorageEncrypter: ignoring already encrypted text starting with: &fp:N...

I did executed the same code in Quebec version of servicenow and it worked as expected without any update operation on the record.

Any explanation/resolution on the issue would really be helpful.

Thanks in advance.

0 Helpfuls
  • 2,207 Views
3 REPLIES 3

Tony Chatfield1
Kilo Patron

‎03-22-2022 08:13 PM

Hi, have you checked xml of the oauth_credential record? I suspect the token is stored in 'token_receive' in encrypted form?

Also looking at your GlideQuery for ‘oauth_credential’ you have no filtering so the query could potentially result in multiple results. I would include a query\filter for ‘oauth_requestor_profile’ and see if it works via decrypting token_receive, something like.

var oauthRef = new GlideRecord('oauth_credential');
    oauthRef.addQuery('peer', 'your_oauth_requestor_profile_sys_id');
    oauthRef.addQuery('type', 'access_token');
    oauthRef.query();
    if (oauthRef.next()) {
        var encr = new GlideEncrypter();
        var myToken = encr.decrypt(oauthRef.token_received);          
            
        // now create your REST your message and set the token IE myToken
   
    } else {    
        gs.info("No Token found for this Integration");
        }

 

Subramani3
Giga Contributor
In response to Tony Chatfield1

‎03-28-2022 09:16 AM

Hi Tony,

Thanks for taking out your valuable time to look into the issue.

We cannot directly use the GlideEncrypter() in the scoped application. What I found through observation is that when I don't add the value to the oauth requestor field while saving the token then the value is not updated after the first usage.

0 Helpfuls

Subramani3
Giga Contributor

‎06-16-2022 09:35 AM

Hi Tony,

The observation mentioned above did work but temporarily and the now again the token value is getting updated to null.

I am manually sending token request using the below code and storing the received tokens in the Manage tokens.

var tokenRequest = new sn_auth.GlideOAuthClientRequest();
tokenRequest.setUserName(userName);
tokenRequest.setPassword(password);
tokenRequest.setScope(scope);
tokenRequest.setGrantType("password");
var oAuthClient = new sn_auth.GlideOAuthClient();
var tokenResponse = oAuthClient.requestTokenByRequest(OAuthProvider, tokenRequest);

var token = tokenResponse.getToken();
var accessToken = token.getAccessToken();
var refreshtoken = token.getRefreshToken();

I am storing the tokens in the field named "token" in the Manage tokens along with other information like Peer, Expires and Type. The value of the "token" field gets updated to null after the first usage in the Rest Message. However, if I add the same value of the token in "token_received" then it doesn't get updated to null.

Is it because the token field is reserved for the tokens issued by ServiceNow and the token_received field is for the tokens issued by Third-Party Provider?

Also, how can I securely store and retrieve the token if I store it in token_received field? as GlideEncrypter() is not allowed in the scoped application.

Thanks,

Subramani

 

0 Helpfuls