To know more about these flows, you can refer to the following links.
Attribute | Value |
ID | <OAUTH2_CREDENTIALS_ID> |
OAuth URL | https://<AUTHENTICATION_URL_TO_GENERATE_TOKEN>; |
Client ID | <OAUTH2_CLIENT_ID> |
Client Secret | <CLIENT_SECRET> |
Attribute | Value |
ID | <ENDPOINT_ID> |
NAME | <ENDPOINT_NAME> |
Version | <VERSION> |
Specification URL | https://<GET_OR_POST_REQUEST_REQUIRING_AUTHENTICATION>; |
Attribute | Value | Documentation |
ID | <ENDPOINT_ID> | |
URL | Same as Specification URL configured in the Endpoint | |
Version | <VERSION> | |
Destination Target | Destination Target configured to host all | Configuring Destination Targets |
Endpoint | Endpoint configured previously | |
Credential | Credential entry configured previously |
Caused by: org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException: Access token denied.
[...]
Caused by: org.springframework.security.oauth2.common.exceptions.InvalidRequestException: AADSTS90014: The required field 'scope' is missing from the credential. Ensure that you have all the necessary parameters for the login request.
Trace ID: 70094699-a056-4d5e-a65f-54014bfc0c00
Correlation ID: 37ad00cb-89f7-4e1f-9f60-2768c515a18d
Timestamp: 2023-10-24 13:02:34Z
at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:104) ~[spring-security-oauth2-2.5.0.RELEASE.jar:?]
ERROR [hybrisHTTP23] [TestDestinationUrlAction] Remote system ([https://<GET_OR_POST_REQUEST_REQUIRING_AUTHENTICATION>]): ping unsuccessful. Returned status code was [401 UNAUTHORIZED]. For more information, see the server log.
de.hybris.platform.apiregistryservices.exceptions.DestinationNotFoundException: 401 Access Denied: "{ "statusCode": 401, "message": "Access denied due to missing subscription key. Make sure to include subscription key when making requests to an API." }"
public class CustomDestinationService extends DefaultDestinationService {
private static final Logger LOG = Logger.getLogger(FBDestinationServiceImpl.class);
[...]
final static private String WS_SCOPE="scope";
final static private String WS_HEADER_SUBSCRIPTION_KEY="subscription-key";
final static private String WS_HEADER_SUBSCRIPTION_VALUE="subscription-value";
final static private String CUSTOM_WS_URL_PREFIX="<CUSTOM_WS_URL>";
@Override
public void testDestinationUrl(final AbstractDestinationModel destinationModel) throws DestinationNotFoundException
{
try
{
// Setup WS Header
final HttpHeaders headers = new HttpHeaders();
headers.setAccept(Arrays.asList(MediaType.ALL));
headers.setContentType(MediaType.APPLICATION_JSON);
// Add subscription's key and value retrieved from destination.additionalProperties
if(destinationModel.getUrl().contains(CUSTOM_WS_URL_PREFIX)) {
headers.add(destinationModel.getAdditionalProperties().get(WS_HEADER_SUBSCRIPTION_KEY),
destinationModel.getAdditionalProperties().get(WS_HEADER_SUBSCRIPTION_VALUE));
}
final HttpEntity<Object> httpEntity = new HttpEntity<>(headers);
//Retrieve the Rest template to be executed from Consumer Destination configured on Backoffice
final RestTemplate restTemplate = getRestTemplate(destinationModel);
// Enrich rest template with the scope retrieved from destination.additionalProperties
enrichRestTemplateWithScope(restTemplate,destinationModel);
// Call the WS with RestTemplate and return the WS Response
final ResponseEntity<String> response = restTemplate.exchange(validateExposedDestinationUrl(destinationModel.getUrl()), HttpMethod.GET, httpEntity, String.class);
// Process errors
if(response.getStatusCode().series() != HttpStatus.Series.SUCCESSFUL)
{
[...]
}
//Here we could process the WS response
LOG.info("WS Response : "+ response.toString());
}
// Process errors
catch (final HttpClientErrorException | HttpServerErrorException e){[...]}
catch (final ResourceAccessException e){[...]}
catch (final Exception e){[...]}
}
private void enrichRestTemplateWithScope(RestTemplate restTemplate, AbstractDestinationModel destinationModel){
//Inject the scope into the oauth2 token call
if (restTemplate instanceof OAuth2RestTemplate
&& ((OAuth2RestTemplate)restTemplate).getResource() instanceof BaseOAuth2ProtectedResourceDetails
&& destinationModel.getUrl().contains(CUSTOM_WS_URL_PREFIX)){
((BaseOAuth2ProtectedResourceDetails)((OAuth2RestTemplate)restTemplate).getResource())
.setScope(List.of(destinationModel.getAdditionalProperties().get(WS_SCOPE)));
}
}
}
<alias alias="destinationService" name="customDestinationService"/>
<bean id="customDestinationService" class="com.sap.custom.apiregistryservices.services.impl.CustomDestinationService" >
<property name="destinationDao" ref="destinationDao"/>
</bean>
Expand source
final static private String WEBSERVICES_SCOPE="scope";
final static private String WEBSERVICES_HEADER_SUBSCRIPTION_KEY="subscription-key";
final static private String WEBSERVICES_HEADER_SUBSCRIPTION_VALUE="subscription-value";
In addition to the values configured previously for CustomerDestination
Attribute | Value |
ID | <ENDPOINT_ID> |
URL | Same as specification URL configured in the Endpoint |
Version | <VERSION> |
Destination Target | Destination Target configured previously |
Endpoint | Endpoint configured previously |
Credential | Credential entry configured previously |
You will need to configure ConsumedDestination.additionalProperties as follow.
Key | Value |
scope | <SCOPE> |
subscription-key | <SUBSCRIPTION_KEY> |
subscription-value | <SUBSCRIPTION_VALUE> |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
6 | |
5 | |
4 | |
3 | |
3 | |
1 | |
1 | |
1 | |
1 | |
1 |