From 28c9cb7cb54eec991c1aa68a55c2573764b04d37 Mon Sep 17 00:00:00 2001 From: Marika Marszalkowski <868536+marikaner@users.noreply.github.com> Date: Wed, 13 Dec 2023 16:48:40 +0100 Subject: [PATCH] =?UTF-8?q?fix:=20allow=20noauthentication=20destinations?= =?UTF-8?q?=20with=20proxytype=20=E2=80=9COnPremise=E2=80=9D=20(#4354)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: allow noauthentication destinations with proxytype “OnPremise” * Apply suggestions from code review Co-authored-by: Deeksha Sinha <88374536+deekshas8@users.noreply.github.com> --------- Co-authored-by: Deeksha Sinha <88374536+deekshas8@users.noreply.github.com> --- .changeset/great-ads-live.md | 5 ++++ .changeset/witty-suns-vanish.md | 5 ++++ .../src/scp-cf/authorization-header.spec.ts | 27 +------------------ .../src/scp-cf/authorization-header.ts | 3 --- 4 files changed, 11 insertions(+), 29 deletions(-) create mode 100644 .changeset/great-ads-live.md create mode 100644 .changeset/witty-suns-vanish.md diff --git a/.changeset/great-ads-live.md b/.changeset/great-ads-live.md new file mode 100644 index 0000000000..7e012aa106 --- /dev/null +++ b/.changeset/great-ads-live.md @@ -0,0 +1,5 @@ +--- +'@sap-cloud-sdk/connectivity': minor +--- + +[Fixed Issue] Allow the use of authentication type `NoAuthentication` with proxy type `OnPremise` without requiring the `SAP-Connectivity-Authentication` header. diff --git a/.changeset/witty-suns-vanish.md b/.changeset/witty-suns-vanish.md new file mode 100644 index 0000000000..78567f7bdb --- /dev/null +++ b/.changeset/witty-suns-vanish.md @@ -0,0 +1,5 @@ +--- +'@sap-cloud-sdk/connectivity': minor +--- + +[Compatibility Note] Using Principal Propagation through authentication type `NoAuthentication` is no longer supported. This resulted in erroneous behavior for destinations with authentication type `NoAuthentication`. If you need to use Principal Propagation use authentication type `PrincipalPropagation`. diff --git a/packages/connectivity/src/scp-cf/authorization-header.spec.ts b/packages/connectivity/src/scp-cf/authorization-header.spec.ts index a76985d657..a10c5f970b 100644 --- a/packages/connectivity/src/scp-cf/authorization-header.spec.ts +++ b/packages/connectivity/src/scp-cf/authorization-header.spec.ts @@ -54,7 +54,7 @@ describe('buildAuthorizationHeaders', () => { ).resolves.not.toThrow(); }); - it('defaults to NoAuthentication and does not create authentication headers when only url is defined', async () => { + it('defaults to NoAuthentication and does not create authentication headers when only URL is defined', async () => { const spy = jest.spyOn(destinationImport, 'sanitizeDestination'); const headerPromise = buildAuthorizationHeaders({ url: 'https://example.com' @@ -65,31 +65,6 @@ describe('buildAuthorizationHeaders', () => { ); expect((await headerPromise).authorization).toBeUndefined(); }); - - it("does not add authentication headers for proxy type 'Internet'", async () => { - const headers = await buildAuthorizationHeaders({ - url: defaultDestination.url, - proxyType: 'Internet' - }); - expect(headers.authorization).toBeUndefined(); - }); - - it("adds on premise related headers for authentication type 'NoAuthentication' combined with proxy type 'OnPremise'", async () => { - const destination = { - url: '', - authentication: 'NoAuthentication', - proxyType: 'OnPremise', - proxyConfiguration: { - headers: { - 'SAP-Connectivity-Authentication': 'someValueDestination', - 'Proxy-Authorization': 'someProxyValue' - } - } - } as Destination; - - const headers = await buildAuthorizationHeaders(destination); - checkHeaders(headers); - }); }); describe('client credentials', () => { diff --git a/packages/connectivity/src/scp-cf/authorization-header.ts b/packages/connectivity/src/scp-cf/authorization-header.ts index 8ff7f43fa8..1807091f6d 100644 --- a/packages/connectivity/src/scp-cf/authorization-header.ts +++ b/packages/connectivity/src/scp-cf/authorization-header.ts @@ -179,9 +179,6 @@ async function getAuthenticationRelatedHeaders( ); return; case 'NoAuthentication': - if (destination.proxyType === 'OnPremise') { - return headerForPrincipalPropagation(destination); - } return; case 'ClientCertificateAuthentication': return;