search

SAP / cloud-security-services-integration-library

Integration libraries and samples for authenticating users and clients bound to XSUAA authentication and authorization service or Identity authentication service.
Apache License 2.0
151 stars 136 forks source link

How to call a RFC on premise destination without user login #212

Closed maxvader closed 4 years ago

maxvader commented 4 years ago

Hello, I have Java application hosted on Neo that is able to do RFC Jco calls without the need for a user logged in. For example at startup.

I'm having trouble porting it to Cloud Foundy, I've been able to do calls once a user is logged (using Spring Security and the maven projects you published). But without a user I receive the error "User is not set" upon calling JCoDestinationManager.getDestination(...).

Looking at the documentation I think I've undertood that I need to generate JWT tokens to access the destination service. At least that's what I understood looking at https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/39f538ad62e144c58c056ebc34bb6890.html#loio39f538ad62e144c58c056ebc34bb6890__generate I tried the code:" String connectivityServiceClientId = credentials.getString(CLIENT_ID); String connectivityServiceClientSecret = credentials.getString(CLIENT_SECRET);

XSTokenRequest tokenReq = new XSTokenRequestImpl(xsUaaUri.toString()); tokenReq.setClientId(connectivityServiceClientId ).setClientSecret(connectivityServiceClientSecret).setType(XSTokenRequest.TYPE_USER_TOKEN); String userExchangeAcessToken = SecurityContext.getUserInfo().requestToken(tokenReq);"

But I can't find the dependencies to resolve those classes.

Can you help me please? In case what I found is not the correct solution can you please post me the right one?

nenaraab commented 4 years ago

Hi @maxvader

i guess you are looking for the maven dependencies and the documentation for the token-client lib? This can be found here: https://github.com/SAP/cloud-security-xsuaa-integration/tree/master/token-client#xsuaa-token-client-and-token-flow-api

Best regards, Nena

maxvader commented 4 years ago

Thank you very much I'll look it :-)

maxvader commented 4 years ago

Thank you @nenaraab , I've implemented the token request and got it. The code is from your samples and seems to work:

XsuaaTokenFlows tokenFlows = new XsuaaTokenFlows(
                new XsuaaOAuth2TokenService(new RestTemplate()),
                new XsuaaDefaultEndpoints("https://authentication.eu10.hana.ondemand.com"),
                new ClientCredentials("***",
                        "***"));

        OAuth2TokenResponse clientCredentialsToken = tokenFlows.clientCredentialsTokenFlow()
               // .subdomain(jwtToken.getSubdomain()) // this is optional 
                .execute();

But now I don't know what to do with the Token, because I need to do a jcoDestination = JCoDestinationManager.getDestination(DESTINATION_NAME); I don't know where to put the token in that api... I still get the same error: "User is not set".

If I call the same getDestination from a web Controller when a user calls it after being authenticated by the app router the error disappears.

But I need to call the JCO RFC without a user logon...