Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

iasToXsuaaTokenExchange relies on a physical xsuaa binding and not using the xsuaa credentials from the destination service binding #4762

Open
ptesny opened this issue Jun 18, 2024 · 2 comments
Open

iasToXsuaaTokenExchange relies on a physical xsuaa binding and not using the xsuaa credentials from the destination service binding #4762

ptesny opened this issue Jun 18, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@ptesny
Copy link

ptesny commented Jun 18, 2024

Describe the bug
A clear and concise description of what the bug is.
iasToXsuaaTokenExchange relies on a physical xsuaa binding and not using the xsuaa credentials from the destination service binding.
This is a big problem when there is no xsuaa used for user authentication. In this case the iasToXsuaaTokenExchange will always fail.
To Reproduce
Steps to reproduce the behavior:

#4731

Expected behavior
A clear and concise description of what you expected to happen.

The SAP cloud SDK should only rely on the xsuaa credentials from the destination service
Screenshots
If applicable, add screenshots to help explain your problem.

Used Versions:

  • node version via node -v
  • npm version via npm -v
  • SAP Cloud SDK version you used as dependency

Code Examples
If applicable, add code snippets as examples to help explain your problem. Please remove sensitive information.

Log file
If applicable, add your log file or related error message. Again, please remove your sensitive information.

Impact / Priority

Affected development phase: e.g. Getting Started, Development, Release, Production

Impact: e.g. No Impact, Inconvenience, Impaired, Blocked

Timeline: e.g. Go-Live is in 12 weeks.

Additional context
Add any other context about the problem here.
@ptesny ptesny added the bug Something isn't working label Jun 18, 2024
@ptesny ptesny mentioned this issue Jun 18, 2024
Open
@marikaner
Copy link
Contributor

Hey @ptesny, this is a good point and I think we have missed that. I already implemented that, but we still need to test the whole IAS support end-2-end better to make sure we don't introduce other issues.

@ptesny
Copy link
Author

ptesny commented Jul 1, 2024
edited
Loading

@marikaner ; thx for confirmation; on a side note this is how the SAP Approuter works...if IAS only then SAP Approuter will exchange the ias token to xsuaa (using xssec lib) relying on the xsuaa credentials from the destination service itself.

the token exchange is triggered automatically via the SAP IAS application parameter called:
xsuaa-cross-consumption: true
That means I do not need to make any changes in the application which is using the cloud sdk

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@marikaner @ptesny