Hi,
We are using the Java Custom Callout from GitHub - DinoChiesa/Apigee-CustomPolicy-EncryptedJWT to verify a JWE signature. Below is our Java Callout configuration and the java resources:
<JavaCallout continueOnError="false" enabled="true" name="JC-Verify">
<DisplayName>JC-Verify</DisplayName>
<Properties>
<Property name="key-encryption">RSA-OAEP</Property>
<Property name="content-encryption">A256GCM</Property>
<Property name="debug">true</Property>
<Property name="source">response.content</Property>
<Property name="private-key">{private-key}</Property>
</Properties>
<ClassName>com.google.apigee.callouts.VerifyJwe</ClassName>
<ResourceURL>java://apigee-callout-encrypted-jwt-20241203.jar</ResourceURL>
<!--<ResourceURL>java://nimbus-jose-jwt-8.22.jar</ResourceURL>-->
</JavaCallout>
However, we are encountering the following error when executing the callout:
Failed to execute JavaCallout. com/nimbusds/jose/JWEObject
Additionally, the older Java resource (apigee-callout-encrypted-jwt-20211021.jar) was working previously but started throwing this error on February 6, 2025:
{
"fault": {
"faultstring": "Failed to instantiate the JavaCallout Class com.google.apigee.callouts.VerifyJwe",
"detail": {
"errorcode": "steps.javacallout.JavaCalloutInstantiationFailed"
}}}
Steps Taken:
- Verified that all required JAR files are included in the Apigee deployment.
- Checked for missing dependencies in the JAR files.
- Ensured that the private-key property is correctly set.
- Reviewed the Apigee logs for more details.
Questions:
- Has anyone successfully used this callout with Apigee X?
- Could this be due to a missing dependency in nimbus-jose-jwt-8.22.jar?
- Are there additional configuration steps needed to properly instantiate the Java Callout?
- Any insights or suggestions would be greatly appreciated!
Thanks in advance.
