400 Error, Unexpected end of JSON

[brandonbrinkley]

I am receiving an HTTP 400 error with the description "Unexpected end of JSON input". The output seems to indicate that the task has established successful communication with DSS, but that the response from the API call is poorly formatted. Please advise.

Starting: Retrieve secret 12345 from Delinea Secret Server -============================================================================== Task : Delinea SS Description : Retrieve secrets from Delinea Secret Server Version : 0.0.5 Author : Delinea Help : https://github.com/DelineaXPM/SecretServer.AzureDevOpsTask -============================================================================== server.getSecret: 12345 server.getAccessToken: POST https://XYZ.secretservercloud.com/oauth2/token server.sendRequest: GET https://XYZ.secretservercloud.com/api/v1/secrets/12345 server.getResponseContent: failed code 400 Unexpected end of JSON input

[error]Unexpected end of JSON input

Finishing: Retrieve secret 12345 from Delinea Secret Server

[brandonbrinkley]

UPDATE: We verified that the user account has access to the secret in question and the logs show that authentication for that user was successful on pipeline-driven attempts to get the secret.

I started looking deeper into the "Unexpected end of JSON input" error. There is a JSON object called 'input' that is being passed around, but it is always null/empty string. It is used to build the 'body' for the REST call, but it's a GET, so I assume it's fine that it is empty from that perspective, but it sounds like a parser somewhere has an issue with it.

[delineaKrehl]

@brandonbrinkley I've reproduced this locally while debugging the failure unit test. In that instance instead of returning 'Secret not found' as expected, it's failing to parse the result and getting "Unexpected end of JSON input" as the error message. Can you verify the secret ID you are querying for exists and the account has access to it? We'll need to update this ADO Task to return a more useful error message as well as some other maintenance updates.

[dascalos]

Was having this issue as well. What finally worked was URLEncoding the password. The task should do this for you in my opinion, but it doesn't.

[brandonbrinkley]

@delineaKrehl I viewed the secret in the UI and it definitely exists. And the id number is correct in my settings for the task. And yes, the account I am using to retrieve it has 'View' permissions based on the table in the 'Sharing' tab. Permissions are inherited from the folder, but I assume the 'View' part is the accurate residual permission.

@dascalos I checked and the service account we created did have one special character in its password. I replaced it with the URL code, but still got the 400 error. Thinking back about it now (it's been a few days), our admin did confirm that the service account was successfully authenticating, which provides some evidence that this isn't the problem.

I suspect that when the problem with the response is fixed and we get past the 400 error, the actual result will reveal what's really wrong with my task setup.

[dascalos]

OK, the other thing is for username make sure you are sending in domain\username.