Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Showing results for 
Search instead for 
Did you mean: 
sandeepmalhotra
Participant
Objective - To understand when JWT token is generated and passed to the req object in CAP service ( req.headers.authorization)

XSUAA is responsible for Authentication and generating the JWT Token. However, Approuter forwards the JWT Token to the service. Once  the user get authenticated with XSUAA  by App-router. App-Router will pass JWT Token to the ODATA service

Assumption - Audience has basic understanding of SAP BTP , Cloud-Foundry

Following are the basic components used



















 Component Usage
Odata Service To print JWT token
XSUAA Generate JWT Token
Approuter Read the JWT Token and pass it to  ODATA service

 

Github Public Repository Link 

URL https://github.com/Sandeep-Malhotra/cap-test-jwt

 

Following different branches are created to understand the use of XSUAA , Approuter

 





















Branch Name



Purpose



without-uaa



App without XSUAA service



with-uaa



App with XSUAA service but without Approuter



with-approuter



App with XSUAA service and Approuter


Steps

  • Create a directory


mkdir cap-test-jwt


  •  Create the project inside the directory


cds init


  • Create a service in the service folder and its handler too


Only function import is added the service which returns the JWT token as a string



@path: '/test'
service TestService {
function getJWTToken() returns String
};

 
const cds = require('@sap/cds');
module.exports = async function () {
this.on("getJWTToken", async (req) => {
// As Approuter module and XSUAA service is added
// That is why JWT Token is returned after user got authenticated by Approuter from UAA service
let sToken = "";
if (req.headers.authorization) {
sToken = req.headers.authorization;
}
return sToken;

})
}

 

  • Deploy the service to the CF by running the script defined in package.json file


 
npm run deploy​

 

  • Run the Service


/test/getJWTToken()

 

Till now , neither XSUAA service nor App-router is added.  Therefore , req.headers.authorization will be undefined

 

  • Add XSUAA service


cds add xsuaa

 

  • Run the service after deployment ( Refer steps of deployment and running described previously)


 

Till now , no App-router is added but XSUAA service is added .  Again , req.headers.authorization will be undefined

 

  • Add App-router service


cds add approuter

 

  • Run the service with approuter URL after deployment ( Refer steps of deployment and running described previously)


 

Once approuter is added, req.headers.authorization will have the JWT Token .

 

Last but not least , code can run locally by creating the Default-Env.json file .
cf de cap-test-jwt-srv

 

In the App folder also copy the default-env.json but add the destination in order to route the call to local running service at the top most property
  "destinations": [
{
"name": "srv-api",
"url": "http://localhost:4004",
"forwardAuthToken": true
}
],

 

 
Hope this helps the readers.



Happy Coding !!


Further Reading link


 

 

 
Labels in this area