0

I have 2 microservices based on SAP SDK 3.0 archetype binded by the same xsuaa service.From the first microservice A, I wanted to call the second microservice B by using rest template. It fails to call, as it is not able to authenticate. Can you find my approach is right? Sharing the code below along with the error screenshot

Code Screenshot

Error: <200,document.cookie="fragmentAfterLogin="+encodeURIComponent(location.hash)+";path=/";document.cookie="locationAfterLogin="+encodeURIComponent(location.href.split('#')[0].split(location.host)1)+";path=/";document.cookie="signature=pim93tQhbcWCYYAiFxYkwrHBY%2Fs%3D;path=/";location="https://xxxxx.hana.ondemand.com/oauth/authorize?response_type=code&client_id=sb-Ledify!t7251&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Flogin%2Fcallback",{x-request-id=[k8h8rf33], x-frame-options=[SAMEORIGIN], Cache-Control=[no-cache, no-store, must-revalidate], Content-Type=[text/html], Content-Security-Policy=[script-src 'self' 'unsafe-inline'], Date=[Wed, 01 Apr 2020 11:23:01 GMT], Connection=[keep-alive], Content-Length=[620]}>

Note : localhost:5000 is my local approuter port and it is configured to call the second microservice which I have tested it in browser

Updated:

I have updated with getToken() but I am getting the below error in my local approuter.

Error Response:

Approuter Log

xsapp.json Route

{ "source": "/notif-mock/(.*)", "authenticationType": "xsuaa", "destination": "notif-mock", "csrfProtection": true }

FYI, I have used the local approuter setup as per this post Link here

Arun Kumar
  • 133
  • 8
  • Hi, Arun, if what you posted is a `response` then it says `200`? Can you please elaborate a bit more: - Is it some local testing environment? - What exactly fails and at what step? - Can you show a stack trace of your request after failure? - To also log payloads you can use: `-Dorg.slf4j.simpleLogger.log.org.apache.http.wire=debug` Why do you think it's an auth issue in the first place? Have you tested it without auth? – Artyom Kovalyov Apr 02 '20 at 10:03
  • Also, please, let us know the exact SDK version you're currently using. There were some changes lately related to JWT handling. I recommend updating to version 3.16.1 and checking our release notes: https://help.sap.com/doc/6c02295dfa8f47cf9c08a19f2e172901/1.0/en-US/index.html – Artyom Kovalyov Apr 02 '20 at 10:42
  • though the response is 200, the expected response is not correct..I am just calling an simple hello world API which would give me a simple JSON response. Its an auth issue because when i change the approuter authentication type from xsuaa to none,it works. – Arun Kumar Apr 02 '20 at 12:47
  • Currently, am using SAP SDK 3.9.0 – Arun Kumar Apr 02 '20 at 12:51

2 Answers2

1

In the following line, you are concatenating a String with DecodedJWT:

String encodedAuth = "Bearer " + getJWTTokenDetails();

But DecodedJWT does not implement a toString() method. You must use getToken() instead.

Hint: For easier support handling please copy/paste your code, because text in screenshot cannot efficiently be referenced.

Alexander Dümont
  • 903
  • 1
  • 5
  • 9
  • Hi Alex, Thanks for the reply. As per the comment, I have used the getToken() method. but the error still persists. I have updated the question with approuter screenshot. Can you please check – Arun Kumar Apr 08 '20 at 04:48
0

Arun,

Thanks for providing all the additional details. I recommend updating to SDK Version 3.16.1 and testing if it solves your issue.

I do it because version 3.9.0 which you're using at the moment has an incomplete implementation of security scenarios invoked by XSUAA.

We fixed many issues related to the handling of XSUAA and JWT validation in release 3.15.1. Please, check release notes for details..

If even after update your issue persists, we'll have to see how we can reproduce it or get more logs data from you as a response only doesn't provide enough clue on where it fails.

Hope it helps!

Artyom Kovalyov
  • 374
  • 3
  • 11