Destinations not working

[mlucascardoso]

• What I'm doing? I'm trying to reach a https destination from localhost sapui5 without success. For example:

Lets say i have a destinations.json file with this content:

{
    "destinations": {
        "sapui5": {
            "Description": "SAPUI5 Resources",
            "cdn": "https://sapui5.hana.ondemand.com",
            "localDir": false
        },
        "test_google": {
            "Type":"HTTP",
            "Name":"test_google",
            "URL": "https://www.google.com"
        }
    }
}

In list.controller.js i have:

sap.ui.define([
    'sap/ui/core/mvc/Controller'
], function (MessageToast, Controller) {
    return Controller.extend('controller-path', {
        onInit: function () {
            const model = new sap.ui.model.json.JSONModel('/google-destination');
            model.loadData();
        }
    });
});

When this controller is loaded, i get this error:

Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: Host: localhost. is not in the cert's altnames: DNS:google.com, DNS:*.2mdn.net, DNS:*.android.com, DNS:*.appengine.google.com, DNS:*.au.doubleclick.net, DNS:*.bdn.dev, DNS:*.cc-dt.com, DNS:*.cloud.google.com, DNS:*.crowdsource.google.com, DNS:*.de.doubleclick.net, DNS:*.doubleclick.com, DNS:*.doubleclick.net, DNS:*.fls.doubleclick.net, DNS:*.fr.doubleclick.net, DNS:*.g.co, DNS:*.gcp.gvt2.com, DNS:*.gcpcdn.gvt1.com, DNS:*.ggpht.cn, DNS:*.gkecnapps.cn, DNS:*.google-analytics.com, DNS:*.google.ac, DNS:*.google.ad, DNS:*.google.ae, DNS:*.google.af, DNS:*.google.ag, DNS:*.google.ai, DNS:*.google.al, DNS:*.google.am, DNS:*.google.as, DNS:*.google.at, DNS:*.google.az, DNS:*.google.ba, DNS:*.google.be, DNS:*.google.bf, DNS:*.google.bg, DNS:*.google.bi, DNS:*.google.bj, DNS:*.google.bs, DNS:*.google.bt, DNS:*.google.by, DNS:*.google.ca, DNS:*.google.cat, DNS:*.google.cc, DNS:*.google.cd, DNS:*.google.cf, DNS:*.google.cg, DNS:*.google.ch, DNS:*.google.ci, DNS:*.google.cl, DNS:*.google.cm, DNS:*.google.cn, DNS:*.google.co.ao, DNS:*.google.co.bw, DNS:*.google.co.ck, DNS:*.google.co.cr, DNS:*.google.co.hu, DNS:*.google.co.id, DNS:*.google.co.il, DNS:*.google.co.im, DNS:*.google.co.in, DNS:*.google.co.je, DNS:*.google.co.jp, DNS:*.google.co.ke, DNS:*.google.co.kr, DNS:*.google.co.ls, DNS:*.google.co.ma, DNS:*.google.co.mz, DNS:*.google.co.nz, DNS:*.google.co.th, DNS:*.google.co.tz, DNS:*.google.co.ug, DNS:*.google.co.uk, DNS:*.google.co.uz, DNS:*.google.co.ve, DNS:*.google.co.vi, DNS:*.google.co.za, DNS:*.google.co.zm, DNS:*.google.co.zw, DNS:*.google.com, DNS:*.google.com.af, DNS:*.google.com.ag, DNS:*.google.com.ai, DNS:*.google.com.ar, DNS:*.google.com.au, DNS:*.google.com.bd, DNS:*.google.com.bh, DNS:*.google.com.bn, DNS:*.google.com.bo, DNS:*.google.com.br, DNS:*.google.com.by, DNS:*.google.com.bz, DNS:*.google.com.cn, DNS:*.google.com.co, DNS:*.google.com.cu, DNS:*.google.com.cy, DNS:*.google.com.do, DNS:*.google.com.ec, DNS:*.google.com.eg, DNS:*.google.com.et, DNS:*.google.com.fj, DNS:*.google.com.ge, DNS:*.google.com.gh, DNS:*.google.com.gi, DNS:*.google.com.gr, DNS:*.google.com.gt, DNS:*.google.com.hk, DNS:*.google.com.iq, DNS:*.google.com.jm, DNS:*.google.com.jo, DNS:*.google.com.kh, DNS:*.google.com.kw, DNS:*.google.com.lb, DNS:*.google.com.ly, DNS:*.google.com.mm, DNS:*.google.com.mt, DNS:*.google.com.mx, DNS:*.google.com.my, DNS:*.google.com.na, DNS:*.google.com.nf, DNS:*.google.com.ng, DNS:*.google.com.ni, DNS:*.google.com.np, DNS:*.google.com.nr, DNS:*.google.com.om, DNS:*.google.com.pa, DNS:*.google.com.pe, DNS:*.google.com.pg, DNS:*.google.com.ph, DNS:*.google.com.pk, DNS:*.google.com.pl, DNS:*.google.com.pr, DNS:*.google.com.py, DNS:*.google.com.qa, DNS:*.google.com.ru, DNS:*.google.com.sa, DNS:*.google.com.sb, DNS:*.google.com.sg, DNS:*.google.com.sl, DNS:*.google.com.sv, DNS:*.google.com.tj, DNS:*.google.com.tn, DNS:*.google.com.tr, DNS:*.google.com.tw, DNS:*.google.com.ua, DNS:*.google.com.uy, DNS:*.google.com.vc, DNS:*.google.com.ve, DNS:*.google.com.vn, DNS:*.google.cv, DNS:*.google.cz, DNS:*.google.de, DNS:*.google.dj, DNS:*.google.dk, DNS:*.google.dm, DNS:*.google.dz, DNS:*.google.ee, DNS:*.google.es, DNS:*.google.eus, DNS:*.google.fi, DNS:*.google.fm, DNS:*.google.fr, DNS:*.google.frl, DNS:*.google.ga, DNS:*.google.gal, DNS:*.google.ge, DNS:*.google.gg, DNS:*.google.gl, DNS:*.google.gm, DNS:*.google.gp, DNS:*.google.gr, DNS:*.google.gy, DNS:*.google.hk, DNS:*.google.hn, DNS:*.google.hr, DNS:*.google.ht, DNS:*.google.hu, DNS:*.google.ie, DNS:*.google.im, DNS:*.google.in, DNS:*.google.info, DNS:*.google.iq, DNS:*.google.ir, DNS:*.google.is, DNS:*.google.it, DNS:*.google.it.ao, DNS:*.google.je, DNS:*.google.jo, DNS:*.google.jobs, DNS:*.google.jp, DNS:*.google.kg, DNS:*.google.ki, DNS:*.google.kz, DNS:*.google.la, DNS:*.google.li, DNS:*.google.lk, DNS:*.google.lt, DNS:*.google.lu, DNS:*.google.lv, DNS:*.google.md, DNS:*.google.me, DNS:*.google.mg, DNS:*.google.mk, DNS:*.google.ml, DNS:*.google.mn, DNS:*.google.ms, DNS:*.google.mu, DNS:*.google.mv, DNS:*.google.mw, DNS:*.google.ne, DNS:*.google.ne.jp, DNS:*.google.net, DNS:*.google.ng, DNS:*.google.nl, DNS:*.google.no, DNS:*.google.nr, DNS:*.google.nu, DNS:*.google.off.ai, DNS:*.google.pk, DNS:*.google.pl, DNS:*.google.pn, DNS:*.google.ps, DNS:*.google.pt, DNS:*.google.ro, DNS:*.google.rs, DNS:*.google.ru, DNS:*.google.rw, DNS:*.google.sc, DNS:*.google.se, DNS:*.google.sh, DNS:*.google.si, DNS:*.google.sk, DNS:*.google.sm, DNS:*.google.sn, DNS:*.google.so, DNS:*.google.sr, DNS:*.google.st, DNS:*.google.td, DNS:*.google.tel, DNS:*.google.tg, DNS:*.google.tk, DNS:*.google.tl, DNS:*.google.tm, DNS:*.google.tn, DNS:*.google.to, DNS:*.google.tt, DNS:*.google.ua, DNS:*.google.us, DNS:*.google.uz, DNS:*.google.vg, DNS:*.google.vu, DNS:*.google.ws, DNS:*.googleadapis.com, DNS:*.googleadsserving.cn, DNS:*.googleapis.cn, DNS:*.googlecnapps.cn, DNS:*.googlecommerce.com, DNS:*.googleusercontent.cn, DNS:*.googlevideo.com, DNS:*.gstatic.cn, DNS:*.gstatic.com, DNS:*.gstaticcnapps.cn, DNS:*.gvt1.com, DNS:*.gvt2.com, DNS:*.jp.doubleclick.net, DNS:*.metric.gstatic.com, DNS:*.uk.doubleclick.net, DNS:*.urchin.com, DNS:*.url.google.com, DNS:*.wear.gkecnapps.cn, DNS:*.youtube-nocookie.com, DNS:*.youtube.com, DNS:*.youtubeeducation.com, DNS:*.youtubekids.com, DNS:*.yt.be, DNS:*.ytimg.com, DNS:ad.mo.doubleclick.net, DNS:android.clients.google.com, DNS:android.com, DNS:developer.android.google.cn, DNS:developers.android.google.cn, DNS:doubleclick.com, DNS:doubleclick.net, DNS:g.co, DNS:ggpht.cn, DNS:gkecnapps.cn, DNS:goo.gl, DNS:google-analytics.com, DNS:google.ac, DNS:google.ad, DNS:google.ae, DNS:google.af, DNS:google.ag, DNS:google.ai, DNS:google.al, DNS:google.am, DNS:google.as, DNS:google.at, DNS:google.az, DNS:google.ba, DNS:google.be, DNS:google.bf, DNS:google.bg, DNS:google.bi, DNS:google.bj, DNS:google.bs, DNS:google.bt, DNS:google.by, DNS:google.ca, DNS:google.cat, DNS:google.cc, DNS:google.cd, DNS:google.cf, DNS:google.cg, DNS:google.ch, DNS:google.ci, DNS:google.cl, DNS:google.cm, DNS:google.cn, DNS:google.co.ao, DNS:google.co.bw, DNS:google.co.ck, DNS:google.co.cr, DNS:google.co.hu, DNS:google.co.id, DNS:google.co.il, DNS:google.co.im, DNS:google.co.in, DNS:google.co.je, DNS:google.co.jp, DNS:google.co.ke, DNS:google.co.kr, DNS:google.co.ls, DNS:google.co.ma, DNS:google.co.mz, DNS:google.co.nz, DNS:google.co.th, DNS:google.co.tz, DNS:google.co.ug, DNS:google.co.uk, DNS:google.co.uz, DNS:google.co.ve, DNS:google.co.vi, DNS:google.co.za, DNS:google.co.zm, DNS:google.co.zw, DNS:google.com.af, DNS:google.com.ag, DNS:google.com.ai, DNS:google.com.ar, DNS:google.com.au, DNS:google.com.bd, DNS:google.com.bh, DNS:google.com.bn, DNS:google.com.bo, DNS:google.com.br, DNS:google.com.by, DNS:google.com.bz, DNS:google.com.cn, DNS:google.com.co, DNS:google.com.cu, DNS:google.com.cy, DNS:google.com.do, DNS:google.com.ec, DNS:google.com.eg, DNS:google.com.et, DNS:google.com.fj, DNS:google.com.ge, DNS:google.com.gh, DNS:google.com.gi, DNS:google.com.gr, DNS:google.com.gt, DNS:google.com.hk, DNS:google.com.iq, DNS:google.com.jm, DNS:google.com.jo, DNS:google.com.kh, DNS:google.com.kw, DNS:google.com.lb, DNS:google.com.ly, DNS:google.com.mm, DNS:google.com.mt, DNS:google.com.mx, DNS:google.com.my, DNS:google.com.na, DNS:google.com.nf, DNS:google.com.ng, DNS:google.com.ni, DNS:google.com.np, DNS:google.com.nr, DNS:google.com.om, DNS:google.com.pa, DNS:google.com.pe, DNS:google.com.pg, DNS:google.com.ph, DNS:google.com.pk, DNS:google.com.pl, DNS:google.com.pr, DNS:google.com.py, DNS:google.com.qa, DNS:google.com.ru, DNS:google.com.sa, DNS:google.com.sb, DNS:google.com.sg, DNS:google.com.sl, DNS:google.com.sv, DNS:google.com.tj, DNS:google.com.tn, DNS:google.com.tr, DNS:google.com.tw, DNS:google.com.ua, DNS:google.com.uy, DNS:google.com.vc, DNS:google.com.ve, DNS:google.com.vn, DNS:google.cv, DNS:google.cz, DNS:google.de, DNS:google.dj, DNS:google.dk, DNS:google.dm, DNS:google.dz, DNS:google.ee, DNS:google.es, DNS:google.eus, DNS:google.fi, DNS:google.fm, DNS:google.fr, DNS:google.frl, DNS:google.ga, DNS:google.gal, DNS:google.ge, DNS:google.gg, DNS:google.gl, DNS:google.gm, DNS:google.gp, DNS:google.gr, DNS:google.gy, DNS:google.hk, DNS:google.hn, DNS:google.hr, DNS:google.ht, DNS:google.hu, DNS:google.ie, DNS:google.im, DNS:google.in, DNS:google.info, DNS:google.iq, DNS:google.ir, DNS:google.is, DNS:google.it, DNS:google.it.ao, DNS:google.je, DNS:google.jo, DNS:google.jobs, DNS:google.jp, DNS:google.kg, DNS:google.ki, DNS:google.kz, DNS:google.la, DNS:google.li, DNS:google.lk, DNS:google.lt, DNS:google.lu, DNS:google.lv, DNS:google.md, DNS:google.me, DNS:google.mg, DNS:google.mk, DNS:google.ml, DNS:google.mn, DNS:google.ms, DNS:google.mu, DNS:google.mv, DNS:google.mw, DNS:google.ne, DNS:google.ne.jp, DNS:google.net, DNS:google.ng, DNS:google.nl, DNS:google.no, DNS:google.nr, DNS:google.nu, DNS:google.off.ai, DNS:google.pk, DNS:google.pl, DNS:google.pn, DNS:google.ps, DNS:google.pt, DNS:google.ro, DNS:google.rs, DNS:google.ru, DNS:google.rw, DNS:google.sc, DNS:google.se, DNS:google.sh, DNS:google.si, DNS:google.sk, DNS:google.sm, DNS:google.sn, DNS:google.so, DNS:google.sr, DNS:google.st, DNS:google.td, DNS:google.tel, DNS:google.tg, DNS:google.tk, DNS:google.tl, DNS:google.tm, DNS:google.tn, DNS:google.to, DNS:google.tt, DNS:google.ua, DNS:google.us, DNS:google.uz, DNS:google.vg, DNS:google.vu, DNS:google.ws, DNS:googlecnapps.cn, DNS:googlecommerce.com, DNS:gstatic.com, DNS:source.android.google.cn, DNS:urchin.com, DNS:www.goo.gl, DNS:youtu.be, DNS:youtube.com, DNS:youtubeeducation.com, DNS:youtubekids.com, DNS:yt.be
    at Object.checkServerIdentity (tls.js:288:12)
    at TLSSocket.onConnectSecure (_tls_wrap.js:1484:27)
    at TLSSocket.emit (events.js:310:20)
    at TLSSocket._finishInit (_tls_wrap.js:917:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:687:12)

Any ideas what I'm doing wrong?

[preetamkajalrout]

I believe, this is happening because proxy server created by middleware is http & target destination ( google ) is https. This is working fine in case of destination type: "service" (SAPUI5 resources).

Will have a look over the weekend and see if I can test this theory! If you can point some test scenarios, It would be really helpful.

[mlucascardoso]

I believe, this is happening because proxy server created by middleware is http & target destination ( google ) is https.

You're right, I've tested some http endpoints and they worked fine.

Will have a look over the weekend and see if I can test this theory! If you can point some test scenarios, It would be really helpful.

Ok, i think i have a good scenario:

Let's imagine that I need to consume SAP Identity Provider (IDP) API to deal to users CRUD. In production NEO environment I would create a destination to point to the IDP to consume it via SAPUI5. So to test it locally my configuration would be something like this:

destinations.json:

{
    "destinations": {
        "sapui5": {
            "Description": "SAPUI5 Resources",
            "cdn": "https://sapui5.hana.ondemand.com",
            "localDir": false
        },
        "MY_COCKPIT_VARIABLE_TO_IDP": {
            "Type":"HTTP",
            "Authentication":"BasicAuthentication",
            "Name":"MY_COCKPIT_VARIABLE_TO_IDP",
            "URL": "https://<account_id>.accounts.ondemand.com/",
            "User":"<user_name>",
            "Password": "<pass>"
        }
    }
}

neo-app.json:

    ...other configs
    {
        "path": "/scim-users",
        "target": {
            "type": "destination",
            "name": "MY_COCKPIT_VARIABLE_TO_IDP",
            "entryPath": "/service/scim/Users"
        },
        "description": "SCIM USERS API"
    }

list.controller.js:

sap.ui.define([
    'sap/ui/core/mvc/Controller'
], function (MessageToast, Controller) {
    return Controller.extend('controller-path', {
        onInit: function () {
            const model = new sap.ui.model.json.JSONModel('/scim-users');
            model.loadData();
        }
    });
});

With this configuration, I get a few errors and I will list them bellow:

• Your middleware is assuming that it always will have a subpath after "/", but in this case it doesn't have

  • main.js line 71: resourcePath = rResourcePattern.exec(reqUrl)[1]; // Assumes there is some path after provided route url

• The middleware is not reading entry-path in neo-app.json file. The expected behavior is the middleware to read entry-path and inject it into destinations.json url.

  • Example: destinations.json.URL + neo-app.json entry-path -> https://<account_id>.accounts.ondemand.com/service/scim/Users

• ERR_TLS_CERT_ALTNAME_INVALID when trying to request to IDP url after fixing above mentioned bugs.

[preetamkajalrout]

Hi @mlucascardoso ,

Apologies for delayed response. Have made some changes to the code to fix the issues you were facing. Please note, existing destinations file will not work. I have made changes to how the destinations file will be configured in ui5.yaml ! Give README.md a go!