SAS Token Support

[mvoros]

Hi,

this is a new feature request. I used SDK to integrate with the third party and they provided already generated SAS token instead of SAS key for a blob storage container. I had no control over this and hence I had to extend the method GET_SAS_TOKEN to ignore the current logic and simply return values of SAS key as we maintained SAS token in the field SAS key.

It would be great if this could be supported by SDK. E.g. extending config table with flag if SAS key contains the key or token and then adjusting method GET_SAS_TOKEN.

Thanks

[vikasbansal2022]

Hello @mvoros - Thanks for reaching out We upgraded the SDK master version and now BLOB class ZCL_ADF_SERVICE_BLOB. Support SAS token/SAS Key/AAD and MI as well. Please let us know if you need further input.

Regards,
Vikas

[mvoros]

Hi,

I pulled the latest version to test this change but there is a syntax error. The table ztvarvc does not exist in my system. I can see it's used couple of times but it does not seem to be defined in the repo.

[larshp]

I recommend enabling rule https://rules.abaplint.org/check_syntax/, it will help check the consistency of the files on git,

[vikasbansal2022]

Thanks @larshp for recommendation. We have updated the abaplint file with check_syntax = true.

@mvoros Please try importing again and let us know if you still face any problems.

Regards,
Vikas

[mvoros]

Hi,

I pulled the latest version successfully. I had to adjust my code as API got changed. It seems to be working fine. But I have two comments:

1. the table name ztvarvc is really generic. I would not be surprised if some customers already have table with this name. Fortunately, it was not the case in my case.
2. SAS token implementation is not as simple as it could be. The caller needs to provide a header attribute with SAS token. IMHO it would be better if caller had to only provide a flag that SAS token should be used and SDK would read it from the same field as it's currently used for signing key. So you would either maintain signing key or already generated SAS in the same field.

[larshp]

1. also see Namespaces #8

[vikasbansal2022]

Thanks @larshp @mvoros for highlighting Namespace. Since these are being used in our landscape as well which is already in production. we will think through about it in Point #8

For Point 2@mvoros

SAS Token can be stored same way in table ZADF_CONFIG as you are doing for SAS Key.
we added new method ZCL_ADF_SERVICE_BLOB~DECODE_ADF_SAS_KEY to repo this will return the decoded key
which you can call before sending data to BLOB to decode the sas key, but you have to pass this via header. Please check and let me know if you have any issue.

[mvoros]

Hi @vikasbansal2022

I have it working, that was not the problem. I just find it not so nice to misuse header parameter to inject SAS. IMO it would be better to extend the config table with a switch (key or token) and then caller does not have to do anything specific. Internally API uses key to sign request or just appends SAS token.

[vikasbansal2022]

Thanks @mvoros for feedback,
I agree to that. we aligned SAS Key design with AAD/MI. So, you don't need to pass hardcoded key via calling program. you can retrieve it via method DECODE_ADF_SAS_KEY.