cpomeroy

Can you open a signing ceremony as the package owner when not a signer?

Tuesday, June 6, 2017 at 06:31am
0 votes
Hi, I'm using the Java SDK and trying to open the signing ceremony as the package owner (sender), when the package owner isn't a signer in the package. My assumption was that this code would work: String signerAuthenticationToken = eslClient.getAuthenticationTokensService().createSenderAuthenticationToken(docPackage.getId().getId()); String url2 = authClient.buildRedirectToPackageViewForSender(signerAuthenticationToken, docPackage.getId().getId()); The result of this is that url2 has the following value: https://sandbox.esignlive.com/auth?authenticationToken=NWEyMTkxYmYtNGE0Yi00NjVlLTlkODYtMDkwYTcxNTE4MDY4&target=https%3A%2F%2Fsandbox.esignlive.com%2Fpackages%2FN42uVSDtSvlYf_-rhVYLxPC2dCY%3D The package has a senderInfo property and also has showPackageOwnerInPerson = true and enableInPerson = true When I try to open that URL in an iFrame, the content will not load due to X-Frame-Options in the header being set to 'sameorigin'. See the attached file for exact error detail. No problems opening the iframe when I use a signer token and call authClient.buildRedirectToSigningForSigner(); I also tried creating a signing token using the sender's signerId (got an error creating the token since the sender isn't a signer), and calling buildRedirectToSigningForSigner() using a sender token (access denied error). Is there a way to do this? For in-person signing, we would like to open the signing ceremony as the package owner, who would then switch signers and hand-off the device to the in-person signer. Thanks in advance, -Chris
Attachments
Capture99.png22.93 KB
Approved Answer
harishaidary

Reply to: Can you open a signing ceremony as the package owner when not a signer?

Tuesday, June 6, 2017 at 09:05am
0 votes
Here's the complete code I wrote earlier to test (working fine for me): 
package testing;

import java.util.Date;
import java.util.List;

import com.silanis.esl.api.model.Role;
import com.silanis.esl.sdk.*;
import com.silanis.esl.sdk.builder.*;

public class CreatePackageTest {

	public static void main(String[] args) {

		EslClient eslClient = new EslClient(info.API_KEY_SANDBOX, info.API_URL_SANDBOX);

		DocumentPackage pkg = PackageBuilder.newPackageNamed("Test Package" + new Date())
				.withSenderInfo(SenderInfoBuilder.newSenderInfo("[email protected]"))
				.withSettings(DocumentPackageSettingsBuilder.newDocumentPackageSettings().withInPerson())
				.withSigner(SignerBuilder.newSignerWithEmail("[email protected]").withFirstName("John")
						.withLastName("Smith").withCustomId("signer1"))
				.withDocument(DocumentBuilder.newDocumentWithName("doc 1:/\\?")
						.fromFile("C:/Users/hhaidary/Desktop/PDFs/doc1.pdf").withSignature(
								SignatureBuilder.signatureFor("[email protected]").atPosition(100, 100).onPage(0)))
				.build();

		PackageId packageId = eslClient.createAndSendPackage(pkg);

		System.out.println(packageId);

		List roles = eslClient.getPackageService().getRoles(packageId);

		for (Role role : roles) {

			List signers = role.getSigners();

			for (com.silanis.esl.api.model.Signer signer : signers) {

				if (signer.getEmail().trim().equalsIgnoreCase("[email protected]")) {

					String token = eslClient.getAuthenticationTokensService()
							.createSignerAuthenticationToken(packageId.toString(), signer.getId());
					System.out.println("https://sandbox.esignlive.com/access?sessionToken=" + token);
				}
			}
		}

	}
}
As you can see, the sender isn't a signer and I'm able to open the link generated at the bottom in an iframe.
Haris Haidary OneSpan Technical Consultant
harishaidary

Reply to: Can you open a signing ceremony as the package owner when not a signer?

Tuesday, June 6, 2017 at 08:31am
0 votes
Hi Chris, The authClient.buildRedirectToPackageViewForSender() call is for building a redirect for the package sender when the package is in draft status. In other words, when you are looking to do some edits on the package. What you'll need to be doing is the following: Retrieve each role in the package and check which one is the sender. Once you have your role (i.e. the sender), you will need to get its "signer" id, create a signer authentication token, and manually build the redirect to the esignlive signing page. Here's a sample code I've written: 
List roles = eslClient.getPackageService().getRoles(packageId);

for (Role role : roles) {
	
	List signers = role.getSigners();
	
	for (com.silanis.esl.api.model.Signer signer : signers) {
		
		if (signer.getEmail().trim().equalsIgnoreCase("[email protected]")) {
			
			String token = eslClient.getAuthenticationTokensService().createSignerAuthenticationToken(packageId.toString(), signer.getId());
			System.out.println("https://sandbox.esignlive.com/access?sessionToken=" + token);
		}
	}
}
Let me know if this works.
Haris Haidary OneSpan Technical Consultant
cpomeroy

Reply to: Can you open a signing ceremony as the package owner when not a signer?

Tuesday, June 6, 2017 at 08:52am
0 votes
Hi Haris, I actually tried this earlier, but was unable to get it to work either. When I try to open the iframe using your code snippet, I get the following error: 06/06/2017 14:44:08.247 [tomcat-http--47] ERROR Unable to send for signing for package with ID=19233: Could not create a signer authentication token. Exception: HTTP POST on URI https://sandbox.esignlive.com/api/authenticationTokens/signer/multiUse resulted in response with status code: [500, Internal Server Error]. Optional details: {"technical":"No signer found with uid or email kN0SY1xrlDYZ","messageKey":"error.internal.default","code":500,"name":"Unhandled Server Error","message":"Unexpected error. We apologize for any inconvenience this may have caused you, please try again. If the problem persists, please contact our support team."} com.silanis.esl.sdk.internal.EslServerException: Could not create a signer authentication token. Exception: HTTP POST on URI https://sandbox.esignlive.com/api/authenticationTokens/signer/multiUse resulted in response with status code: [500, Internal Server Error]. Optional details: {"technical":"No signer found with uid or email kN0SY1xrlDYZ","messageKey":"error.internal.default","code":500,"name":"Unhandled Server Error","message":"Unexpected error. We apologize for any inconvenience this may have caused you, please try again. If the problem persists, please contact our support team."} at com.silanis.esl.sdk.service.apiclient.AuthenticationTokensApiClient.createSignerAuthenticationToken(AuthenticationTokensApiClient.java:72) at com.silanis.esl.sdk.service.AuthenticationTokensService.createSignerAuthenticationToken(AuthenticationTokensService.java:70) at com.silanis.esl.sdk.service.AuthenticationTokensService.createSignerAuthenticationToken(AuthenticationTokensService.java:56) at com.pointclickcare.esignature.service.ESignatureServiceImpl.createSigningCeremonyUrlForPackage(ESignatureServiceImpl.java:568) at com.pointclickcare.documentmanager.service.DocumentManagerEslServiceImpl.startSigningCeremonyFromPackageVO(DocumentManagerEslServiceImpl.java:168) at com.pointclickcare.documentmanager.service.DocumentManagerServiceImpl.eSignAndCompleteDocument(DocumentManagerServiceImpl.java:516) at com.pointclickcare.mvc.documentmanager.web.controllers.ClientDocumentListController.eSignAndComplete(ClientDocumentListController.java:471) at com.pointclickcare.mvc.documentmanager.web.controllers.ClientDocumentListController.adminESignAndComplete(ClientDocumentListController.java:294) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springsource.loaded.ri.ReflectiveInterceptor.jlrMethodInvoke(ReflectiveInterceptor.java:1426) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:222) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:814) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:737) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) at javax.servlet.http.HttpServlet.service(HttpServlet.java:646) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at esolutions.PasswordExpirationFilter.doFilter(PasswordExpirationFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at com.pointclickcare.core.servlet.PCCClickjackFilter.doFilter(PCCClickjackFilter.java:28) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:130) at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at com.pointclickcare.core.web.UIContextFilter.doFilter(UIContextFilter.java:45) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at com.pointclickcare.core.communication.web.UserCommunicationFilter.doFilter(UserCommunicationFilter.java:159) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at esolutions.framework.controller.UserSessionManagerFilter.doFilter(UserSessionManagerFilter.java:70) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at fr.xebia.servlet.filter.ExpiresFilter.doFilter(ExpiresFilter.java:1243) at com.pointclickcare.core.web.cache.PCCExpiresFilter.doFilter(PCCExpiresFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) Caused by: com.silanis.esl.sdk.internal.RequestException: HTTP POST on URI https://sandbox.esignlive.com/api/authenticationTokens/signer/multiUse resulted in response with status code: [500, Internal Server Error]. Optional details: {"technical":"No signer found with uid or email kN0SY1xrlDYZ","messageKey":"error.internal.default","code":500,"name":"Unhandled Server Error","message":"Unexpected error. We apologize for any inconvenience this may have caused you, please try again. If the problem persists, please contact our support team."} at com.silanis.esl.sdk.internal.RestClient.execute(RestClient.java:192) at com.silanis.esl.sdk.internal.RestClient.post(RestClient.java:105) at com.silanis.esl.sdk.service.apiclient.AuthenticationTokensApiClient.createSignerAuthenticationToken(AuthenticationTokensApiClient.java:69) ... 67 more This is the same error that I receive if I obtain the URL via the authClient.buildRedirectToSigningForSigner() method while handing in a token for a signer with signatures instead of the sender (who as I mentioned has no signatures in the package). When I check the sender's ID in the debugger, it matches the one in the error message. The error seems to imply that since the sender isn't a signer, I'm not able to open the package. Finally, I can't be positive, but I believe that we used to use the approach that you recommended to open the signing ceremony as the package owner. I didn't mention it though because I can't remember if the sender was also a signer in those scenarios in the past. We're using 11.0.2 of the SDK now, but were using an older version (11.0) back then - if that helps. Thanks for the quick response! Cheers, -Chris
harishaidary

Reply to: Can you open a signing ceremony as the package owner when not a signer?

Tuesday, June 6, 2017 at 09:01am
0 votes
Essentially, the error above says that you're unable to create a signer authentication token because "No signer found with uid or email kN0SY1xrlDYZ". You need to make sure that you pass the signer id and not the role id when trying to create a signer authentication token. The sample code I provided works for me and I am able to open it in an iframe. Did you try my sample code as is? Btw I am using the latest SDK (11.0.2)
Haris Haidary OneSpan Technical Consultant
cpomeroy

Reply to: Can you open a signing ceremony as the package owner when not a signer?

Tuesday, June 6, 2017 at 09:21am
0 votes
Hi Haris, Your code worked like a charm! Here's the code I was using: String signerId = docPackage.getSigners().get(0).getId(); String signerAuthenticationToken = eslClient.getAuthenticationTokensService().createSignerAuthenticationToken(docPackage.getId().getId(), signerId); String url = eSignatureConfigurationService.getEsignatureBaseUrl() + "/access?sessionToken=" + signerAuthenticationToken; docPackage.getSigners().get(0).getId() was returning a different ID than packageService.getRoles().getSigners().get(0).getId(); For our signers, those IDs are the same (presumably because we set the customID for signers), but for the sender, those IDs don't match. Thanks so much for your help - I'd have probably spent the whole day figuring out that on my own. Cheers, -Chris

Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off

LoginSign Up