@cap-js/ord 1.4.2 → 1.4.4

package/README.md

@@ -114,34 +114,64 @@ This will output something like `admin:$2y$05$...` - use only the hash part (sta
 
 #### CF mTLS Authentication
 
-Configure Cloud Foundry mutual TLS authentication in `.cdsrc.json`:
+Configure Cloud Foundry mutual TLS authentication for SAP BTP Cloud Foundry environments.
+
+**Production Configuration with UCL (Recommended)**
+
+For SAP UCL (Unified Customer Landscape) integration, enable mTLS in `.cdsrc.json` and configure UCL endpoints via environment variable:
 
 ```json
 {
-    "cds": {
-        "ord": {
-            "authentication": {
-                "cfMtls": {
-                    "certs": [
-                        {
-                            "issuer": "CN=SAP PKI Certificate Service Client CA,OU=SAP BTP Clients,O=SAP SE,C=DE",
-                            "subject": "CN=my-service,OU=SAP Cloud Platform Clients,O=SAP SE,C=DE"
-                        }
-                    ],
-                    "rootCaDn": ["CN=SAP Cloud Root CA,O=SAP SE,C=DE"]
-                }
-            }
+    "ord": {
+        "authentication": {
+            "cfMtls": true
         }
     }
 }
 ```
 
-Or use the environment variable:
+```bash
+export CF_MTLS_TRUSTED_CERTS='{
+  "configEndpoints": ["https://your-ucl-endpoint/v1/info"],
+  "rootCaDn": ["CN=SAP Cloud Root CA,O=SAP SE,L=Walldorf,C=DE"]
+}'
+```
+
+**Production Configuration with Custom Certificates**
+
+For custom certificates without UCL:
 
 ```bash
-CF_MTLS_TRUSTED_CERTS='{"certs":[...],"rootCaDn":[...]}'
+export CF_MTLS_TRUSTED_CERTS='{
+  "certs": [{"issuer": "CN=My CA,O=MyOrg", "subject": "CN=my-service,O=MyOrg"}],
+  "rootCaDn": ["CN=My Root CA,O=MyOrg"]
+}'
 ```
 
+**Development Configuration**
+
+For local development, configure the full mTLS settings directly in `.cdsrc.json`:
+
+```json
+{
+    "ord": {
+        "authentication": {
+            "cfMtls": {
+                "certs": [
+                    {
+                        "issuer": "CN=Test CA,O=MyOrg,C=DE",
+                        "subject": "CN=test-client,O=MyOrg,C=DE"
+                    }
+                ],
+                "rootCaDn": ["CN=Test Root CA,O=MyOrg,C=DE"]
+            }
+        }
+    }
+}
+```
+
+> **Note:** For detailed CF mTLS configuration options, see the [documentation](./docs/ord.md#cf-mtls-authentication).
+
 #### Multiple Authentication Strategies
 
 You can configure multiple authentication methods simultaneously to support different client types. Authentication types are detected automatically based on configuration presence:

package/lib/auth/cf-mtls.js

@@ -179,26 +179,51 @@ async function createCfMtlsConfig(cds, Logger) {
         Logger.error("CF mTLS requires CF_INSTANCE_GUID environment variable");
     }
 
-    // Parse configuration from single JSON environment variable or CDS settings
+    // Configuration priority:
+    // 1. cfMtls: true - Production mode, requires CF_MTLS_TRUSTED_CERTS env var
+    // 2. cfMtls: { ... } - Development mode, uses inline config from .cdsrc.json
+    // Note: Environment variable alone is NOT sufficient, explicit .cdsrc.json declaration required
+
     let config;
+    const cdsConfig = cds.env.ord?.authentication?.cfMtls;
+
+    // cfMtls must be explicitly configured in .cdsrc.json
+    if (!cdsConfig) {
+        Logger.error("CF mTLS configuration required. Set ord.authentication.cfMtls in .cdsrc.json");
+        return {
+            error: "CF mTLS configuration required. Set ord.authentication.cfMtls in .cdsrc.json",
+        };
+    }
 
-    if (process.env.CF_MTLS_TRUSTED_CERTS) {
+    // Production: cfMtls: true → requires CF_MTLS_TRUSTED_CERTS environment variable
+    if (cdsConfig === true) {
+        if (!process.env.CF_MTLS_TRUSTED_CERTS) {
+            Logger.error(
+                "CF mTLS enabled with cfMtls: true but CF_MTLS_TRUSTED_CERTS environment variable is not set. " +
+                    "Set CF_MTLS_TRUSTED_CERTS with JSON: {certs: [...], rootCaDn: [...]} or {configEndpoints: [...], rootCaDn: [...]}",
+            );
+            return {
+                error: "CF_MTLS_TRUSTED_CERTS environment variable required when cfMtls is set to true",
+            };
+        }
         try {
             config = JSON.parse(process.env.CF_MTLS_TRUSTED_CERTS);
         } catch {
-            Logger.error("Failed to parse CF_MTLS_TRUSTED_CERTS");
+            Logger.error("Failed to parse CF_MTLS_TRUSTED_CERTS environment variable");
             return {
                 error: "Invalid CF_MTLS_TRUSTED_CERTS format. Expected JSON: {certs: [...], rootCaDn: [...], configEndpoints: [...]}",
             };
         }
-    } else {
-        config = cds.env.ord?.authentication?.cfMtls;
     }
-
-    if (!config) {
-        Logger.error("CF mTLS configuration required. Set CF_MTLS_TRUSTED_CERTS or cds.env.ord.authentication.cfMtls");
+    // Development: cfMtls: { ... } → use inline config from .cdsrc.json
+    else if (typeof cdsConfig === "object") {
+        config = cdsConfig;
+    }
+    // Invalid configuration type
+    else {
+        Logger.error("Invalid cfMtls configuration. Expected true or object with certs/rootCaDn/configEndpoints");
         return {
-            error: "CF mTLS configuration required",
+            error: "Invalid cfMtls configuration. Expected true or object",
         };
     }
 
@@ -268,7 +293,7 @@ async function createCfMtlsConfig(cds, Logger) {
     if (certs.length === 0) {
         Logger.error(
             "CF mTLS requires at least one certificate pair. " +
-                "Provide via certs array or configEndpoints in CF_MTLS_TRUSTED_CERTS or cds.env.ord.cfMtls",
+                "Provide via certs array or configEndpoints in CF_MTLS_TRUSTED_CERTS or ord.authentication.cfMtls",
         );
         return {
             error: "CF mTLS requires at least one certificate pair",
@@ -278,7 +303,7 @@ async function createCfMtlsConfig(cds, Logger) {
     if (rootCaDn.length === 0) {
         Logger.error(
             "CF mTLS requires at least one root CA. " +
-                "Provide via rootCaDn array in CF_MTLS_TRUSTED_CERTS or cds.env.ord.cfMtls",
+                "Provide via rootCaDn array in CF_MTLS_TRUSTED_CERTS or ord.authentication.cfMtls",
         );
         return {
             error: "CF mTLS requires at least one root CA",

package/lib/build.js

@@ -6,6 +6,8 @@ const cliProgress = require("cli-progress");
 const { BUILD_DEFAULT_PATH, ORD_SERVICE_NAME, ORD_DOCUMENT_FILE_NAME } = require("./constants");
 const { isMCPPluginInPackageJson } = require("./mcpAdapter");
 
+const { BuildError } = cds.build;
+
 module.exports = class OrdBuildPlugin extends cds.build.Plugin {
     static taskDefaults = { src: cds.env.folders.srv };
 
@@ -15,54 +17,46 @@ module.exports = class OrdBuildPlugin extends cds.build.Plugin {
         }
     }
 
-    async _writeResourcesFiles(resObj, model, promises) {
-        let totalFiles = resObj.reduce((total, resource) => {
-            if (!resource.ordId.includes(ORD_SERVICE_NAME) && resource.resourceDefinitions) {
-                return total + resource.resourceDefinitions.length;
-            }
-            return total;
-        }, 0);
-
+    _createProgressBar(totalFiles) {
         const progressBar = new cliProgress.SingleBar({
             format: "Processing resourcesFiles [{bar}] {percentage}% | {value}/{total} | ETA: {eta}s",
             barCompleteChar: "█",
             barIncompleteChar: "░",
             stopOnComplete: true,
         });
+        progressBar.start(totalFiles, 0);
+        return progressBar;
+    }
+
+    _countTotalFiles(resObj) {
+        return resObj.reduce((total, resource) => {
+            if (!resource.ordId.includes(ORD_SERVICE_NAME) && resource.resourceDefinitions) {
+                return total + resource.resourceDefinitions.length;
+            }
+            return total;
+        }, 0);
+    }
 
-        let warnings = [];
+    async _writeResourcesFiles(resObj, model, promises) {
+        const totalFiles = this._countTotalFiles(resObj);
+        const progressBar = this._createProgressBar(totalFiles);
         let completed = 0;
-        progressBar.start(totalFiles, 0);
 
         try {
             for (const resource of resObj) {
-                // Generate if has service definitions OR has MCP plugin
                 const shouldGenerate = resource.resourceDefinitions || isMCPPluginInPackageJson();
                 if (!shouldGenerate) continue;
+
                 for (const resourceDefinition of resource.resourceDefinitions) {
-                    try {
-                        const { _, response } = await getMetadata(resourceDefinition.url, model); // eslint-disable-line no-unused-vars
-                        const fileName = path
-                            .join(resource.ordId, resourceDefinition.url.split("/").pop())
-                            .replace(/:/g, "_");
-                        promises.push(
-                            this.write(response)
-                                .to(fileName)
-                                .catch((err) => {
-                                    warnings.push(`Error writing file ${fileName}: ${err.message}`);
-                                }),
-                        );
-                    } catch (error) {
-                        warnings.push(`Error getting metadata for ${resourceDefinition.url}: ${error.message}`);
-                    }
-                    completed++;
-                    progressBar.update(completed);
+                    const { _, response } = await getMetadata(resourceDefinition.url, model); // eslint-disable-line no-unused-vars
+                    const fileName = path
+                        .join(resource.ordId, resourceDefinition.url.split("/").pop())
+                        .replace(/:/g, "_");
+                    promises.push(this.write(response).to(fileName));
+                    progressBar.update(++completed);
                 }
             }
             await Promise.all(promises);
-        } catch (error) {
-            warnings.push("Failed to process resources: " + error.message);
-            throw error;
         } finally {
             progressBar.stop();
         }
@@ -74,9 +68,7 @@ module.exports = class OrdBuildPlugin extends cds.build.Plugin {
             for (const resource of resources || []) {
                 if (resource.resourceDefinitions) {
                     for (const resourceDefinition of resource.resourceDefinitions) {
-                        let url = resourceDefinition.url;
-                        url = this._createRelativePath(url);
-                        resourceDefinition.url = url;
+                        resourceDefinition.url = this._createRelativePath(resourceDefinition.url);
                     }
                 }
             }
@@ -91,25 +83,29 @@ module.exports = class OrdBuildPlugin extends cds.build.Plugin {
     _createRelativePath(url) {
         let relative = url.split("/ord/v1").pop();
         if (relative.startsWith("/")) relative = relative.slice(1);
-        relative = relative.replace(/:/g, "_");
-        return path.join(...relative.split("/"));
+        return path.join(...relative.replace(/:/g, "_").split("/"));
     }
 
     async build() {
-        const model = await this.model();
-        const ordDocument = ord(model);
-        const postProcessedOrdDocument = this.postProcess(ordDocument);
+        try {
+            const model = await this.model();
+            const ordDocument = ord(model);
+            const postProcessedOrdDocument = this.postProcess(ordDocument);
 
-        const promises = [];
-        promises.push(this.write(postProcessedOrdDocument).to(ORD_DOCUMENT_FILE_NAME));
+            const promises = [];
+            promises.push(this.write(postProcessedOrdDocument).to(ORD_DOCUMENT_FILE_NAME));
 
-        if (ordDocument.apiResources && ordDocument.apiResources.length > 0) {
-            await this._writeResourcesFiles(ordDocument.apiResources, model, promises);
-        }
+            if (ordDocument.apiResources?.length > 0) {
+                await this._writeResourcesFiles(ordDocument.apiResources, model, promises);
+            }
 
-        if (ordDocument.eventResources && ordDocument.eventResources.length > 0) {
-            await this._writeResourcesFiles(ordDocument.eventResources, model, promises);
+            if (ordDocument.eventResources?.length > 0) {
+                await this._writeResourcesFiles(ordDocument.eventResources, model, promises);
+            }
+
+            return Promise.all(promises);
+        } catch (error) {
+            throw new BuildError(`ORD build failed: ${error.message}`);
         }
-        return Promise.all(promises);
     }
 };

package/lib/constants.js

@@ -77,6 +77,8 @@ const LEVEL = Object.freeze({
 
 const OPEN_RESOURCE_DISCOVERY_VERSION = "1.12";
 
+const OPENAPI_SERVERS_ANNOTATION = "@OpenAPI.servers";
+
 const ORD_EXTENSIONS_PREFIX = "@ORD.Extensions.";
 
 const ORD_ODM_ENTITY_NAME_ANNOTATION = "@ODM.entityName";
@@ -115,6 +117,39 @@ const SEM_VERSION_REGEX =
 
 const MCP_CUSTOM_TYPE = "sap:mcp-server-card:v0";
 
+// ORD apiProtocol values
+const ORD_API_PROTOCOL = Object.freeze({
+    ODATA_V4: "odata-v4",
+    ODATA_V2: "odata-v2",
+    REST: "rest",
+    GRAPHQL: "graphql",
+    SAP_INA: "sap-ina-api-v1",
+    SAP_DATA_SUBSCRIPTION: "sap.dp:data-subscription-api:v1",
+});
+
+// Mapping from CAP protocol kind to ORD apiProtocol
+// CAP may return 'odata', 'odata-v4', 'rest', etc.
+const CAP_TO_ORD_PROTOCOL_MAP = Object.freeze({
+    "odata": ORD_API_PROTOCOL.ODATA_V4,
+    "odata-v4": ORD_API_PROTOCOL.ODATA_V4,
+    "odata-v2": ORD_API_PROTOCOL.ODATA_V2,
+    "rest": ORD_API_PROTOCOL.REST,
+});
+
+// Protocols that ORD supports but CAP doesn't recognize (endpoints4 returns [])
+// These need special handling in the ORD plugin
+const ORD_ONLY_PROTOCOLS = Object.freeze({
+    "ina": {
+        apiProtocol: ORD_API_PROTOCOL.SAP_INA,
+        hasEntryPoints: false,
+        hasResourceDefinitions: false,
+    },
+});
+
+// Protocols that the ORD plugin cannot currently generate definitions for
+// GraphQL is supported by ORD spec, but plugin can't emit graphql-sdl yet
+const PLUGIN_UNSUPPORTED_PROTOCOLS = Object.freeze(["graphql"]);
+
 // CF mTLS Error Reasons
 const CF_MTLS_ERROR_REASON = Object.freeze({
     NO_HEADERS: "NO_HEADERS",
@@ -144,6 +179,7 @@ module.exports = {
     BASIC_AUTH_HEADER_KEY,
     BUILD_DEFAULT_PATH,
     BLOCKED_SERVICE_NAME,
+    CAP_TO_ORD_PROTOCOL_MAP,
     CDS_ELEMENT_KIND,
     CF_MTLS_HEADERS,
     COMPILER_TYPES,
@@ -156,13 +192,17 @@ module.exports = {
     LEVEL,
     MCP_CUSTOM_TYPE,
     OPEN_RESOURCE_DISCOVERY_VERSION,
+    OPENAPI_SERVERS_ANNOTATION,
     ORD_ACCESS_STRATEGY,
+    ORD_API_PROTOCOL,
     ORD_DOCUMENT_FILE_NAME,
     ORD_EXTENSIONS_PREFIX,
     ORD_ODM_ENTITY_NAME_ANNOTATION,
     ORD_EXISTING_PRODUCT_PROPERTY,
+    ORD_ONLY_PROTOCOLS,
     ORD_RESOURCE_TYPE,
     ORD_SERVICE_NAME,
+    PLUGIN_UNSUPPORTED_PROTOCOLS,
     RESOURCE_VISIBILITY,
     ALLOWED_VISIBILITY,
     IMPLEMENTATIONSTANDARD_VERSIONS,

package/lib/metaData.js

@@ -1,12 +1,24 @@
 const cds = require("@sap/cds/lib");
 const { compile: openapi } = require("@cap-js/openapi");
 const { compile: asyncapi } = require("@cap-js/asyncapi");
-const { COMPILER_TYPES } = require("./constants");
+const { COMPILER_TYPES, OPENAPI_SERVERS_ANNOTATION } = require("./constants");
 const Logger = require("./logger");
 const { interopCSN } = require("./interopCsn.js");
 const cdsc = require("@sap/cds-compiler/lib/main");
 const { isMCPPluginReady, buildMcpServerDefinition } = require("./mcpAdapter");
 
+/**
+ * Read @OpenAPI.servers annotation from service definition
+ * @param {object} csn - The CSN model
+ * @param {string} serviceName - The service name
+ * @returns {string|undefined} - JSON string of servers array or undefined
+ */
+const _getServersFromAnnotation = (csn, serviceName) => {
+    const servers = csn?.definitions?.[serviceName]?.[OPENAPI_SERVERS_ANNOTATION];
+    const isValidServers = Array.isArray(servers) && servers.length > 0;
+    return isValidServers ? JSON.stringify(servers) : undefined;
+};
+
 const getMetadata = async (url, model = null) => {
     const parts = url
         ?.split("/")
@@ -23,7 +35,16 @@ const getMetadata = async (url, model = null) => {
     switch (compilerType) {
         case COMPILER_TYPES.oas3:
             try {
-                responseFile = openapi(csn, { ...options, ...(compileOptions?.openapi || {}) });
+                // Check for service-level @OpenAPI.servers annotation
+                const serversFromAnnotation = _getServersFromAnnotation(csn, serviceName);
+                const openapiOptions = { ...options, ...(compileOptions?.openapi || {}) };
+
+                // Service-level annotation takes precedence over global config
+                if (serversFromAnnotation) {
+                    openapiOptions["openapi:servers"] = serversFromAnnotation;
+                }
+
+                responseFile = openapi(csn, openapiOptions);
             } catch (error) {
                 Logger.error("OpenApi error:", error.message);
                 throw error;

package/lib/protocol-resolver.js

@@ -0,0 +1,134 @@
+const cds = require("@sap/cds");
+const {
+    CAP_TO_ORD_PROTOCOL_MAP,
+    ORD_ONLY_PROTOCOLS,
+    ORD_API_PROTOCOL,
+    PLUGIN_UNSUPPORTED_PROTOCOLS,
+} = require("./constants");
+const Logger = require("./logger");
+
+/**
+ * Gets CAP endpoints for a service using CDS endpoints4().
+ *
+ * @param {string} serviceName The service name.
+ * @param {Object} srvDefinition The service definition object.
+ * @returns {Array} Raw endpoints from CDS.
+ */
+function _getCapEndpoints(serviceName, srvDefinition) {
+    const srvObj = { name: serviceName, definition: srvDefinition };
+    return cds.service.protocols.endpoints4(srvObj);
+}
+
+/**
+ * Reads the explicit @protocol annotation from service definition.
+ *
+ * @param {Object} srvDefinition The service definition object.
+ * @returns {string|null} Protocol name, or null if not explicitly set.
+ */
+function _getExplicitProtocol(srvDefinition) {
+    const protocol = srvDefinition["@protocol"];
+    if (!protocol) {
+        return null;
+    }
+    return Array.isArray(protocol) ? protocol[0] : protocol;
+}
+
+/**
+ * Resolves protocol for ORD API Resource generation.
+ *
+ * Design Principles:
+ * - explicit protocol is the "master switch" for all decisions
+ * - Rule A: Explicit protocol + empty endpoints → don't fallback to OData
+ * - Rule B: Only fallback to OData when no explicit protocol
+ * - Rule C: Never produce [null] in entryPoints
+ *
+ * @param {string} serviceName The service name.
+ * @param {Object} srvDefinition The service definition object.
+ * @param {Object} options Configuration options.
+ * @param {Function} options.isPrimaryDataProduct Strategy function to check if service is primary data product.
+ * @returns {Array} Array with single {apiProtocol, entryPoints, hasResourceDefinitions} object, or empty array.
+ */
+function resolveApiResourceProtocol(serviceName, srvDefinition, options = {}) {
+    const { isPrimaryDataProduct = () => false } = options;
+
+    // 1. Primary Data Product - early return
+    if (isPrimaryDataProduct(srvDefinition)) {
+        return [
+            {
+                apiProtocol: ORD_API_PROTOCOL.SAP_DATA_SUBSCRIPTION,
+                entryPoints: [],
+                hasResourceDefinitions: true,
+            },
+        ];
+    }
+
+    const explicit = _getExplicitProtocol(srvDefinition);
+
+    // 2. Handle explicit protocol
+    if (explicit) {
+        // 2a. Check if it's an ORD-only protocol (e.g., INA)
+        if (ORD_ONLY_PROTOCOLS[explicit]) {
+            const config = ORD_ONLY_PROTOCOLS[explicit];
+            const path = config.hasEntryPoints ? cds.service.protocols.path4(srvDefinition) : null;
+            return [
+                {
+                    apiProtocol: config.apiProtocol,
+                    entryPoints: path ? [path] : [],
+                    hasResourceDefinitions: config.hasResourceDefinitions,
+                },
+            ];
+        }
+
+        // 2b. Check if it's a plugin-unsupported protocol
+        if (PLUGIN_UNSUPPORTED_PROTOCOLS.includes(explicit)) {
+            Logger.warn(
+                `Protocol '${explicit}' is supported by ORD but this plugin cannot generate its resource definitions yet.`,
+            );
+            return [];
+        }
+    }
+
+    // 3. Try to resolve from CAP endpoints
+    const capEndpoints = _getCapEndpoints(serviceName, srvDefinition);
+    for (const endpoint of capEndpoints) {
+        if (PLUGIN_UNSUPPORTED_PROTOCOLS.includes(endpoint.kind)) {
+            Logger.warn(
+                `Protocol '${endpoint.kind}' is supported by ORD but this plugin cannot generate its resource definitions yet.`,
+            );
+            continue;
+        }
+
+        const apiProtocol = CAP_TO_ORD_PROTOCOL_MAP[endpoint.kind] ?? endpoint.kind;
+        if (apiProtocol) {
+            return [
+                {
+                    apiProtocol,
+                    entryPoints: endpoint.path ? [endpoint.path] : [],
+                    hasResourceDefinitions: true,
+                },
+            ];
+        }
+    }
+
+    // 4. Handle explicit protocol with no CAP endpoint (Rule A)
+    if (explicit) {
+        Logger.warn(`Unknown protocol '${explicit}' is not supported, skipping service '${serviceName}'.`);
+        return [];
+    }
+
+    // 5. No explicit protocol and no CAP endpoint - fallback to OData (Rule B)
+    const path = cds.service.protocols.path4(srvDefinition);
+    return [
+        {
+            apiProtocol: ORD_API_PROTOCOL.ODATA_V4,
+            entryPoints: path ? [path] : [],
+            hasResourceDefinitions: true,
+        },
+    ];
+}
+
+module.exports = {
+    resolveApiResourceProtocol,
+    // Exported for testing
+    _getExplicitProtocol,
+};

package/lib/templates.js

@@ -1,4 +1,3 @@
-const cds = require("@sap/cds");
 const { hasSAPPolicyLevel } = require("./utils");
 const { isMCPPluginReady } = require("./mcpAdapter");
 const defaults = require("./defaults");
@@ -21,9 +20,11 @@ const {
     SHORT_DESCRIPTION_PREFIX,
     CONTENT_MERGE_KEY,
     CDS_ELEMENT_KIND,
+    ORD_API_PROTOCOL,
 } = require("./constants");
 const Logger = require("./logger");
 const { ensureAccessStrategies } = require("./access-strategies");
+const { resolveApiResourceProtocol } = require("./protocol-resolver");
 
 function unflatten(flattedObject) {
     let result = {};
@@ -44,42 +45,6 @@ function readORDExtensions(model) {
     return unflatten(ordExtensions);
 }
 
-/**
- * Reads the service definition and returns an array of entryPoint paths.
- *
- * @param {string} srv The service definition name.
- * @param {Object} srvDefinition The service definition object.
- * @returns {Array} An array containing paths and it's kind.
- */
-const _generatePaths = (srv, srvDefinition) => {
-    const srvObj = { name: srv, definition: srvDefinition };
-    const protocols = cds.service.protocols;
-
-    const paths = protocols.endpoints4(srvObj);
-
-    //TODO: check graphql replication in paths object and re-visit logic
-    //removing instances of graphql protocol from paths
-    for (var index = paths.length - 1; index >= 0; index--) {
-        if (paths[index].kind === "graphql") {
-            Logger.warn("Graphql protocol is not supported.");
-            paths.splice(index, 1);
-        }
-    }
-
-    //putting OData as default in case of non-supported protocol
-    if (paths.length === 0) {
-        if (isPrimaryDataProductService(srvDefinition)) {
-            // Data product services use REST protocol, not OData
-            paths.push({ kind: "rest", path: protocols.path4(srvDefinition) });
-        } else {
-            srvDefinition["@odata"] = true;
-            paths.push({ kind: "odata", path: protocols.path4(srvDefinition) });
-        }
-    }
-
-    return paths;
-};
-
 /**
  * This is a template function to create item of entityTypeMappings array.
  *
@@ -321,9 +286,17 @@ const createAPIResourceTemplate = (serviceName, serviceDefinition, appConfig, pa
     const visibility = _handleVisibility(ordExtensions, serviceDefinition, appConfig.env?.defaultVisibility);
     const packageId = _getPackageID(appConfig.ordNamespace, packageIds, ORD_RESOURCE_TYPE.api, visibility);
 
-    const paths = _generatePaths(serviceName, serviceDefinition);
+    const protocolResults = resolveApiResourceProtocol(serviceName, serviceDefinition, {
+        isPrimaryDataProduct: isPrimaryDataProductService,
+    });
     const apiResources = [];
 
+    // If no protocols were generated, skip this service
+    if (protocolResults.length === 0) {
+        Logger.info(`No supported protocols for service '${serviceName}', skipping API resource generation.`);
+        return apiResources;
+    }
+
     // Handle version suffix extraction for primary data product services
     let cleanServiceName,
         version,
@@ -352,16 +325,36 @@ const createAPIResourceTemplate = (serviceName, serviceDefinition, appConfig, pa
 
     const ordId = `${appConfig.ordNamespace}:apiResource:${cleanServiceName}:${version}`;
 
-    paths.forEach((generatedPath) => {
-        let resourceDefinitions = [
-            _getResourceDefinition("openapi-v3", "json", ordId, serviceName, "oas3.json", accessStrategies),
-        ];
-
-        if (generatedPath.kind !== "rest") {
-            //edmx resource definition is not generated in case of 'rest' protocol
-            resourceDefinitions.push(
-                _getResourceDefinition("edmx", "xml", ordId, serviceName, "edmx", accessStrategies),
-            );
+    protocolResults.forEach((protocolResult) => {
+        const { apiProtocol, entryPoints, hasResourceDefinitions } = protocolResult;
+
+        // Build resource definitions based on protocol
+        let resourceDefinitions = [];
+        if (hasResourceDefinitions) {
+            if (apiProtocol === ORD_API_PROTOCOL.SAP_DATA_SUBSCRIPTION) {
+                // Data product services use CSN
+                resourceDefinitions = [
+                    _getResourceDefinition(
+                        "sap-csn-interop-effective-v1",
+                        "json",
+                        ordId,
+                        serviceName,
+                        "csn.json",
+                        accessStrategies,
+                    ),
+                ];
+            } else if (apiProtocol === ORD_API_PROTOCOL.REST) {
+                // REST only has OpenAPI, no EDMX
+                resourceDefinitions = [
+                    _getResourceDefinition("openapi-v3", "json", ordId, serviceName, "oas3.json", accessStrategies),
+                ];
+            } else {
+                // OData and others have both OpenAPI and EDMX
+                resourceDefinitions = [
+                    _getResourceDefinition("openapi-v3", "json", ordId, serviceName, "oas3.json", accessStrategies),
+                    _getResourceDefinition("edmx", "xml", ordId, serviceName, "edmx", accessStrategies),
+                ];
+            }
         }
 
         const entityTypeMappings = _getEntityTypeMappings(serviceDefinition);
@@ -378,9 +371,9 @@ const createAPIResourceTemplate = (serviceName, serviceDefinition, appConfig, pa
             partOfPackage: packageId,
             partOfGroups: [_getGroupID(serviceDefinition, defaults.groupTypeId, appConfig)],
             releaseStatus: "active",
-            apiProtocol: generatedPath.kind === "odata" ? "odata-v4" : generatedPath.kind,
-            resourceDefinitions: resourceDefinitions,
-            entryPoints: [generatedPath.path],
+            apiProtocol,
+            resourceDefinitions,
+            entryPoints,
             extensible: {
                 supported: "no",
             },
@@ -389,24 +382,13 @@ const createAPIResourceTemplate = (serviceName, serviceDefinition, appConfig, pa
             ...ordExtensions,
         };
 
+        // Special handling for data product services
         if (isPrimaryDataProductService(serviceDefinition)) {
-            obj.apiProtocol = "sap.dp:data-subscription-api:v1";
             obj.direction = "outbound";
-            obj.entryPoints = [];
             if (extracted) {
                 // Overwrite partOfGroups
                 obj.partOfGroups = [`${defaults.groupTypeId}:${appConfig.ordNamespace}:${cleanServiceName}`];
             }
-            obj.resourceDefinitions = [
-                _getResourceDefinition(
-                    "sap-csn-interop-effective-v1",
-                    "json",
-                    ordId,
-                    serviceName,
-                    "csn.json",
-                    accessStrategies,
-                ),
-            ];
         }
 
         if (obj.visibility !== RESOURCE_VISIBILITY.private) {

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@cap-js/ord",
-    "version": "1.4.2",
+    "version": "1.4.4",
     "description": "CAP Plugin for generating ORD document.",
     "repository": "cap-js/ord",
     "author": "SAP SE (https://www.sap.com)",
@@ -23,6 +23,7 @@
         "test": "jest __tests__/unit --ci --collectCoverage",
         "test:integration:basic": "jest __tests__/integration/basic-auth.test.js --testPathIgnorePatterns=/node_modules/ --forceExit",
         "test:integration:mtls": "jest __tests__/integration/mtls-auth.test.js --testPathIgnorePatterns=/node_modules/ --forceExit",
+        "test:integration:build": "jest __tests__/integration/cds-build.test.js --testPathIgnorePatterns=/node_modules/ --forceExit",
         "update-snapshot": "jest --ci --updateSnapshot",
         "cds:version": "cds v -i"
     },
@@ -30,7 +31,7 @@
         "eslint": "^9.2.0",
         "express": "^4",
         "jest": "^30.0.0",
-        "prettier": "3.7.4",
+        "prettier": "3.8.1",
         "supertest": "^7.0.0",
         "@cap-js/sqlite": "^2",
         "@sap/cds-dk": ">=8.9.5"
@@ -48,6 +49,9 @@
     "engines": {
         "node": ">=18 <23"
     },
+    "overrides": {
+        "@sap/cds-compiler": "6.6.2"
+    },
     "cds": {
         "requires": {
             "SAP ORD Service": {