Org invitation call: invalid request with roles

Question

Org invitation call: invalid request with roles

anilgvpcoe opened this issue 3 years ago · 6 comments

Describe the problem you'd like to have solved

When attempting invitations to users for an org with

organizations().createInvitation(orgId, invitation)

the call is failing if we add roles to invitation object as below

    List<String> roles = Arrays.asList("some role");
    invitation.setRoles(new Roles(roles));

exception snippet

com.auth0.exception.APIException: Request failed with status code 400: Payload validation error: 'Expected type array but found type object' on property roles (List of roles IDs to associated with the user).
   at com.auth0.net.ExtendedBaseRequest.createResponseException(ExtendedBaseRequest.java:131) ~[auth0-1.34.0.jar:1.34.0]
   at com.auth0.net.ExtendedBaseRequest.parseResponse(ExtendedBaseRequest.java:66) ~[auth0-1.34.0.jar:1.34.0]
   at com.auth0.net.BaseRequest.execute(BaseRequest.java:35) ~[auth0-1.34.0.jar:1.34.0]

It seems SDK is expecting Roles object here which inturn has List so the resulting json is turning out to be something like:

{
  "inviter" : {
    "name" : "xxxx"
  },
  "invitee" : {
    "email" : "xx@ss.com"
  },
  "client_id" : "<<client-id>>",
  "connection_id" : "<<con-id>>",
  "send_invitation_email" : true,
  "roles" : {
    "roles" : [ "rol_7NdVtrUWWwpcYZz8", "rol_7NdVtrUWWwpcYZz8" ]
  }
}

whereas organization invites post request https://auth0.com/docs/api/management/v2#!/Organizations/post_invitations is expecting roles to be a list

{
  "inviter": {
    "name": "Jane Doe"
  },
  "invitee": {
    "email": "john.doe@gmail.com"
  },
  "client_id": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww",
  "connection_id": "con_0000000000000001",
  "app_metadata": {},
  "user_metadata": {},
  "ttl_sec": 0,
  "roles": [
    "rol_0000000000000001",
    "rol_0000000000000002"
  ],
  "send_invitation_email": true
}

Here is a snippet of how I am using SDK

    Inviter inviter = new Inviter(inviterAddress);
    Invitee invitee = new Invitee(userEmail);
    Invitation invitation = new Invitation(inviter, invitee, appClientId);
    invitation.setSendInvitationEmail(true);
    List<String> roles = Arrays.asList(roleId);
    Roles roles = new Roles(rolesList);
    invitation.setRoles(roles);
    invitation.setConnectionId(getConnectionId());
    return executeWithRetry(tokenManager.getMgmt().organizations()
        .createInvitation(orgId, invitation)).getId();

Describe the ideal solution

invitation.setRoles should accept List of Roles to be consistent with request pattern

Alternatives and current work-arounds

Please suggest if there are any alternatives or correct me if I am not invoking SDK properly

Additional information, if any

Answer 1 · 2021-10-04T10:47:04.000Z

Thanks for reporting this. I think a good solution would be to remove the class Roles and use a List<String> instead, so the JSON serialization gets fixed. While that would be a breaking change, it's to fix something that is not working today. I'll explore if there are other options, maybe using a Jackson annotation somewhere to change the de/serialization strategy. cc @jimmyjames

Answer 2 · 2021-10-04T12:47:29.000Z

Sure, Thank you for ack'ing.

Answer 3 · 2021-10-04T18:02:35.000Z

I proposed a solution above if you'd like to try it out. Cheers

Answer 4 · 2021-10-05T03:49:56.000Z

sure thank you

Answer 5 · 2021-10-09T01:04:00.000Z

I hit this too, the fix is working for me. Do you know when it will make it into a release @lbalmaceda ?

Answer 6 · 2021-10-11T12:57:35.000Z

A new release is likely to go out this week. Thanks! cc @jimmyjames