in scp-odata-proxy-api/odataproxyapi/start.js [56:156]
async function proxyToBackend(req, res, debug) {
try {
// Get the JWT token issued by XSUAA (Alexa app will provide this in the header based on account linking)
const uaaToken = req.headers.authorization
// Get access token to access destination service
const destToken = await getToken(dest.url, dest.clientid, dest.clientsecret)
// Get destination data using destination token from destination service. This contains the connection details of cloud connector
const destData = await getDestinationDetails(dest, destToken)
// Now also get an access token to access connecitivity serveice
const connToken = await getToken(conn.url, conn.clientid, conn.clientsecret)
// Filter unwanted headers.. too much junk gets added to http headers these days
const inHeadersSAP = filterAllowedHeaders(cloneObject(req.headers), allowedHeadersInToSAP)
var jsonBody = false
var options = {
// Connect to the destination url - cloud connector in this case
url: destData.URL + req.originalUrl,
method: req.method,
// Proxy the connection to cloud connector through connectivity service
proxy: 'http://' + conn.onpremise_proxy_host + ':' + conn.onpremise_proxy_port,
headers: inHeadersSAP
}
console.log("Request url is : ", options.url)
console.log("Proxy url is : ", options.proxy)
// console.log("HC_ACCOUNT is :", process.env.HC_ACCOUNT)
// This is a special header for passing the UAA access token which contains the user details. This is inturn used by principal propogation in cloud connector
options.headers['SAP-Connectivity-Authentication'] = uaaToken
//options.headers['SAP-Connectivity-ConsumerAccount'] = "xxxxxx"
// This is a special header for passing the connectivity service access token to tunnel the http connection through connectivity service
options.headers['Proxy-Authorization'] = 'Bearer ' + connToken
// Some more stuff for the code to work...
options.headers['accept-encoding'] = 'deflate br'
if (options.headers['content-type'] === 'application/json') {
jsonBody = true
options.json = true
}
if (req.method === 'PATCH' || req.method === 'POST' || req.method === 'PUT') {
if (req.body) {
var reqBody = req.body.toString('utf8')
var contentLengh = 0
if(jsonBody){
reqBody = JSON.parse(reqBody)
contentLengh = JSON.stringify(reqBody).length
options.body = reqBody
}else{
options.body = reqBody
contentLengh = Buffer.byteLength(reqBody,'UTF-8')
}
options.headers['content-length'] = contentLengh
//options.headers['content-length'] = Buffer.byteLength(req.body,'UTF-8')
}
}
var body = {}
body.uaa = uaa
body.dest = dest
body.conn = conn
body.uaaToken = uaaToken
body.destData = destData
body.connToken = connToken
body.userId = req.user.id
body.url = req.url
body.originalUrl = req.originalUrl
body.method = req.method
body.path = req.path
body.query = req.query
body.params = req.params
body.headers = req.headers
body.inHeadersSAP = inHeadersSAP
body.body = req.body
body.env = process.env
body.options = options
if (debug) {
res.send(body)
} else {
//Finally I can call the cloud connector! Phew!
request(options, (err, resp, body) => {
if (err) {
console.log('Error err is : ', err)
res.send('Error in calling backend ')
} else {
res.set(filterAllowedHeaders(cloneObject(resp.headers), allowedHeadersOutOfSAP))
if(typeof body != "object"){
res.send(body + '')
}else{
res.send(body)
}
}
})
}
} catch (e) {
console.log('Error e is ', e)
res.send('Error is calling backend: ' + JSON.stringify(e))
}
}