ReportServer Forum

Tpojka

Member

From: Ratio, Logic

Registered: 2017-01-11

Website

Installing JJWT

Hello, I am very new to JAVA although my background is PHP and LAMP.
Sorry for basic questions and prepare for more.

I am trying to create/(mostly )read JWT token in groovy script.
I tried to set import of libraries from github repository but it didn't work.

One conditional question would be: how to do that if is possible at all on AGPL version.
My idea is to pass some data through URL via JWT and use it in script with httpRequest object.

Thanks in advance

eduardo

Administrator

Registered: 2016-11-01

Website

Re: Installing JJWT

Hello Tpojka,

welcome to the forum.

I am trying to create/(mostly )read JWT token in groovy script.
I tried to set import of libraries from github repository but it didn't work.

What didn't work? The import or what exactly didn't work? Do you get any error messages? You can read here how to import external libraries:
https://reportserver.net/en/tutorials/t … scripting/ , section "Installing libraries".

One conditional question would be: how to do that if is possible at all on AGPL version.
My idea is to pass some data through URL via JWT and use it in script with httpRequest object.

What are you trying to do exactly? Are you trying to pass parameters to a script report ?
You can read about passing arguments and parameters to script reports here: https://reportserver.net/en/guides/scri … -Arguments
It is possible also to actively read an argument "from the outside", so instead of passing your arguments via url, you can get them from within the script. For example, using JQuery: https://reportserver.net/en/guides/scri … ve-Reports
Or if you can represent your external data in XML using XmlSlurper: An example can be found here: https://reportserver.net/en/guides/scri … tasources/ You can use JsonSlurper analogously for JSON.

Since you are trying to write scripts, I would recommend you the script tutorial and guide:
https://reportserver.net/en/tutorials/t … scripting/
https://reportserver.net/en/guides/script/main/

Cheers,
Eduardo

Tpojka

Member

From: Ratio, Logic

Registered: 2017-01-11

Website

Re: Installing JJWT

What didn't work? The import or what exactly didn't work? Do you get any error messages? You can read here how to import external libraries:
https://reportserver.net/en/tutorials/t … scripting/ , section "Installing libraries".

When I include those four lines from github I linked (import of libraries/classes), page is becoming unresponsive.
Commenting those lines out (and rest of code that is using those classes accordingly) page is getting back.

What are you trying to do exactly? Are you trying to pass parameters to a script report ?

I am trying to read parameters from URL, you are right for that one. I followed documentation on this page and I was able to use httpRequest object as well. My next step was to pass and read JWT token. Passing is ok, I can get that one in URL and script (working now with that), but when I tried to use provided JJWT library as mentioned, I have got unresponsive page after including "import" lines.

import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.crypto.MacProvider;
import java.security.Key;

It is probably up to installation of library as per description of installation steps, but I am not quite aware how to use those.
To be honest I was hoping it would work with import lines in script. Definitely I was wrong. Actualy I am not sure how to include src of repo nor how/where to use Maven or Gradle. Sorry for nubish issues.

Also, maybe my approach is not best one and maybe that could be changed.
Wider image of what I am doing is that I am trying to relate PHP application and RS to use similar data for user login. What I thought was to register user on PHP app and pass data like name and email to RS via JWT in URL. Also, when user is deleted from PHP app DB, I would pass appropriate token to RS to delete that one from RS DB.
Maybe there is some better way like querying external DB for logging user? Also next thing would be SSO, but I am new to JAVA syntax and need to go with small steps.

It is possible also to actively read an argument "from the outside", so instead of passing your arguments via url, you can get them from within the script. For example, using JQuery: https://reportserver.net/en/guides/scri … ve-Reports
Or if you can represent your external data in XML using XmlSlurper: An example can be found here: https://reportserver.net/en/guides/scri … tasources/ You can use JsonSlurper analogously for JSON.

Thing is I am trying to execute/ping URL on certain event in PHP app like user is registered or user is deleted.

Since you are trying to write scripts, I would recommend you the script tutorial and guide:
https://reportserver.net/en/tutorials/t … scripting/
https://reportserver.net/en/guides/script/main/

Cheers,
Eduardo

For few days now, I've been going through docs pages and trying to set myself closer to JAVA.

One more time, thank you very much for helping me.

Goran

eduardo

Administrator

Registered: 2016-11-01

Website

Re: Installing JJWT

When I include those four lines from github I linked (import of libraries/classes), page is becoming unresponsive.
Commenting those lines out (and rest of code that is using those classes accordingly) page is getting back.

Are you copying the .jar files of the library to the WEB-INF/lib directory and restarting your tomcat after this? Are you getting any errors in the log? You can find the logs in your tomcat installation directory.

Cheers,
Eduardo

eduardo

Administrator

Registered: 2016-11-01

Website

Re: Installing JJWT

Ok, I see that in that library there are no jars available. You only got source files. You have to create a jar from the source files and put it in WEB-INF/lib. You can google how to create a JAR file. Or maybe check on the internet if there is a JAR file for your library.
After the files are in the classpath (for example in WEB-INF/lib) you should be able to import them.

--> Update: you should be able to get the jars using maven. Just install it like in the installation guide and then look for the jars.

Cheers,
Eduardo

eduardo

Administrator

Registered: 2016-11-01

Website

Re: Installing JJWT

Hi Tpojka,

Please also take a look here for custom reportserver authenticators, which should help you in what you are trying to do:  https://reportserver.net/en/tutorials/t … stom-auth/

Cheers,
Eduardo

Tpojka

Member

From: Ratio, Logic

Registered: 2017-01-11

Website

Re: Installing JJWT

Hi Eduardo,
I was on this and some other issues last days so today I was completing JWT code (along with script side registering code).
I have strange (at least from my point of view) situation that when I am testing JWT from public online service here I am getting good result/response. Everything is going well.

When I try to generate similar URL from PHP application, I am getting "Signed plaintext JWSs are not supported." Exception message. I am not sure what is the difference between these two since with no code change public service is providing script execution with no errors.

This is code snippet responsible for such a behavior:

String key = 'someSuperStrongKeyHere';

String jwtToken = httpRequest.getParameter('token');

try {

    a = Jwts.parser()
	.setSigningKey(key.getBytes("UTF-8"))
	.parseClaimsJws(jwtToken);

	//OK, we can trust this JWT
  
  	result = a.getBody();
  	return result;
} catch (SignatureException e) {

    //don't trust the JWT!
}

You can check what I am sending from PHP on here (I included echo of link that's been cURL-ed).
I am not sure what else should I provide from PHP to be acceptable to groovy script.
Thank you for being keen to help.

Goran

wonky

Member

Registered: 2016-03-01

Re: Installing JJWT

Chattng with Tpojka, the "public service" is https://www.jsonwebtoken.io/ - so we can use tokens from there, but not through our code via CURL.

Tpojka

Member

From: Ratio, Logic

Registered: 2017-01-11

Website

Re: Installing JJWT

I didn't realise that visitor without session couldn't see error message. Here it is:

http://rs.munidev.org:8080/reportserver/reportserver/scriptAccess?id=499299&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.IntcImlkXCI6MSxcImZpcnN0bmFtZVwiOlwiR29yYW5cIixcImxhc3RuYW1lXCI6XCJHcmJpY1wiLFwiZW1haWxcIjpcInRwb2prYUBnbWFpbC5jb21cIixcInVzZXJuYW1lXCI6XCJ0cG9qa2FAZ21haWwuY29tXCIsXCJvdVwiOlwiZmlyc3QtdGVhbVwiLFwiZ3JvdXBcIjpcIm93bmVyXCJ9Ig.CtGV1eewoQRQMYUjUbGXJ4BFV9QRnHG4mzsaRkGEkJg&commit=true&exception=true
// line above has been output just for check what is created URL.
"""
net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: io.jsonwebtoken.UnsupportedJwtException: Signed plaintext JWSs are not supported.\n ◀
------- SCRIPT ERROR INFO -------\n
Script execution failed.\n
error message: javax.script.ScriptException: io.jsonwebtoken.UnsupportedJwtException: Signed plaintext JWSs are not supported. (io.jsonwebtoken.UnsupportedJwtException)\n ◀
script arguments: null\n
file: tokenCheck_20170125101759UTC.groovy (id: 499299, line 38)\n
line number: 38\n
line: \t.setSigningKey(key.getBytes("UTF-8"))\n
\n
\tat net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:79)\n
\tat net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:217)\n
\tat net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:263)\n
\tat net.datenwerke.rsenterprise.license.service.EnterpriseCheckInterceptor.invoke(EnterpriseCheckInterceptor.java:35)\n
\tat net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:317)\n
\tat net.datenwerke.rsenterprise.license.service.EnterpriseCheckInterceptor.invoke(EnterpriseCheckInterceptor.java:35)\n
\tat net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScriptNormal(ScriptUrlAccessServlet.java:182)\n
\tat net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScriptCommit(ScriptUrlAccessServlet.java:166)\n
\tat com.google.inject.persist.jpa.JpaLocalTxnInterceptor.invoke(JpaLocalTxnInterceptor.java:66)\n
\tat net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScript(ScriptUrlAccessServlet.java:158)\n
\tat net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.executeScriptById(ScriptUrlAccessServlet.java:140)\n
\tat net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.doGet(ScriptUrlAccessServlet.java:98)\n
\tat net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:109)\n
\tat net.datenwerke.rs.scripting.server.scripting.ScriptUrlAccessServlet.doPost(ScriptUrlAccessServlet.java:91)\n
\tat net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:109)\n
\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:648)\n
\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:729)\n
\tat net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:109)\n
\tat com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:263)\n
\tat com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:178)\n
\tat com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)\n
\tat com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:62)\n
\tat com.google.inject.persist.PersistFilter.doFilter(PersistFilter.java:89)\n
\tat com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:163)\n
\tat com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)\n
\tat com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)\n
\tat com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)\n
\tat com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:168)\n
\tat com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:58)\n
\tat com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:118)\n
\tat com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:113)\n
\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)\n
\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)\n
\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)\n
\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)\n
\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)\n
\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)\n
\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)\n
\tat org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)\n
\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)\n
\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:528)\n
\tat org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:873)\n
\tat org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:687)\n
\tat org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:2445)\n
\tat java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)\n
\tat java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)\n
\tat org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\n
\tat java.lang.Thread.run(Thread.java:745)\n
Caused by: javax.script.ScriptException: io.jsonwebtoken.UnsupportedJwtException: Signed plaintext JWSs are not supported.\n
\tat org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:347)\n
\tat org.codehaus.groovy.jsr223.GroovyCompiledScript.eval(GroovyCompiledScript.java:41)\n
\tat net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:74)\n
\t... 47 more\n
Caused by: io.jsonwebtoken.UnsupportedJwtException: Signed plaintext JWSs are not supported.\n
\tat io.jsonwebtoken.JwtHandlerAdapter.onPlaintextJws(JwtHandlerAdapter.java:45)\n
\tat io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:466)\n
\tat io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:518)\n
\tat io.jsonwebtoken.JwtParser$parseClaimsJws$0.call(Unknown Source)\n
\tat org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)\n
\tat org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:110)\n
\tat org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:122)\n
\tat Script95.run(Script95.groovy:38)\n
\tat org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:344)\n
\t... 49 more\n
"""

As you can see I also output URL that is being created (although I commented out that line in code when tried execution, no difference in error message).

Last edited by Tpojka (2017-01-26 01:55:42)

eduardo

Administrator

Registered: 2016-11-01

Website

Re: Installing JJWT

Hi Tpojka,

this is not a reportserver exception, as you can see in the logs:
io.jsonwebtoken.UnsupportedJwtException: Signed plaintext JWSs are not supported. (io.jsonwebtoken.UnsupportedJwtException). The library which you are trying to use is throwing the exception, not reportserver.

Cheers,
Eduardo