发表新帖
发表新帖

Retrieve logged user information from cloud foundry web application

后端 未结
关注
2 643
小鲜肉
小鲜肉 2021-01-14 15:54

We developed a web application using SAP Web-IDE Full Stack; we need to retrieve the details of the user logged into application (as defined in SAP Cloud Platform Identity A

相关标签:
2条回答
  • 忘掉有多难
    2021-01-14 16:30

    I highly suggest using the SAP S/4HANA Cloud SDK for such tasks. It is an SDK developed to make building applications for SAP Cloud Platform easy, by providing easy to use mechanisms for all the Cloud Platform mechanisms.

    Regarding your task at hand, there is a UserAccessor class that you can use like this:

    final Optional<User> user = UserAccessor.getCurrentUser();

    This works on Neo as well as on Cloud Foundry, i.e. there is a single interface for both platforms, which allows you to develop your app in a platform agnostic way.

    If this sounds like it could solve your problem, I recommend checking out this blog post series to get started.

    Alternatively, you can also simply add the following dependency to your project to start testing the SDK:

    <dependency>
    <groupId>com.sap.cloud.s4hana.cloudplatform</groupId>
    <artifactId>scp-neo</artifactId>
    <version>2.7.0</version>
</dependency>

    For Cloud Foundry use scp-cf instead of scp-neo.

    Hope this helps!

    P.S.: To answer your question also on a technical level, Cloud Foundry uses so-called JWTs for authentication and authorization. You can check whether a JWT is present by looking at the Authorization header of the request. The JWT should hold the information you're looking for.

    0 讨论(0)
  • 独厮守ぢ
    2021-01-14 16:36

    In SAP Cloud Foundry if you develop a MTA using XSUAA service to manage User Authentication and Admistration, defined for example in the mta.yaml,

    ...
resources:
  - name: uaa_myapp
  parameters:
    path: ./xs-security.json
    service-plan: application
    service: xsuaa
  type: org.cloudfoundry.managed-service
...

    you can use the UAA API published from XSUAA service self to manage user authentication and authorization (e.g.: retrieve user info, groups assigned, password management etc..). also in the case the application is federated with another IDP.

    To consume this API for example to retrieve user info you need to:

    1. Determine the XSUAA endpoint bound to your app (SCP Cockpit > XSUAA service detail > take the value url)
    2. Create a destination (xsuaa_api_destination) of type OAuth2TokenExchange bound to your app with url url took before, and fill OAuth2 authentication parameters with the data contained in XSUAA service detail (step 1).
    3. From your app execute the call xsuaa_api_destination/userinfo, for example using an ajax if you are using JS.

    You can find other info in Account and Authentication Service of the Cloud Foundry Environment SAP doc.

    0 讨论(0)
 看不清?
提交回复
热议问题