New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSRF token validation failed - SAP Business Application Studio destination with on-premise destination #1037
Comments
Hi Max, We'll be taking a look soon. Thanks for reporting this. Can you communicate the urgency so that we can think of the timeframe? |
Hi Artem, not anything super urgent. We are about to create a Use Case demo for SAP Extension suite in general - so we are not really impacted other than significantly increased development time (redeploy to CF + ssh + remote debugging) ;-) Cheers, |
Understood Max, we'll be interested in the Use Case and hopefully can help sooner. @FrankEssenberger , maybe you can have a closer look? |
Hello @maxstreifeneder, I made a little test in our BAS test application and for me the fetching of the CSRF token worked:
Since fetching the CSRF token is the first thing done towards the S/4 system are you sure your connection to the backend works? Could you perhaps make a Note that you have to set the Best P.S.:Note that the PrincipalPropgation section is potentially wrong so stick to basic. |
Here is also a good reference in case you want to test the connection without coding just with a curl command: Best |
Hi Frank, selecting the data works fine (see the other lines I've provided in the test https://github.tools.sap/D063937/cloud-sdk-destination-issue/blob/master/srv/catalog-service.js#L20-L28) with the provided destination while only the update fails.. |
Sorry I missed that. Hm so let's do the following. I will try to do an update in our test app and you try to fetch a csrfToken via:
let's see if I can reproduce the error or you can fetch a token. |
So I have included the update in our sample app and could change the first name of |
Hi Frank, log output for the stuff you have just poted:
|
So after the call and with a quick thinking over I understand the issue now:
I have to debug this tomorrow using a system with redirect and make the call with axios in the BAS to see the response. |
I have investigated the issue now. First thing the redirect issue is not solved in axios: axios/axios#3369 the issue was closed but I tried with versin 0.21.1 and still get an error when calling the backend. Situation on our dev system:
Situation on Maxs dev system:
So this CSRF token fetching issue might be related to #1051 - at least the 502 part. @marikaner should we fix this by simply adding also the |
@maxstreifeneder cloud you perhaps check with the |
works - as discussed. Needed to remove the @sap-cloud-sdk/core package coming from the vdm package (which doesn't include the canary changes) |
Cool I close the issue. |
Describe the bug
Similar issue as #617 from my point of view.
Debugging a CAP + Cloud SDK app in BAS using a destination with type on-premise fails with "CSRF Token validation failed" (OData read/select works) while the deployed app in CF works fine.
Happy to provide more insights/guidance/explanation if necessary. Thanks already in advance :-)
To Reproduce
Steps to reproduce the behavior:
git clone https://github.tools.sap/D063937/cloud-sdk-destination-issue.git
in BASnpm install
mbt build && f deploy mta_archives/test_1.0.0.mtar
Create a run configuration of type CAP and connect to the destination (should start the built in proxy)
Bind the services from the previously deployed MTA (connectivity, destination, xsuaa) to your local app.
merge the destination + VCAP_services information into one .env file (usually different files) and double check that the .env file in the .vscode/launch.jsonis properly set.
Start the run configuration
Go to /test/requests.http and send the request to fire the getAllBupa function
-> Business Partner from S/4 on prem will be listed in the console
send the request to fire the insertBupa_ function. This won't work.
Do the same with the URL for the deployed app and watch the logs with cf logs test-srv - you will see that the CSRF token handle works perfectly as expected.
Expected behavior
Cloud SDK takes care of the full CSRF token handling, no matter if there's a proxy of BAS between the connectivity the service and the locally running app in BAS or not.
Screenshots
If applicable, add screenshots to help explain your problem.
Used Versions:
Code Examples
https://github.tools.sap/D063937/cloud-sdk-destination-issue/blob/master/srv/catalog-service.js#L10-L18
Log file
Log output in BAS:
Log output in CF:
Additional context
Destination configuration:
The text was updated successfully, but these errors were encountered: