Closed stephangutknecht closed 3 months ago
Hello Stephan, Could you send debug logs and http wire logs of your application Best, Charles
Before uploading wire logs:
@CharlesDuboisSAP is asking for wire logs because they represent the Java/client side logs. Whereas your attached log entry, while unfamiliar to us, it looks like server side logs. For the latter we cannot provide interpretation nor support.
@stephangutknecht: CSRF token requests are being sent by default for OData POST/PUT/PATCH. Like in your source code. If the CSRF token retrieval is not successful, then the actual OData request will not contain the header. Unfortunately SAP Cloud SDK cannot make hard assumptions for CSRF requirements of generic target systems. This is why the logic is lenient.
How can a CSRF token request fail? E.g.
@newtork @CharlesDuboisSAP
We have now executed the process with the loggers you mentioned on DEBUG. You can find the logs here: https://dashboards-sf-5adb053e-a43d-4d07-89fd-afa801f39a1f.cls-02.cloud.logs.services.eu10.hana.ondemand.com/goto/a04bc954a49a70ad54a8a5a6b9d5177d?security_tenant=global.
We get an error when accessing the link:
{"statusCode":400,"error":"Bad Request","message":"[request query.security_tenant]: definition for this key is missing"}
Can you please check again?
You need to first login to the Kibana instance before opening the link.
Okay, so how do I do that exactly? I don't know anything about your Kibana instance 🤷🏻♂️
To get access, first get the CALM CAM Central Profile (https://spc.ondemand.com/sap/bc/webdynpro/a1sspc/cam_wd_central?item=request&profile=CALM%20CAM%20Central%20Profile#). Afterwards, you need CALM_APPLOG_PROD authorization (https://spc.ondemand.com/sap/bc/webdynpro/a1sspc/cam_wd_central?item=request&profile=CALM_APPLOGS_PROD). Now, you should be able to access the logs.
Hi @stephangutknecht,
I am from the Cloud SDK Team as well and will have a look at this issue. I just requested access to the Kibana related authorizations, as described in your last comment.
Hi @stephangutknecht,
I now seem to have the respective roles assigned, but the link above still gives the same error Matthias already posted before. Are there any more steps necessary?
@cschubertcs
Probably the logs are already removed. The retention date is 1 week I think. I will activate the logs for one of the next executions, and share the link to Kibana.
Best regards Stephan
Sounds good. But does it anyway make sense to see the exact same error message Matthias had without the correct access rights?
@cschubertcs
You now have the correct rights. You can just not see the logs anymore as they are already deleted. When we have the new logs available, you should be able to see them.
Hi Stephan, When clicking this link I still get the same error message as before: https://dashboards-sf-5adb053e-a43d-4d07-89fd-afa801f39a1f.cls-02.cloud.logs.services.eu10.hana.ondemand.com/auth/saml/captureUrlFragment?nextUrl=%2Fgoto%2Fa04bc954a49a70ad54a8a5a6b9d5177d&security_tenant=
{"statusCode":400,"error":"Bad Request","message":"[request query.security_tenant]: definition for this key is missing"}
I tried Firefox (my standard) and Chrome (not used for kibana before). There still seems to be something missing.
@cschubertcs
Can you try to open the landing page from Kibana first, and afterwards the direct link? I have issues with this as well, when accessing the direct link.
Okay, an improvement: I now see at least the UI, bot not the relevant data:
@cschubertcs
I have just re-run the execution with all loggers on DEBUG. Please take a look.
(Please remember to first access the Kibana instance on its own, and then use the direct link)
Hi @stephangutknecht,
I finally can see data, but can you let me know where you don't see the CSRF token being added? For the moment I was just able to identify places where it get's added (and cached) successfully.
Best case would be the http-outgoing-<some-number>
identifier.
Right now I can see 371 requests that either fetch a CSRF token, or have it added.
@cschubertcs
If you don't see the issue anymore, we can close the item. I would re-open if we see it again in one of the next executions.
Would be fine for me. However, as I never identified the issue before in the first place I cannot reliably make sure that it doesn't currently occur anymore. I just did a spot check and only see GET requests without any CSRF handling (as expected) or HEAD/POST/PUT/PATCH that have CSRF handling. That doesn't guarantee, however, that there is no issue anymore, just that I couldn't find anything. If you can point us at a concrete error message or request that doesn't have it added we would be more able to go through the related logs, as it's right now not managable to go through the logs line by line to maybe identify the issue.
We have observed the issue with missing CSRF token in Cloud SDK requests again. Here is the link to the log: https://dashboards-sf-5adb053e-a43d-4d07-89fd-afa801f39a1f.cls-02.cloud.logs.services.eu10.hana.ondemand.com/app/discover#/?_g=(filters:!(),refreshInterval:(pause:!t,value:0),time:(from:'2024-06-23T08:30:00.000Z',to:'2024-06-23T09:00:00.000Z'))&_a=h@9365b12
PS: First login to the Kibana instance using https://dashboards-sf-5adb053e-a43d-4d07-89fd-afa801f39a1f.cls-02.cloud.logs.services.eu10.hana.ondemand.com/app/dashboards#/view/ZCALMEU10?_g=h@c823129&_a=h@e94ae0c
We have identified that the issue might be related to an issue with the Java version of cloud-sdk. The documentation about CSRF token fetching seems to cover the JS version only, and seems to differ for Java. In our case, the slash at the end of the url to fetch the token was not added automatically.
Have you verified this behaviour with a REST client(e.g with Postman)? Does the CSRF token fetch to the remote system always work if there is /
at the end of the path? And if the /
is not included, is it flaky, with tokens retrieved sometimes?
I was unfortunately not able to find the relevant CSRF token fetch logs. And now the logs are no longer accessible(they probably expired) Would you be able to extract and attach the relevant logs here directly when the issue occurs? It is difficult to find the relevant ones in Kibana.
@KavithaSiva Yes, we were able to reproduce the issue with Insomnia. It only works with "/" at the end of the path. However, according to documentation, this should be handled by Cloud SDK.
You can define this CustomCsrfTokenRetriever
which will add a trailing /
on the service path:
class CustomCsrfTokenRetriever implements CsrfTokenRetriever
{
DefaultCsrfTokenRetriever defaultCsrfTokenRetriever = new DefaultCsrfTokenRetriever();
@Nonnull
@Override
public CsrfToken retrieveCsrfToken( @Nonnull HttpClient httpClient, @Nonnull String servicePath )
{
return defaultCsrfTokenRetriever.retrieveCsrfToken(httpClient, servicePath + "/");
}
@Nonnull
@Override
public CsrfToken retrieveCsrfToken(
@Nonnull HttpClient httpClient,
@Nonnull String servicePath, @Nonnull Map<String, Collection<String>> headers )
{
return defaultCsrfTokenRetriever.retrieveCsrfToken(httpClient, servicePath + "/", headers);
}
}
And then set the CustomCsrfTokenRetriever
on your request like so:
var request = ....
request.setCsrfTokenRetriever(new CustomCsrfTokenRetriever());
var client = HttpClientAccessor.getHttpClient(httpDest);
return request.execute(client);
Let me know if this works.
@CharlesDuboisSAP Thanks for the reply. We have implement similar mechanism, and it works for us. Still, I think either the documentation needs to be adapted or the mechanism in Cloud SDK that should handle trailing slash in the service path must be implemented as documented.
I will update the Java documentation (OData v2 and v4) to add the workaround.
Issue Description
We are executing requests to an ABAP on-premise system. We realized that for some requests, there is no CSRF token provided in the headers when monitoring the requests on ABAP side. Hence, they are failing.
Request in Java
Example headers w/o csrf-token
The expectation is the CSRF token is added by the framework. It doesn't happen for all requests. We are retrying the requests in case of failures. At some point, the requests are successful. This retry mechanism was built to avoid the "CSRF token invalid" issue.
Impact / Priority
This issue blocks our release.
Affected development phase: Release
Impact: Blocked
Timeline: Go-Live on April 15th
Error Message
[INFO] com.sap.btc.cross.gateway.abap:btc-cross-gateway-abap-parent:pom:1.0.0 [INFO] +- org.junit.jupiter:junit-jupiter:jar:5.10.1:test [INFO] | +- org.junit.jupiter:junit-jupiter-api:jar:5.10.1:test [INFO] | | +- org.opentest4j:opentest4j:jar:1.3.0:test [INFO] | | - org.junit.platform:junit-platform-commons:jar:1.10.1:test [INFO] | +- org.junit.jupiter:junit-jupiter-params:jar:5.10.1:test [INFO] | - org.junit.jupiter:junit-jupiter-engine:jar:5.10.1:test [INFO] +- org.slf4j:slf4j-api:jar:2.0.11:provided [INFO] +- org.junit.vintage:junit-vintage-engine:jar:5.10.1:test [INFO] | +- org.junit.platform:junit-platform-engine:jar:1.10.1:test [INFO] | +- junit:junit:jar:4.13.2:test [INFO] | - org.apiguardian:apiguardian-api:jar:1.1.2:test [INFO] +- com.sap.sectesting:fortify-annotations:jar:1.2.2:provided [INFO] - org.springdoc:springdoc-openapi-starter-webmvc-ui:jar:2.3.0:compile [INFO] +- org.springdoc:springdoc-openapi-starter-webmvc-api:jar:2.3.0:compile [INFO] | +- org.springdoc:springdoc-openapi-starter-common:jar:2.3.0:compile [INFO] | | +- org.springframework.boot:spring-boot-autoconfigure:jar:3.2.2:compile [INFO] | | | - org.springframework.boot:spring-boot:jar:3.2.2:compile [INFO] | | - io.swagger.core.v3:swagger-core-jakarta:jar:2.2.19:compile [INFO] | | +- org.apache.commons:commons-lang3:jar:3.14.0:compile [INFO] | | +- io.swagger.core.v3:swagger-annotations-jakarta:jar:2.2.19:compile [INFO] | | +- io.swagger.core.v3:swagger-models-jakarta:jar:2.2.19:compile [INFO] | | +- org.yaml:snakeyaml:jar:2.2:compile [INFO] | | +- jakarta.xml.bind:jakarta.xml.bind-api:jar:4.0.1:compile [INFO] | | | - jakarta.activation:jakarta.activation-api:jar:2.1.2:compile [INFO] | | +- jakarta.validation:jakarta.validation-api:jar:3.0.2:compile [INFO] | | +- com.fasterxml.jackson.core:jackson-annotations:jar:2.15.3:compile [INFO] | | +- com.fasterxml.jackson.core:jackson-databind:jar:2.15.3:compile [INFO] | | | - com.fasterxml.jackson.core:jackson-core:jar:2.15.3:compile [INFO] | | +- com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:jar:2.15.3:compile [INFO] | | - com.fasterxml.jackson.datatype:jackson-datatype-jsr310:jar:2.15.3:compile [INFO] | - org.springframework:spring-webmvc:jar:6.1.3:compile [INFO] | +- org.springframework:spring-aop:jar:6.1.3:compile [INFO] | +- org.springframework:spring-beans:jar:6.1.3:compile [INFO] | +- org.springframework:spring-context:jar:6.1.3:compile [INFO] | | - io.micrometer:micrometer-observation:jar:1.12.2:compile [INFO] | | - io.micrometer:micrometer-commons:jar:1.12.2:compile [INFO] | +- org.springframework:spring-core:jar:6.1.3:compile [INFO] | | - org.springframework:spring-jcl:jar:6.1.3:compile [INFO] | +- org.springframework:spring-expression:jar:6.1.3:compile [INFO] | - org.springframework:spring-web:jar:6.1.3:compile [INFO] - org.webjars:swagger-ui:jar:5.10.3:compile [INFO] [INFO] -----< com.sap.btc.cross.gateway.abap:btc-cross-gateway-abap-srv >------ [INFO] Building btc-cross-gateway-abap-srv 1.0.0 [2/3] [INFO] from srv/pom.xml [INFO] --------------------------------[ jar ]--------------------------------- [INFO] [INFO] --- dependency:3.6.1:tree (default-cli) @ btc-cross-gateway-abap-srv --- [INFO] com.sap.btc.cross.gateway.abap:btc-cross-gateway-abap-srv:jar:1.0.0 [INFO] +- com.sap.cds:cds-starter-spring-boot:jar:2.6.1:compile [INFO] | +- com.sap.cds:cds-services-api:jar:2.6.1:compile [INFO] | | +- com.sap.cds:cds4j-api:jar:2.6.1:compile [INFO] | | - com.sap.cloud.environment.servicebinding.api:java-core-api:jar:0.10.3:compile [INFO] | +- com.sap.cds:cds-framework-spring-boot:jar:2.6.1:runtime [INFO] | +- org.springframework.boot:spring-boot-starter-web:jar:3.2.2:compile [INFO] | | +- org.springframework.boot:spring-boot-starter-json:jar:3.2.2:compile [INFO] | | | +- com.fasterxml.jackson.datatype:jackson-datatype-jdk8:jar:2.15.3:compile [INFO] | | | - com.fasterxml.jackson.module:jackson-module-parameter-names:jar:2.15.3:compile [INFO] | | +- org.springframework.boot:spring-boot-starter-tomcat:jar:3.2.2:compile [INFO] | | | +- org.apache.tomcat.embed:tomcat-embed-core:jar:10.1.18:compile [INFO] | | | +- org.apache.tomcat.embed:tomcat-embed-el:jar:10.1.18:compile [INFO] | | | - org.apache.tomcat.embed:tomcat-embed-websocket:jar:10.1.18:compile [INFO] | | +- org.springframework:spring-web:jar:6.1.3:compile [INFO] | | - org.springframework:spring-webmvc:jar:6.1.3:compile [INFO] | - org.yaml:snakeyaml:jar:2.2:compile [INFO] +- com.sap.cds:cds-adapter-odata-v4:jar:2.6.1:runtime [INFO] | +- com.sap.cds:cds-adapter-api:jar:2.6.1:compile [INFO] | +- com.sap.cds:cds-services-utils:jar:2.6.1:compile [INFO] | | +- io.opentelemetry:opentelemetry-api:jar:1.31.0:compile [INFO] | | | - io.opentelemetry:opentelemetry-context:jar:1.31.0:compile [INFO] | | +- com.sap.cloud.security.xsuaa:token-client:jar:3.3.4:compile [INFO] | | - com.sap.cloud.mt:tools:jar:2.6.1:compile [INFO] | +- com.sap.cds:cds4j-core:jar:2.6.1:compile [INFO] | | - com.github.ben-manes.caffeine:caffeine:jar:3.1.8:compile [INFO] | +- com.sap.cloud.mt:cds-mtx:jar:2.6.1:compile [INFO] | | - commons-io:commons-io:jar:2.11.0:compile [INFO] | - com.sap.cds.repackaged:odata-v4-lib:jar:2.6.1:runtime [INFO] | +- commons-codec:commons-codec:jar:1.16.0:compile [INFO] | +- com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.15.3:runtime [INFO] | | - org.codehaus.woodstox:stax2-api:jar:4.2.1:runtime [INFO] | - com.fasterxml:aalto-xml:jar:1.3.2:runtime [INFO] +- com.sap.cloud.tenantlifecycle:euporie-dwc-integration:jar:2.0.0-20240221090523_b27f38d3c7984f90a66471f22b4d5c106ea0c260:compile [INFO] | +- io.pivotal.cfenv:java-cfenv-boot:jar:3.1.5:compile [INFO] | | +- io.pivotal.cfenv:java-cfenv-jdbc:jar:3.1.5:compile [INFO] | | - org.springframework.boot:spring-boot:jar:3.2.2:compile [INFO] | +- org.json:json:jar:20231013:compile [INFO] | +- org.apache.commons:commons-lang3:jar:3.14.0:compile [INFO] | +- com.sap.cloud.environment.servicebinding:java-sap-vcap-services:jar:0.10.3:compile [INFO] | +- com.sap.cloud.environment.servicebinding:java-sap-service-operator:jar:0.10.3:compile [INFO] | +- com.sap.cloud.tenantlifecycle:euporie-api:jar:2.0.0-20240223143312_5cb76ce618f22654cb288b49024f1843032b854c:compile [INFO] | | - com.sap.cloud.tenantlifecycle:euporie-api-domain:jar:2.0.0-20240223143312_5cb76ce618f22654cb288b49024f1843032b854c:compile [INFO] | +- com.sap.cloud.tenantlifecycle:hegemone-specs:jar:2.0.0-20240223131614_684d4d07779bd192d6b5d79ea703e93830438085:compile [INFO] | +- com.sap.cloud.tenantlifecycle:euporie-authentication:jar:2.0.0-20240214115019_af60650aad511598c8e5aac76f412d341ead5275:compile [INFO] | | - org.reflections:reflections:jar:0.10.2:compile [INFO] | | - org.javassist:javassist:jar:3.25.0-GA:compile [INFO] | - com.sap.dwc:util-model:jar:2.3.1:compile [INFO] +- com.sap.cloud.sdk.datamodel:odata-core:jar:5.4.0:compile [INFO] | +- com.sap.cloud.sdk.datamodel:odata-client:jar:5.4.0:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:cloudplatform-core:jar:5.4.0:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:cloudplatform-connectivity:jar:5.4.0:compile [INFO] | | +- com.sap.cloud.sdk.cloudplatform:resilience-api:jar:5.4.0:compile [INFO] | | +- com.mikesamuel:json-sanitizer:jar:1.2.3:compile [INFO] | | - com.auth0:java-jwt:jar:4.4.0:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:connectivity-apache-httpclient4:jar:5.4.0:compile [INFO] | | - com.sap.cloud.sdk.cloudplatform:caching:jar:5.4.0:compile [INFO] | +- com.sap.cloud.sdk.datamodel:fluent-result:jar:5.4.0:compile [INFO] | +- org.slf4j:jcl-over-slf4j:jar:2.0.11:runtime [INFO] | +- com.google.guava:guava:jar:32.0.1-jre:compile [INFO] | | +- com.google.guava:failureaccess:jar:1.0.1:compile [INFO] | | +- com.google.guava:listenablefuture:jar:9999.0-empty-to-avoid-conflict-with-guava:compile [INFO] | | +- org.checkerframework:checker-qual:jar:3.42.0:compile [INFO] | | +- com.google.errorprone:error_prone_annotations:jar:2.14.0:compile [INFO] | | - com.google.j2objc:j2objc-annotations:jar:2.8:compile [INFO] | +- com.google.code.gson:gson:jar:2.10.1:compile [INFO] | +- com.fasterxml.jackson.core:jackson-annotations:jar:2.15.3:compile [INFO] | +- com.fasterxml.jackson.core:jackson-core:jar:2.15.3:compile [INFO] | +- com.fasterxml.jackson.core:jackson-databind:jar:2.15.3:compile [INFO] | +- org.apache.httpcomponents:httpcore:jar:4.4.16:compile [INFO] | +- org.apache.httpcomponents:httpclient:jar:4.5.14:compile [INFO] | - io.vavr:vavr:jar:0.10.4:compile [INFO] | - io.vavr:vavr-match:jar:0.10.4:compile [INFO] +- com.sap.cloud.sdk.datamodel:odata-v4-core:jar:5.4.0:compile [INFO] +- com.sap.cds:cds-services-impl:jar:2.6.1:compile [INFO] | +- com.sap.cds:cds-services-messaging:jar:2.6.1:compile [INFO] | | - jakarta.jms:jakarta.jms-api:jar:3.1.0:compile [INFO] | - com.sap.cloud.environment.servicebinding.api:java-access-api:jar:0.10.3:compile [INFO] +- com.sap.cds:cds-feature-mt:jar:2.6.1:compile [INFO] | +- com.sap.cloud.mt:multi-tenant-runtime:jar:2.6.1:compile [INFO] | - com.sap.cloud.mt:multi-tenant-subscription:jar:2.6.1:compile [INFO] | - com.sap.cloud.instancemanager:client:jar:3.14.0:compile [INFO] +- com.sap.cds:cds-feature-cloudfoundry:jar:2.6.1:compile [INFO] +- org.apache.commons:commons-csv:jar:1.10.0:compile [INFO] +- com.sap.calm.x:uam-lib:jar:1.0.0-20240223094741_a7af5fa4a6cd94928ddc44f761cb36e5e2b47e14:compile [INFO] | +- jakarta.servlet:jakarta.servlet-api:jar:6.0.0:compile [INFO] | - com.sap.cloud.sdk.cloudplatform:resilience4j:jar:5.4.0:compile [INFO] | +- io.github.resilience4j:resilience4j-circuitbreaker:jar:2.2.0:compile [INFO] | | - io.github.resilience4j:resilience4j-core:jar:2.2.0:compile [INFO] | +- io.github.resilience4j:resilience4j-bulkhead:jar:2.2.0:compile [INFO] | +- io.github.resilience4j:resilience4j-timelimiter:jar:2.2.0:compile [INFO] | +- io.github.resilience4j:resilience4j-retry:jar:2.2.0:compile [INFO] | +- io.github.resilience4j:resilience4j-ratelimiter:jar:2.2.0:compile [INFO] | - javax.cache:cache-api:jar:1.1.1:compile [INFO] +- org.projectlombok:lombok:jar:1.18.30:provided [INFO] +- com.sap.hcp.cf.logging:cf-java-logging-support-logback:jar:3.7.0:compile [INFO] | - com.sap.hcp.cf.logging:cf-java-logging-support-core:jar:3.7.0:compile [INFO] | - com.fasterxml.jackson.jr:jackson-jr-objects:jar:2.15.3:compile [INFO] +- com.sap.cds:cds-integration-cloud-sdk:jar:2.6.1:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:tenant:jar:5.4.0:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:security:jar:5.4.0:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:connectivity-oauth:jar:5.4.0:compile [INFO] | | +- com.sap.cloud.environment.servicebinding.api:java-consumption-api:jar:0.10.3:compile [INFO] | | +- com.sap.cloud.security:java-api:jar:3.3.4:compile [INFO] | | - com.sap.cloud.security:java-security:jar:3.3.4:compile [INFO] | - com.sap.cloud.sdk.frameworks:resilience4j:jar:4.29.0:compile [INFO] +- org.springframework.security:spring-security-test:jar:6.2.1:test [INFO] | +- org.springframework.security:spring-security-core:jar:6.2.1:compile [INFO] | | +- org.springframework.security:spring-security-crypto:jar:6.2.1:compile [INFO] | | +- org.springframework:spring-aop:jar:6.1.3:compile [INFO] | | +- org.springframework:spring-beans:jar:6.1.3:compile [INFO] | | +- org.springframework:spring-context:jar:6.1.3:compile [INFO] | | - org.springframework:spring-expression:jar:6.1.3:compile [INFO] | +- org.springframework.security:spring-security-web:jar:6.2.1:compile [INFO] | +- org.springframework:spring-core:jar:6.1.3:compile [INFO] | | - org.springframework:spring-jcl:jar:6.1.3:compile [INFO] | - org.springframework:spring-test:jar:6.1.3:test [INFO] +- com.sap.xs.auditlog:audit-java-client-api:jar:2.0.19:compile [INFO] +- com.sap.xs.auditlog:audit-java-client-impl:jar:2.0.19:compile [INFO] | +- com.sap.xs.auditlog:auditlog-common:jar:2.0.52:compile [INFO] | - com.sap.xs.java:xs-user-holder:jar:1.8.3:compile [INFO] | - com.sap.xs2.security:java-container-security-api:jar:0.33.18:compile [INFO] | - com.sap.cloud.security.xssec:api:jar:1.0.2:compile [INFO] +- com.sap.xs.java:xs-env:jar:1.8.5:compile [INFO] +- org.slf4j:slf4j-api:jar:2.0.11:compile [INFO] +- com.sap.dwc:util-cap:jar:2.3.1:compile [INFO] | +- org.apache.httpcomponents.client5:httpclient5:jar:5.2.3:compile [INFO] | | +- org.apache.httpcomponents.core5:httpcore5:jar:5.2.4:compile [INFO] | | - org.apache.httpcomponents.core5:httpcore5-h2:jar:5.2.4:compile [INFO] | - com.sap.dwc.commons:commons-util:jar:2.19.0:compile [INFO] +- com.sap.dwc:util-headers:jar:2.3.1:compile [INFO] +- com.sap.dwc:util-product-config:jar:2.3.1:compile [INFO] +- com.sap.dwc:util-mutual-authentication:jar:2.3.1:compile [INFO] | +- org.bouncycastle:bcprov-jdk18on:jar:1.74:compile [INFO] | - org.bouncycastle:bcpkix-jdk18on:jar:1.75:compile [INFO] | - org.bouncycastle:bcutil-jdk18on:jar:1.75:compile [INFO] +- com.sap.dwc:util-routing:jar:2.3.1:compile [INFO] +- com.sap.calm.x:dwc-foundation:jar:2.1.0-20240226114504_323cb0ee25bfc3fc737165be74d6e691ba02ecc0:compile [INFO] | +- com.sap.cds:cds-starter-spring-boot-odata:jar:2.6.1:compile [INFO] | +- jakarta.annotation:jakarta.annotation-api:jar:2.1.1:compile [INFO] | +- jakarta.management.j2ee:jakarta.management.j2ee-api:jar:1.1.4:compile [INFO] | +- com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:jar:20220608.1:compile [INFO] | +- com.sap.cloud.sdk:sdk-core:jar:5.4.0:compile [INFO] | | +- com.sap.cloud.sdk.cloudplatform:connectivity-destination-service:jar:5.4.0:compile [INFO] | | - com.sap.cloud.sdk.cloudplatform:servlet-jakarta:jar:5.4.0:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:connectivity-dwc:jar:5.4.0:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:sap-passport:jar:4.28.0:compile [INFO] | | - com.sap.core.jdsr:com.sap.js.passport.api:jar:1.8.0:compile [INFO] | +- com.sap.cloud.sdk.cloudplatform:auditlog-scp-cf:jar:4.29.0:compile [INFO] | | - com.sap.cloud.sdk.cloudplatform:auditlog:jar:4.29.0:compile [INFO] | +- com.sap.cp.auditlog:audit-java-client-impl:jar:2.6.0:compile [INFO] | | +- com.sap.cloud.security:env:jar:3.3.4:compile [INFO] | | - com.sap.cp.auditlog:auditlog-common:jar:2.2.16:compile [INFO] | +- com.sap.cp.auditlog:audit-java-client-api:jar:2.6.0:compile [INFO] | +- org.springframework.boot:spring-boot-starter-security:jar:3.2.2:compile [INFO] | | - org.springframework.security:spring-security-config:jar:6.2.1:compile [INFO] | - org.jsoup:jsoup:jar:1.17.2:compile [INFO] +- org.springframework.boot:spring-boot-starter-actuator:jar:3.2.2:compile [INFO] | +- org.springframework.boot:spring-boot-starter:jar:3.2.2:compile [INFO] | | +- org.springframework.boot:spring-boot-autoconfigure:jar:3.2.2:compile [INFO] | | - org.springframework.boot:spring-boot-starter-logging:jar:3.2.2:compile [INFO] | | +- ch.qos.logback:logback-classic:jar:1.4.14:compile [INFO] | | | - ch.qos.logback:logback-core:jar:1.4.14:compile [INFO] | | +- org.apache.logging.log4j:log4j-to-slf4j:jar:2.21.1:compile [INFO] | | | - org.apache.logging.log4j:log4j-api:jar:2.21.1:compile [INFO] | | - org.slf4j:jul-to-slf4j:jar:2.0.11:compile [INFO] | +- org.springframework.boot:spring-boot-actuator-autoconfigure:jar:3.2.2:compile [INFO] | | - org.springframework.boot:spring-boot-actuator:jar:3.2.2:compile [INFO] | +- io.micrometer:micrometer-observation:jar:1.12.2:compile [INFO] | | - io.micrometer:micrometer-commons:jar:1.12.2:compile [INFO] | - io.micrometer:micrometer-jakarta9:jar:1.12.2:compile [INFO] | - io.micrometer:micrometer-core:jar:1.12.2:compile [INFO] | +- org.hdrhistogram:HdrHistogram:jar:2.1.12:runtime [INFO] | - org.latencyutils:LatencyUtils:jar:2.0.3:runtime [INFO] +- com.sap.cumulus.jiralinking:jira-annotation:jar:3.5.3:test [INFO] +- com.sap.calm.metering:calm-metering-lib:jar:2.0.0-20240222062514_8b51388995c7417ff0ea946e10efa94717f572d0:compile [INFO] | +- org.springframework.boot:spring-boot-starter-webflux:jar:3.2.2:compile [INFO] | | +- org.springframework.boot:spring-boot-starter-reactor-netty:jar:3.2.2:compile [INFO] | | | - io.projectreactor.netty:reactor-netty-http:jar:1.1.15:compile [INFO] | | | +- io.netty:netty-codec-http:jar:4.1.105.Final:compile [INFO] | | | | +- io.netty:netty-common:jar:4.1.105.Final:compile [INFO] | | | | +- io.netty:netty-buffer:jar:4.1.105.Final:compile [INFO] | | | | +- io.netty:netty-transport:jar:4.1.105.Final:compile [INFO] | | | | +- io.netty:netty-codec:jar:4.1.105.Final:compile [INFO] | | | | - io.netty:netty-handler:jar:4.1.105.Final:compile [INFO] | | | +- io.netty:netty-codec-http2:jar:4.1.105.Final:compile [INFO] | | | +- io.netty:netty-resolver-dns:jar:4.1.105.Final:compile [INFO] | | | | +- io.netty:netty-resolver:jar:4.1.105.Final:compile [INFO] | | | | - io.netty:netty-codec-dns:jar:4.1.105.Final:compile [INFO] | | | +- io.netty:netty-resolver-dns-native-macos:jar:osx-x86_64:4.1.105.Final:compile [INFO] | | | | - io.netty:netty-resolver-dns-classes-macos:jar:4.1.105.Final:compile [INFO] | | | +- io.netty:netty-transport-native-epoll:jar:linux-x86_64:4.1.105.Final:compile [INFO] | | | | +- io.netty:netty-transport-native-unix-common:jar:4.1.105.Final:compile [INFO] | | | | - io.netty:netty-transport-classes-epoll:jar:4.1.105.Final:compile [INFO] | | | - io.projectreactor.netty:reactor-netty-core:jar:1.1.15:compile [INFO] | | | - io.netty:netty-handler-proxy:jar:4.1.105.Final:compile [INFO] | | | - io.netty:netty-codec-socks:jar:4.1.105.Final:compile [INFO] | | - org.springframework:spring-webflux:jar:6.1.3:compile [INFO] | | - io.projectreactor:reactor-core:jar:3.6.2:compile [INFO] | | - org.reactivestreams:reactive-streams:jar:1.0.4:compile [INFO] | +- org.springframework.boot:spring-boot-starter-aop:jar:3.2.2:compile [INFO] | | - org.aspectj:aspectjweaver:jar:1.9.21:compile [INFO] | - com.sap.cloud.sdk.cloudplatform:resilience:jar:5.4.0:compile [INFO] +- com.sap.calm.x:calm-kafka-clientlib:jar:2.1.0-20240220141031_e1d18dc1b3a447c6c3f87bd95dcb3008600749fe:compile [INFO] | +- io.cloudevents:cloudevents-json-jackson:jar:2.5.0:compile [INFO] | | - io.cloudevents:cloudevents-core:jar:2.5.0:compile [INFO] | | - io.cloudevents:cloudevents-api:jar:2.5.0:compile [INFO] | +- io.cloudevents:cloudevents-kafka:jar:2.5.0:compile [INFO] | | - org.apache.kafka:kafka-clients:jar:3.6.1:compile [INFO] | | +- com.github.luben:zstd-jni:jar:1.5.5-1:runtime [INFO] | | +- org.lz4:lz4-java:jar:1.8.0:runtime [INFO] | | - org.xerial.snappy:snappy-java:jar:1.1.10.4:runtime [INFO] | +- org.immutables:value:jar:2.10.1:compile [INFO] | +- com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:jar:2.15.3:compile [INFO] | +- com.fasterxml.jackson.datatype:jackson-datatype-jsr310:jar:2.15.3:compile [INFO] | +- jakarta.validation:jakarta.validation-api:jar:3.0.2:compile [INFO] | +- org.springframework.security:spring-security-oauth2-client:jar:6.2.1:compile [INFO] | | +- org.springframework.security:spring-security-oauth2-core:jar:6.2.1:compile [INFO] | | - com.nimbusds:oauth2-oidc-sdk:jar:9.43.3:compile [INFO] | | +- com.github.stephenc.jcip:jcip-annotations:jar:1.0-1:compile [INFO] | | +- com.nimbusds:content-type:jar:2.2:compile [INFO] | | +- com.nimbusds:lang-tag:jar:1.7:compile [INFO] | | - com.nimbusds:nimbus-jose-jwt:jar:9.21:compile [INFO] | +- org.springframework.kafka:spring-kafka:jar:3.1.1:compile [INFO] | | +- org.springframework:spring-messaging:jar:6.1.3:compile [INFO] | | +- org.springframework:spring-tx:jar:6.1.3:compile [INFO] | | - org.springframework.retry:spring-retry:jar:2.0.5:compile [INFO] | +- io.pivotal.cfenv:java-cfenv:jar:3.1.5:compile [INFO] | | - com.cedarsoftware:json-io:jar:4.19.1:compile [INFO] | | - com.novell.ldap:jldap:jar:2009-10-07:compile [INFO] | +- org.apache.commons:commons-collections4:jar:4.4:compile [INFO] | +- org.springframework.cloud:spring-cloud-context:jar:4.1.1:compile [INFO] | - org.apache.commons:commons-text:jar:1.11.0:compile [INFO] +- com.google.code.findbugs:jsr305:jar:3.0.2:compile [INFO] +- org.springframework.boot:spring-boot-starter-test:jar:3.2.2:test [INFO] | +- org.springframework.boot:spring-boot-test:jar:3.2.2:test [INFO] | +- org.springframework.boot:spring-boot-test-autoconfigure:jar:3.2.2:test [INFO] | +- com.jayway.jsonpath:json-path:jar:2.9.0:test [INFO] | +- jakarta.xml.bind:jakarta.xml.bind-api:jar:4.0.1:compile [INFO] | | - jakarta.activation:jakarta.activation-api:jar:2.1.2:compile [INFO] | +- net.minidev:json-smart:jar:2.5.0:compile [INFO] | | - net.minidev:accessors-smart:jar:2.5.0:compile [INFO] | | - org.ow2.asm:asm:jar:9.4:compile [INFO] | +- org.assertj:assertj-core:jar:3.24.2:test [INFO] | | - net.bytebuddy:byte-buddy:jar:1.14.11:test [INFO] | +- org.awaitility:awaitility:jar:4.2.0:test [INFO] | +- org.hamcrest:hamcrest:jar:2.2:test [INFO] | +- org.mockito:mockito-core:jar:5.7.0:test [INFO] | | +- net.bytebuddy:byte-buddy-agent:jar:1.14.11:test [INFO] | | - org.objenesis:objenesis:jar:3.3:test [INFO] | +- org.mockito:mockito-junit-jupiter:jar:5.7.0:test [INFO] | +- org.skyscreamer:jsonassert:jar:1.5.1:test [INFO] | | - com.vaadin.external.google:android-json:jar:0.0.20131108.vaadin1:test [INFO] | - org.xmlunit:xmlunit-core:jar:2.9.1:test [INFO] +- org.junit.jupiter:junit-jupiter-api:jar:5.10.1:test [INFO] | +- org.opentest4j:opentest4j:jar:1.3.0:test [INFO] | +- org.junit.platform:junit-platform-commons:jar:1.10.1:test [INFO] | - org.apiguardian:apiguardian-api:jar:1.1.2:test [INFO] +- org.junit.jupiter:junit-jupiter-engine:jar:5.10.1:test [INFO] | - org.junit.platform:junit-platform-engine:jar:1.10.1:test [INFO] +- org.junit.jupiter:junit-jupiter-params:jar:5.10.1:test [INFO] +- org.mockito:mockito-inline:jar:5.2.0:test [INFO] +- com.tngtech.archunit:archunit-junit5:jar:1.2.1:test [INFO] | +- com.tngtech.archunit:archunit-junit5-api:jar:1.2.1:test [INFO] | | - com.tngtech.archunit:archunit:jar:1.2.1:test [INFO] | - com.tngtech.archunit:archunit-junit5-engine:jar:1.2.1:test [INFO] | - com.tngtech.archunit:archunit-junit5-engine-api:jar:1.2.1:test [INFO] +- org.junit.jupiter:junit-jupiter:jar:5.10.1:test [INFO] +- org.junit.vintage:junit-vintage-engine:jar:5.10.1:test [INFO] | - junit:junit:jar:4.13.2:test [INFO] +- com.sap.sectesting:fortify-annotations:jar:1.2.2:provided [INFO] - org.springdoc:springdoc-openapi-starter-webmvc-ui:jar:2.3.0:compile [INFO] +- org.springdoc:springdoc-openapi-starter-webmvc-api:jar:2.3.0:compile [INFO] | - org.springdoc:springdoc-openapi-starter-common:jar:2.3.0:compile [INFO] | - io.swagger.core.v3:swagger-core-jakarta:jar:2.2.19:compile [INFO] | +- io.swagger.core.v3:swagger-annotations-jakarta:jar:2.2.19:compile [INFO] | - io.swagger.core.v3:swagger-models-jakarta:jar:2.2.19:compile [INFO] - org.webjars:swagger-ui:jar:5.10.3:compile
Project Details
Checklist