How to use @sap/xssec - 6 common examples

To help you get started, we’ve selected a few @sap/xssec examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github SAP / com.sap.openSAP.hana5.example / core_node / router / routes / jobactivity.js View on Github external
var client = req.db;
		var query = 'select "jobId".NEXTVAL as nJobId from "DUMMY"';
		var jname = req.body.jobname;
		var jobid;
		var timestamp;
		var accessToken;
		if (req.headers.authorization) {
			accessToken = req.headers.authorization.split(' ')[1];
		} else {
			logger.error('Authorization header not found');
			res.status(401).json({
				message: 'Authorization header not found'
			});
			return;
		}
		xssec.createSecurityContext(accessToken, xsuaaCredentials, function(error, securityContext) {
			if (error) {
				logger.error('Invalid access token');
				res.status(401).json({
					message: 'Invalid access token'
				});
				return;
			}

			if (securityContext.checkScope(SCOPE)) {

				client.exec(query, function(error, rows) {
					if (error) {
						logger.error('Error occured' + error);
					} else {
						jobid = rows[0].NJOBID;
						timestamp = new Date().toISOString();
github SAP / com.sap.openSAP.hana5.example / core_js / utils / initialize.js View on Github external
initExpress: function() {
		var xsenv = require("@sap/xsenv");
		var passport = require("passport");
		var xssec = require("@sap/xssec");
		var xsHDBConn = require("@sap/hdbext");
		var express = require("express");

		//logging
		var logging = require("@sap/logging");
		var appContext = logging.createAppContext();

		//Initialize Express App for XS UAA and HDBEXT Middleware
		var app = express();

		passport.use("JWT", new xssec.JWTStrategy(xsenv.getServices({
			uaa: {
				tag: "xsuaa"
			}
		}).uaa));
		app.use(logging.expressMiddleware(appContext));
		app.use(passport.initialize());
		var hanaOptions = xsenv.getServices({
			hana: {
				tag: "hana"
			}
		});
		hanaOptions.hana.rowsWithMetadata = true;
		app.use(
			passport.authenticate("JWT", {
				session: false
			}),
github SAP / com.sap.openSAP.hana5.example / core_node / server.js View on Github external
var xsenv = require("@sap/xsenv");
var passport = require("passport");
var xssec = require("@sap/xssec");
var xsHDBConn = require("@sap/hdbext");
var express = require("express");

//logging
var logging = require("@sap/logging");
var appContext = logging.createAppContext();
var logger = appContext.getLogger("/Application");
var tracer = appContext.getTracer(__filename);

//Initialize Express App for XS UAA and HDBEXT Middleware
var app = express();

passport.use("JWT", new xssec.JWTStrategy(xsenv.getServices({
	uaa: {
		tag: "xsuaa"
	}
}).uaa));
app.use(logging.expressMiddleware(appContext));
app.use(passport.initialize());
var hanaOptions = xsenv.getServices({
	hana: {
		tag: "hana"
	}
});
//hanaOptions.hana.rowsWithMetadata = true;
app.use(
	passport.authenticate("JWT", {
		session: false
	}),
github SAP / leonardo-iot-sdk-nodejs / lib / auth / Authenticator.js View on Github external
xssec.createSecurityContext(accessToken, this._xsuaaService.credentials, function (err, securityContext) {
                if (err) {
                    debug(`Token exchange error: ${err}`);
                    return reject(err);
                }

                debug('Security context created successfully');
                let grantType = xssec.constants.TYPE_USER_TOKEN;
                if (securityContext.getGrantType() === 'client_credentials') {
                    grantType = xssec.constants.TYPE_CLIENT_CREDENTIALS_TOKEN;
                }

                securityContext.requestToken(this._credentials, grantType, {}, function (err, newToken) {
                    if (err) {
                        debug(`Token exchange error: ${err}`);
                        return reject(err);
                    }

                    debug('Token successfully exchanged');
                    return resolve(newToken);
                });
            }.bind(this));
        }.bind(this));
github SAP / leonardo-iot-sdk-nodejs / lib / auth / Authenticator.js View on Github external
xssec.createSecurityContext(accessToken, this._xsuaaService.credentials, function (err, securityContext) {
                if (err) {
                    debug(`Token exchange error: ${err}`);
                    return reject(err);
                }

                debug('Security context created successfully');
                let grantType = xssec.constants.TYPE_USER_TOKEN;
                if (securityContext.getGrantType() === 'client_credentials') {
                    grantType = xssec.constants.TYPE_CLIENT_CREDENTIALS_TOKEN;
                }

                securityContext.requestToken(this._credentials, grantType, {}, function (err, newToken) {
                    if (err) {
                        debug(`Token exchange error: ${err}`);
                        return reject(err);
                    }

                    debug('Token successfully exchanged');
                    return resolve(newToken);
                });
            }.bind(this));
        }.bind(this));
github SAP / leonardo-iot-sdk-nodejs / lib / auth / Authenticator.js View on Github external
return new Promise(function(resolve, reject) {
            if (!this._xsuaaService || !this._xsuaaService.credentials) {
                return reject(new Error('XSUAA (Source of token) service binding missing'));
            } else if (!this._credentials) {
                return reject(new Error('Leonardo IoT service binding missing'));
            }

            xssec.createSecurityContext(accessToken, this._xsuaaService.credentials, function (err, securityContext) {
                if (err) {
                    debug(`Token exchange error: ${err}`);
                    return reject(err);
                }

                debug('Security context created successfully');
                let grantType = xssec.constants.TYPE_USER_TOKEN;
                if (securityContext.getGrantType() === 'client_credentials') {
                    grantType = xssec.constants.TYPE_CLIENT_CREDENTIALS_TOKEN;
                }

                securityContext.requestToken(this._credentials, grantType, {}, function (err, newToken) {
                    if (err) {
                        debug(`Token exchange error: ${err}`);
                        return reject(err);
                    }

@sap/xssec

XS Advanced Container Security API for node.js

SAP DEVELOPER LICENSE AGREEME…
Latest version published 1 month ago

Package Health Score

65 / 100
Full package analysis