Skip to Content

How to configure userapi service in CloudFoundry

Our requirement is to show logged in user information in SAPUI5 application. During our testing, It all worked fine in the NEO environment with the following route in neo-app.json file:

 {
        "path": "/services/userapi",
        "target": {
            "type": "service",
            "name": "userapi"
        },    
 },  

When the application is run in CF environment, it does not find the Userapi service. We could not figure out what to add in the xs-app file to get the same functionality working?

Hoping someone here can help us move forward.

Thank you,

Rob

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Feb 01 at 06:33 PM

    Hi Rob,

    There is no userapi in Cloud Foundry environment. Some will say you might be able to use the same ajax call that the cockpit does, but that's not a public API. Thus, you can't rely on it as SAP reserves the rights to change its behavior without any notice.

    Since the App Router will communicate with the XSUAA service to determine the user login process a to generate the JWT token (which contains the logged in user) it will not be the correct place to retrieve the user information. The JWT token itself could be used for that purpose. You could perhaps think of using Spring's JwtHelper class which contains a decode() method to read its contents and serve it to your html5 application.

    However, SAP already has a Java API for that purpose under package com.sap.xs2.security.container class SecurityContext.

    UserInfo userInfo = SecurityContext.getUserInfo();
    

    Or even better, you can use the generic SAP Cloud Platform SDK that is capable of interpreting if you are running on CF or Neo:

    ScpCfUser user = (ScpCfUser)UserAccessor.getCurrentUser();

    If you are interested on decoding the JWT, check class AuthTokenAccessor from package com.sap.cloud.sdk.cloudplatform.security:

    AuthTokenAccessor.getCurrentToken().get().getJwt();

    An example showing you how to decode the JWT token and use the UserAccessor class can be found here.

    Once you have the data you need to return on your service, it would be a simple matter of calling it from your html5 module.

    Best regards,

    Ivan

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Rob,

      HTML repository is not related to your question. AppRouter is a NodeJS application that implements the security features and integration with the assigned XSUAA service instance. It acts as an entry point for your front-end application and all of its underlying microservices.

      In order to add an AppRouter to an existing MTA, all you need to do is add an html5 module to it.

      Please observe that the html5 module inside an MTA is actually a node application that contains default routes to the webapp folder - so you can load your html, js and other html5 files that make up your html5 application.

      Take a look at the file package.json that is at the root of the module and you will see that it contains the dependencies to AppRouter and it starts the AppRouter app by issueing a node start command to it:

      {
        "name": "app",
        "version": "0.0.1",
        "description": "",
        "devDependencies": {
          "@sap/grunt-sapui5module-bestpractice-build": "^0.0.14"
        },
        "dependencies": {
          "@sap/approuter": "5.4.1"
        },
        "scripts": {
          "start": "node node_modules/@sap/approuter/approuter.js"
        }
      }

      You could also achieve the same by adding a NodeJS module. But then it would require you to manually add dependencies and start the approuter program by changing the package.js file.

      Best regards,
      Ivan