cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CAP: Hybrid testing with XSA

Go to solution
kosmopilot
Explorer

on ‎2022 Oct 12 12:17 PM

799

In my NodeJs CAP application, I'd like to use hybrid testing as described in the capire documentation in order to connect to a remote service that runs on a HANA XSA on-premise server.

Unfortunately, the `cds bind` command described in the documentation works only with Cloud Foundry and not XSA.

The remote service uses a XSUAA service for authentication & authorization. Hence, the service url and basic authentication cannot be used to connect to the service. The current configuration results in an 401 unauthorized error when trying to connect.

Is Hybrid Testing possible with Hana XSA and if so, how?

Some more details:

The remote services uses a XSUAA service for authentication. The exposed entities of the remote service are annotated with 

 @(requires : 'authenticated-user')

This is how the remote service is currently configured for hybrid testing:

  "cds": {
    "requires": {
      "myRemoteService": {
        "kind": "odata",
        "model": "srv/external/myRemoteService",
        "[hybrid]": {
          "credentials": {
            "url": "https://xxxxxxx:51080/api/someEntity",
            "user": "someUser",
            "password": "*******"
          }
        }
      },

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (1)

Accepted Solutions (1)

gregorw
SAP Mentor
SAP Mentor
‎2022 Oct 12 4:00 PM

Hi Andreas,

unfortunately the support for CAP in combination with XSA is limited to the use of default-env.json. But you could try is to define your XSA endpoint via a destination and configure it with ForwardAuthToken = true. When you then get some conding into your test that does this request (try first with my sample REST Client Script from tests/api-access.http#L16

POST {{$dotenv xsuaa_api_tokenendpoint}}/oauth/token
Accept: application/json;charset=utf8
Authorization: Basic {{$dotenv clientid}}:{{$dotenv clientsecret}}
Content-Type: application/x-www-form-urlencoded

grant_type=password
&username={{$dotenv username}}
&password={{$dotenv password}}
&client_id={{$dotenv clientid}}
&response_type=token

you should be able to retrieve a JWT that you can use to call your CAP Service. The CAP Service should forward this token and allow you also to call the XSA service.

Best Regards
Gregor

Show replies
Show replies

Answers (0)

Ask a Question