Announcing the Global SNUG Board of Directors. Learn more here
‎02-27-2015 09:04 AM
Hello,
As part of a requirement for creating certain users we have a form which asks for a password that upon submission is encrypted using GlideEncrypter().
The problem is when I try to decrypt the value and set it as the password it is not working correctly as the decrypted value does not work as the password.
Below is the code I use to decrypt and set the password.
var Encrypter = new GlideEncrypter();
var decrypted = Encrypter.decrypt(current.variables.password);
var gu = new GlideRecord('sys_user');
gu.initialize();
gu.user_name = current.variables.headless_id;
gu.first_name = current.variables.headless_id;
gu.last_name = current.variables.headless_id;
gu.email = current.variables.email_address;
gu.user_password.setDisplayValue(decrypted.toString());
//gu.user_password.setDisplayValue(decrypted);
//gu.user_password.setValue(decrypted);
gu.user_password.setDisplayValue(decrypted.toString());
gu.insert();
If I do not encrypt the password this script works fine though.
Any thoughts on this?
Solved! Go to Solution.
‎02-27-2015 07:28 PM
Hi Alexander,
The problem is that line 2 above sets the decrypted variable as what I am assuming is a Java string. Calling toString on that object, likewise, returns another string. If you do a typeof decrypted it will return "object" and not 'string'. The setDisplayValue function expects a string and apparently has no idea how to handle the object it is given. The solution is to add + '' which forces a type conversion to a javascript string that setDisplayValue can use. Thus, the following function should work for you:
var Encrypter = new GlideEncrypter();
var decrypted = Encrypter.decrypt(current.variables.password);
var gu = new GlideRecord('sys_user');
gu.initialize();
gu.user_name = current.variables.headless_id;
gu.first_name = current.variables.headless_id;
gu.last_name = current.variables.headless_id;
gu.email = current.variables.email_address;
gu.user_password.setDisplayValue(decrypted + '');
gu.insert();
I hope this helps.
Kind regards,
Travis
‎02-27-2015 07:28 PM
Hi Alexander,
The problem is that line 2 above sets the decrypted variable as what I am assuming is a Java string. Calling toString on that object, likewise, returns another string. If you do a typeof decrypted it will return "object" and not 'string'. The setDisplayValue function expects a string and apparently has no idea how to handle the object it is given. The solution is to add + '' which forces a type conversion to a javascript string that setDisplayValue can use. Thus, the following function should work for you:
var Encrypter = new GlideEncrypter();
var decrypted = Encrypter.decrypt(current.variables.password);
var gu = new GlideRecord('sys_user');
gu.initialize();
gu.user_name = current.variables.headless_id;
gu.first_name = current.variables.headless_id;
gu.last_name = current.variables.headless_id;
gu.email = current.variables.email_address;
gu.user_password.setDisplayValue(decrypted + '');
gu.insert();
I hope this helps.
Kind regards,
Travis
‎02-28-2015 04:39 AM
The way I solved this was in my script include I made sure to convert to a string prior to passing back to the workflow script.
‎07-21-2015 08:35 AM
This works only if the Password field is "Password (2 way encrypted)". The password1 is one way and the Encrypter().decrypt() won't work on it.
Also, GlideEncrypt() is not accessible in Scoped applications on Fuji and later. Please use gr.field.getDecryptedValue() instead. While testing on Scripts - Background, make sure you choose scope to the custom application scope. It returns undefined on global if you query a custom scope table.
Thanks,
Pavan,
Security Engineer, ServiceNow
‎12-23-2015 09:30 AM
Hi Pravan, I am having some troubles getting my business rule to decrypt a Password2 field I am testing on my demo instance. I have added a Password2 (256-bit) field to the Incident table and set a basic password. Now, how do I go about decrypting it? I have read through this wiki Encryption Support - ServiceNow Wiki which talks about Encryption, but I don't see a section on decryption.
Then I went to the field level material and found the following on the Introduction to Fields - ServiceNow Wiki page.
Password (2 Way Encrypted) | Text field that stores passwords with two-way encryption. Two-way encryption stores the password as a secure encrypted value that can be decrypted programmatically within the instance. |
I have attempted to put your script into a BR (before) but it's not decrypting, I think it just needs some tweaking.
Thanks for all your help!