如何保护 CF 中的应用程序编程模型

How to secure Application programming model in CF

在我完成深入研究之后 12 Deep Dive 12, I've tried to secure the app with instructions from Step 7 in the series Step 7 with SAP S/4HANA Cloud SDK: Secure your Application on SAP Cloud Platform, CloudFoundry.

我有兴趣获取用户,所以我修改了查询服务

    @Query(serviceName = "CrudService", entity = "BusinessPartner")
    public QueryResponse queryCustomers(QueryRequest qryRequest) {
       final User currentUser = UserAccessor.getCurrentUser();
       System.out.println("User: " + currentUser);

       List<BusinessPartner> businessPartners = new BusinessPartnerReadCommand(new ErpConfigContext(),
            qryRequest.getTopOptionValue(), qryRequest.getSkipOptionValue(), qryRequest.getSelectProperties(),
            qryRequest.getOrderByProperties()).execute();

        QueryResponse queryResponse = QueryResponse.setSuccess().setData(businessPartners).response();
    return queryResponse;
}

但是,在我通过 approuter 登录后,输入我的凭据,它显示错误无法获取当前用户:用户未通过身份验证。

为什么我登录了 approuter 却不允许我获取 UserAccessor.getCurrentUser()?

这是我的githublink:Deep dive git

更新:已添加日志

2018-08-20T05:44:29.139+0000 [APP/PROC/WEB/0] OUT > approuter@1.0.0 start /home/vcap/app
2018-08-20T05:44:29.140+0000 [APP/PROC/WEB/0] OUT > node node_modules/@sap/approuter/approuter.js
2018-08-20T05:44:29.497+0000 [APP/PROC/WEB/0] OUT #2.0#2018 08 20 05:44:29:494#+00:00#WARNING#/LoggingLibrary################PLAIN##Dynamic log level switching not available#
2018-08-20T05:44:29.756+0000 [APP/PROC/WEB/0] OUT #2.0#2018 08 20 05:44:29:756#+00:00#INFO#/approuter################PLAIN##Application router version 5.6.3#
2018-08-20T05:44:29.772+0000 [APP/PROC/WEB/0] OUT #2.0#2018 08 20 05:44:29:772#+00:00#INFO#/Configuration################PLAIN##xs-app.json: Application does not have directory for static resources!#
2018-08-20T05:44:29.792+0000 [APP/PROC/WEB/0] OUT #2.0#2018 08 20 05:44:29:792#+00:00#ERROR#/token-utils################PLAIN##can't get access token to html5 applications repository runtime service :
2018-08-20T05:44:29.792+0000 [APP/PROC/WEB/0] OUT  [Error: html5-repo-credentials: Invalid type: null (expected object)]#
2018-08-20T05:44:29.803+0000 [APP/PROC/WEB/0] OUT #2.0#2018 08 20 05:44:29:803#+00:00#INFO#/approuter################PLAIN##Application router is listening on port: 8080#
2018-08-20T05:44:30.713+0000 [CELL/0] OUT Container became healthy
2018-08-20T05:52:34.552+0000 [RTR/6] OUT <S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com - [2018-08-20T05:52:34.544+0000] "GET / HTTP/1.1" 302 0 0 "https://account.hanatrial.ondemand.com/cockpit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "-" "10.0.73.48:61203" x_forwarded_for:"-" x_forwarded_proto:"https" vcap_request_id:"4b864872-f2e8-408f-7acf-76807660a4c9" response_time:0.007873407 app_id:"c994cd7b-bc35-4459-b72e-49e5eb9ec849" app_index:"0" x_b3_traceid:"be36659af8148316" x_b3_spanid:"be36659af8148316" x_b3_parentspanid:"-"

2018-08-20T05:52:34.806+0000 [RTR/7] OUT <S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com - [2018-08-20T05:52:34.791+0000] "GET /index.html HTTP/1.1" 200 0 667 "https://account.hanatrial.ondemand.com/cockpit" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "-" "10.0.73.48:61203" x_forwarded_for:"-" x_forwarded_proto:"https" vcap_request_id:"ab9fd18e-ee18-4a32-7246-21b2d2328b17" response_time:0.01440516 app_id:"c994cd7b-bc35-4459-b72e-49e5eb9ec849" app_index:"0" x_b3_traceid:"217f9f15ac4efb02" x_b3_spanid:"217f9f15ac4efb02" x_b3_parentspanid:"-"

2018-08-20T05:52:34.810+0000 [APP/PROC/WEB/0] OUT #2.0#2018 08 20 05:52:34:809#+00:00#INFO#/Auth/OAuth2#########iIr1URai6N8Fuw2lXip84QQsHwL2At3p######ab9fd18e-ee18-4a32-7246-21b2d2328b17#PLAIN##sending page with client-side redirect to https://<S-userID>trial.authentication.us10.hana.ondemand.com/oauth/authorize?response_type=code&client_id=sb-srv-trial!t1085&redirect_uri=https%3A%2F%2F<S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com%2Flogin%2Fcallback#
2018-08-20T05:52:36.394+0000 [RTR/0] OUT <S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com - [2018-08-20T05:52:36.129+0000] "GET /login/callback?code=tVzjsTi4Dx HTTP/1.1" 302 0 0 "https://<S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com/index.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "-" "10.0.73.48:61203" x_forwarded_for:"-" x_forwarded_proto:"https" vcap_request_id:"ee3b4a5a-e516-449d-6c2d-19a6b0807290" response_time:0.264528818 app_id:"c994cd7b-bc35-4459-b72e-49e5eb9ec849" app_index:"0" x_b3_traceid:"3bdde9c593640d7a" x_b3_spanid:"3bdde9c593640d7a" x_b3_parentspanid:"-"

2018-08-20T05:52:37.241+0000 [RTR/5] OUT <S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com - [2018-08-20T05:52:36.630+0000] "GET /index.html HTTP/1.1" 200 0 130 "https://<S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com/index.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "-" "10.0.73.48:61203" x_forwarded_for:"-" x_forwarded_proto:"https" vcap_request_id:"abf37d40-60a4-4e2b-401c-6681496dde90" response_time:0.610696859 app_id:"c994cd7b-bc35-4459-b72e-49e5eb9ec849" app_index:"0" x_b3_traceid:"c263e6426f743085" x_b3_spanid:"c263e6426f743085" x_b3_parentspanid:"-"

2018-08-20T05:52:37.628+0000 [RTR/5] OUT <S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com - [2018-08-20T05:52:37.581+0000] "GET /odata/v2/ HTTP/1.1" 200 0 272 "https://<S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com/index.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "-" "10.0.73.48:61203" x_forwarded_for:"-" x_forwarded_proto:"https" vcap_request_id:"4f25431d-6dcb-428c-632c-f6c3b552735e" response_time:0.046654482 app_id:"c994cd7b-bc35-4459-b72e-49e5eb9ec849" app_index:"0" x_b3_traceid:"7910f69eb99867d5" x_b3_spanid:"7910f69eb99867d5" x_b3_parentspanid:"-"

2018-08-20T05:52:39.796+0000 [RTR/4] OUT <S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com - [2018-08-20T05:52:39.461+0000] "GET /odata/v2/CrudService HTTP/1.1" 200 0 382 "https://<S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com/odata/v2/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "-" "10.0.73.48:61203" x_forwarded_for:"-" x_forwarded_proto:"https" vcap_request_id:"1597c70b-ba9f-4f51-50c9-6a1824357a96" response_time:0.33434942 app_id:"c994cd7b-bc35-4459-b72e-49e5eb9ec849" app_index:"0" x_b3_traceid:"6446d121365bf3e3" x_b3_spanid:"6446d121365bf3e3" x_b3_parentspanid:"-"

2018-08-20T05:52:46.325+0000 [RTR/7] OUT <S-userID>trial-trial-dev-approuter.cfapps.us10.hana.ondemand.com - [2018-08-20T05:52:46.196+0000] "GET /odata/v2/CrudService/BusinessPartner?$top=1 HTTP/1.1" 500 0 690 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "-" "10.0.73.48:61203" x_forwarded_for:"-" x_forwarded_proto:"https" vcap_request_id:"6f2914a8-165e-4ca8-7a02-5c00ed07e7c8" response_time:0.129068343 app_id:"c994cd7b-bc35-4459-b72e-49e5eb9ec849" app_index:"0" x_b3_traceid:"723916a7a592ec08" x_b3_spanid:"723916a7a592ec08" x_b3_parentspanid:"-"

更新:添加 Java 应用程序日志

Java Log

更新:添加依赖树文件 Dependency Tree file

我已将其更新为 1.20.1 并将 BOM 2.1.2 添加到依赖项中。现在可以使用了。