SDK fails to parse a response when "email_verified" is not a boolean

[lanwen]

Checklist

• I have looked into the Readme and Examples, and have not found a suitable solution or answer.
• I have looked into the API documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

We use OIDC provider which in order, uses SAML and somehow, in the email_verified field there is a same email as in email. Since its not a boolean, SDK fails to parse the response.

api.users().get(userId, new UserFilter()).executeAsync()

Would be nice to have some kind of a workaround for this case

Reproduction

Original Stack Trace:
		at com.auth0.net.BaseRequest.parseResponseBody(BaseRequest.java:90)
		at com.auth0.net.BaseRequest.getResponseFuture(BaseRequest.java:176)
		at java.base/java.util.concurrent.CompletableFuture$UniCompose.tryFire(CompletableFuture.java:1150)
		at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:510)
		at java.base/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2179)
		at com.auth0.net.client.DefaultHttpClient$1.onResponse(DefaultHttpClient.java:100)
		at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:519)
		at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
		at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
		at java.base/java.lang.Thread.run(Thread.java:1583)
Caused by: com.fasterxml.jackson.databind.exc.InvalidFormatException: Cannot deserialize value of type `java.lang.Boolean` from String "my@email.com": only "true" or "false" recognized
 at [Source: (String)"{"created_at":"2024-01-24T22:11:19.415Z","email":"[email protected]","email_verified":"[email protected]","https://saml:domain:com":{"email":"[email protected]","username":"k832","uuid":"d6a38526-6758-43c6-8a8d-d4d3ea4a0cb3"},"identities":[{"user_id":"connection-name|samlp|samlp-custom|[email protected]","provider":"oidc","connection":"connection-name","isSocial":false}],"name":"My Name","nickname":"nickname","picture":"https://s.gravatar.com/a"[truncated 501 chars]; line: 1, column: 97] (through reference chain: com.auth0.json.mgmt.users.User["email_verified"])
	at com.fasterxml.jackson.databind.exc.InvalidFormatException.from(InvalidFormatException.java:67)
	at com.fasterxml.jackson.databind.DeserializationContext.weirdStringException(DeserializationContext.java:2002)
	at com.fasterxml.jackson.databind.DeserializationContext.handleWeirdStringValue(DeserializationContext.java:1230)
	at com.fasterxml.jackson.databind.deser.std.StdDeserializer._parseBoolean(StdDeserializer.java:550)
	at com.fasterxml.jackson.databind.deser.std.NumberDeserializers$BooleanDeserializer.deserialize(NumberDeserializers.java:227)
	at com.fasterxml.jackson.databind.deser.std.NumberDeserializers$BooleanDeserializer.deserialize(NumberDeserializers.java:200)
	at com.fasterxml.jackson.databind.deser.SettableBeanProperty.deserialize(SettableBeanProperty.java:545)
	at com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeWithErrorWrapping(BeanDeserializer.java:570)
	at com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeUsingPropertyBased(BeanDeserializer.java:477)
	at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.deserializeFromObjectUsingNonDefault(BeanDeserializerBase.java:1409)
	at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserializeFromObject(BeanDeserializer.java:352)
	at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:185)
	at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323)
	at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4825)
	at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3772)
	at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3755)
	at com.auth0.net.BaseRequest.readResponseBody(BaseRequest.java:118)
	at com.auth0.net.BaseRequest.parseResponseBody(BaseRequest.java:88)
	at com.auth0.net.BaseRequest.getResponseFuture(BaseRequest.java:176)
	at java.base/java.util.concurrent.CompletableFuture$UniCompose.tryFire(CompletableFuture.java:1150)
	at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:510)
	at java.base/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2179)
	at com.auth0.net.client.DefaultHttpClient$1.onResponse(DefaultHttpClient.java:100)
	at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:519)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
	at java.base/java.lang.Thread.run(Thread.java:1583)

Additional context

No response

auth0-java version

2.10.0

Java version

21

[tanya732]

Hi @lanwen

Thank you for bringing this issue to our attention.

We've reviewed the details and based on our analysis, it seems unusual. According to the SDK schema, the field is defined as a Boolean. Given that the SDK is behaving as expected, the issue may not be related to the SDK itself.

Since we are unable to reproduce the issue, can you please define steps to reproduce the issue if still persists.

[lanwen]

@tanya732 Thank you for taking a look! With saml it's possible to map some fields of the saml response into the final get user response. That happens on the enterprise level, so it's not something common. But my point is that instead of failing the entire parsing in this case, sdk can ignore such fields, as right now I have to reimplement the entire client to call the endpoint.