Signer Id's Validation
Wednesday, August 25, 2021 at 09:05amHi!
I am using the SDK to create a ceremony with a custom signer id and I need to use the signer's email.
The SignerBuilder.withCustomId(String) method's javadoc says the following:
Sets the ID of the signer for this package.
E.g.: the signer's email makes for a good unique ID. [email protected]
Params:
id – the signer's ID @size(min="1", max="64")
Returns:
the signer builder itself
But, when specifying an email, I get the following error:
{ "status": "500", "error": "Internal Server Error", "code": "CODE-XXXX", "message": "Could not create a new package in one-step Exception: HTTP POST on URI https://XXX/api/packages resulted in response with status code: [400, Bad Request]. Optional details: {\"messageKey\":\"error.validation.invalidID\",\"message\":\"There are some invalid characters in the Role ID '[email protected]'. Valid characters are specified in the regex '[a-zA-Z0-9_\\\\-.]+'.\",\"code\":400}", }
What am I missing?
Note: I actually use the SDK version 11.36
Thanks
Reply to: Signer Id's Validation
Wednesday, August 25, 2021 at 09:59amHi pascal_eric_servais,
Thanks for your post! As per the error message indicates, the only allowed characters in the role ID is a-z, A-Z, 0-9, dash, underscore and period. Other special characters like @ or accent characters are not allowed. I believe this is because the role ID will be used as a part of the API URL, which is composed from a limited set of characters. For example when querying a certain signer, you'd use GET /api/packages/{packageId}/roles/{roleId}.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Signer Id's Validation
Wednesday, August 25, 2021 at 12:01pmHi Duo_Liang,
Thank you for your quick answer.
I understand this validation is practical from a technical point of view. But, functionnally, the signer's email address is the ideal candidate for its identifier. Is there any way to get around this issue?
Regards
Pascal-Eric
Reply to: Hi Duo_Liang, Thank you for…
Wednesday, August 25, 2021 at 12:17pmHi Pascal-Eric,
I see, in that case, one of the potential solutions might be to URL encode the email so that it meets the role ID validation, and you are also able to decode the role ID and revert to their email. The only thing is the % seems not supported in OneSpan Sign role ID, you may have to replace all the occurrences with a certain pattern, something like ".pct.".
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Signer Id's Validation
Wednesday, August 25, 2021 at 12:29pmHi Duo Liang,
I don't think this would help because our goal is to have the email specified as ID in the signature's properties:
Reply to: Hi Duo Liang, I don't think…
Wednesday, August 25, 2021 at 12:46pmJust come up with this - use string to hex converter, which makes the role ID unreadable and unmisleading, and you got the way to encode and decode the value.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Signer Id's Validation
Wednesday, August 25, 2021 at 12:54pmHi Duo,
I am a newbie in the OneSpan esign world. Do you have an idea where I should place the decoding fonctionnality to make sure the id is decoded when it is displayed within the signature's properties?
Regards
Pascal-Eric
Reply to: Hi Duo, I am a newbie in…
Wednesday, August 25, 2021 at 01:00pmHi Pascal-Eric,
Because the certificate has already implies the signer email "Reason: E-SIGNED by John Smith ([email protected])", do you have a specific reason why the role ID also have to be the same? - I thought you just don't want to create an additional custom ID, and don't want the ID to be inconsistent to the real email address.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Hi Pascal-Eric, Because…
Wednesday, August 25, 2021 at 03:13pmHi Duo,
This a request from the client. Nothing more to say ;)
Regards
Pascal-Eric