@sap-ux/backend-proxy-middleware-cf 0.0.51 → 0.0.53

package/README.md

@@ -30,10 +30,11 @@ server:
     - name: backend-proxy-middleware-cf
       afterMiddleware: compression
       configuration:
-        url: https://your-backend-service
-        paths:
-          - /odata/v4/visitorservice
-          - /odata
+        backends:
+          - url: https://your-backend-service
+            paths:
+              - /odata/v4/visitorservice
+              - /odata
 ```
 
 ### [Automatic Detection (Recommended)](#automatic-detection-recommended)
@@ -46,10 +47,11 @@ server:
     - name: backend-proxy-middleware-cf
       afterMiddleware: compression
       configuration:
-        url: https://your-backend-service
-        paths:
-          - /odata/v4/visitorservice
-          - /odata
+        backends:
+          - url: https://your-backend-service
+            paths:
+              - /odata/v4/visitorservice
+              - /odata
 ```
 
 The middleware will:
@@ -70,20 +72,61 @@ server:
     - name: backend-proxy-middleware-cf
       afterMiddleware: compression
       configuration:
-        url: https://your-backend-service
-        paths:
-          - /odata/v4/visitorservice
-          - /odata
-        credentials:
-          clientId: "your-service-instance!b123|your-app!b456"
-          clientSecret: "your-client-secret"
-          url: "https://example.authentication"
-        debug: true
+        backends: 
+          - url: https://your-backend-service
+            paths:
+              - /odata/v4/visitorservice
+              - /odata
+            credentials:
+              clientId: "sb-your-service-instance!b123|your-app!b456"
+              clientSecret: "your-client-secret"
+              url: "https://example.authentication"
+            debug: true
 ```
 
 The `credentials.url` should be the base URL of the UAA service (without `/oauth/token`). The middleware will automatically construct the full token endpoint.
 
-### [With Debug Logging](#with-debug-logging)
+### Multiple OData Sources
+
+You can proxy multiple OData paths to the same destination:
+
+```yaml
+server:
+  customMiddleware:
+    - name: backend-proxy-middleware-cf
+      afterMiddleware: compression
+      configuration:
+        backends:
+          - url: https://your-backend-service
+            paths:
+              - /odata/v4/service1
+              - /odata/v4/service2
+              - /odata/v2/legacy
+```
+### Miltiple Backend Services
+
+You can proxy multiple backend services:
+
+```yaml
+server:
+  customMiddleware:
+    - name: backend-proxy-middleware-cf
+      afterMiddleware: compression
+      configuration:
+        backends:
+          - url: https://your-backend-service1
+            paths:
+              - /odata/v4/service1
+              - /odata/v4/service2
+              - /odata/v2/legacy
+          - url: https://your-backend-service2
+            paths:
+              - /odata/v4/service1
+              - /odata/v4/service2
+              - /odata/v2/legacy
+```
+
+### With Debug Logging
 
 Enable debug logging to troubleshoot issues:
 
@@ -93,15 +136,47 @@ server:
     - name: backend-proxy-middleware-cf
       afterMiddleware: compression
       configuration:
-        url: https://your-backend-service
-        paths:
-          - /odata
-        debug: true
+        backends:
+        - url: https://your-backend-service.cfapps.eu12.hana.ondemand.com
+          paths:
+            - /odata
+          debug: true
 ```
 
-## [Keywords](#keywords)
+## How It Works
+
+1. **Proxy Setup**: Creates HTTP proxy middleware for each configured path, proxying to the destination URL.
+2. **Path Rewriting**: Removes the matched path prefix before forwarding requests (e.g., `/odata/v4/service` → `/service`).
+3. **OAuth Detection**: For automatic mode, checks if the project is a CF ADP project by reading `ui5.yaml` and looking for the `app-variant-bundler-build` custom task.
+4. **Credentials**: Extracts `serviceInstanceName` and `serviceInstanceGuid` from the custom task configuration.
+5. **Service Keys**: Retrieves service keys using `@sap-ux/adp-tooling`, which communicates with Cloud Foundry CLI.
+6. **Token Endpoint**: Constructs the token endpoint from the UAA base URL as `{url}/oauth/token`.
+7. **Token Management**: Requests OAuth tokens using client credentials flow.
+8. **Caching**: Caches tokens in memory and refreshes them automatically 60 seconds before expiry.
+9. **Request Proxying**: Adds `Authorization: Bearer <token>` header to proxied requests before forwarding.
+
+## Error Handling
+
+- If `url` is not provided, the middleware will be inactive and log a warning.
+- If no paths are configured, the middleware will be inactive and log a warning.
+- If auto-detection fails and no manual credentials are provided, the middleware will proxy requests without OAuth tokens (may fail if backend requires authentication).
+- If token request fails, an error is logged but the request may still proceed (depending on the backend's authentication requirements).
+- All errors are logged for debugging purposes.
+
+## Security Considerations
+
+- Credentials are never logged in production mode.
+- Tokens are cached in memory only and never persisted to disk.
+- Token refresh happens automatically 60 seconds before expiry to avoid using expired tokens.
+- Service keys are obtained securely through Cloud Foundry CLI.
+- The middleware only proxies requests matching any of the configured path prefixes.
+- If no paths are configured, the middleware will be inactive and log a warning.
+
+## Keywords
 
-- OAuth2 Proxy Middleware
+- OAuth2 Middleware
 - Cloud Foundry ADP
+- Bearer Token
 - Fiori tools
 - SAP UI5
+- Proxy Middleware

package/dist/middleware.js

@@ -6,7 +6,7 @@ const validation_1 = require("./validation");
 const token_1 = require("./token");
 /**
  * UI5 middleware for proxying requests to Cloud Foundry destinations with OAuth2 authentication.
- * Supports one destination URL with multiple OData source paths.
+ * Supports multiple destination URLs with their own OData source paths.
  *
  * @param {MiddlewareParameters<CfOAuthMiddlewareConfig>} params - Input parameters for UI5 middleware.
  * @param {CfOAuthMiddlewareConfig} params.options - Configuration options.
@@ -23,6 +23,12 @@ module.exports = async ({ options }) => {
     });
     await (0, validation_1.validateConfig)(config, logger);
     const tokenProvider = await (0, token_1.createTokenProvider)(config, logger);
-    return (0, proxy_1.setupProxyRoutes)(config.paths, config.url, tokenProvider, logger);
+    // Setup proxy routes for all backends
+    const router = (0, proxy_1.setupProxyRoutes)(config.backends, tokenProvider, logger);
+    // Log initialization
+    config.backends.forEach((backend) => {
+        logger.info(`Backend proxy middleware (CF) initialized: url=${backend.url}, paths=${backend.paths.join(', ')}`);
+    });
+    return router;
 };
 //# sourceMappingURL=middleware.js.map

package/dist/proxy.d.ts

@@ -24,13 +24,15 @@ export declare function createProxyOptions(targetUrl: string, logger: ToolsLogge
  */
 export declare function registerProxyRoute(path: string, destinationUrl: string, tokenProvider: OAuthTokenProvider, logger: ToolsLogger, router: Router): void;
 /**
- * Sets up all proxy routes for the configured paths.
+ * Sets up all proxy routes for the configured backends.
  *
- * @param {string[]} paths - Array of paths to register.
- * @param {string} destinationUrl - Target URL for proxying.
+ * @param {Array<{url: string, paths: string[]}>} backends - Array of backend configurations.
  * @param {OAuthTokenProvider} tokenProvider - Token provider instance.
  * @param {ToolsLogger} logger - Logger instance.
  * @returns {Router} Configured Express router.
  */
-export declare function setupProxyRoutes(paths: string[], destinationUrl: string, tokenProvider: OAuthTokenProvider, logger: ToolsLogger): Router;
+export declare function setupProxyRoutes(backends: Array<{
+    url: string;
+    paths: string[];
+}>, tokenProvider: OAuthTokenProvider, logger: ToolsLogger): Router;
 //# sourceMappingURL=proxy.d.ts.map

package/dist/proxy.js

@@ -53,22 +53,23 @@ function registerProxyRoute(path, destinationUrl, tokenProvider, logger, router)
     logger.info(`Registered proxy for path: ${path} -> ${destinationUrl}`);
 }
 /**
- * Sets up all proxy routes for the configured paths.
+ * Sets up all proxy routes for the configured backends.
  *
- * @param {string[]} paths - Array of paths to register.
- * @param {string} destinationUrl - Target URL for proxying.
+ * @param {Array<{url: string, paths: string[]}>} backends - Array of backend configurations.
  * @param {OAuthTokenProvider} tokenProvider - Token provider instance.
  * @param {ToolsLogger} logger - Logger instance.
  * @returns {Router} Configured Express router.
  */
-function setupProxyRoutes(paths, destinationUrl, tokenProvider, logger) {
+function setupProxyRoutes(backends, tokenProvider, logger) {
     const router = (0, express_1.Router)();
-    for (const path of paths) {
-        try {
-            registerProxyRoute(path, destinationUrl, tokenProvider, logger, router);
-        }
-        catch (e) {
-            throw new Error(`Failed to register proxy for ${path}. Check configuration in yaml file. \n\t${e.message}`);
+    for (const backend of backends) {
+        for (const path of backend.paths) {
+            try {
+                registerProxyRoute(path, backend.url, tokenProvider, logger, router);
+            }
+            catch (e) {
+                throw new Error(`Failed to register proxy for ${path}. Check configuration in yaml file. \n\t${e.message}`);
+            }
         }
     }
     return router;

package/dist/types.d.ts

@@ -1,7 +1,7 @@
 /**
- * Configuration for Cloud Foundry OAuth middleware.
+ * Configuration for a single backend destination.
  */
-export interface CfOAuthMiddlewareConfig {
+export interface BackendDestination {
     /**
      * Destination URL to proxy requests to.
      */
@@ -12,6 +12,16 @@ export interface CfOAuthMiddlewareConfig {
      * Requests matching these paths will have the path prefix removed before forwarding.
      */
     paths: string[];
+}
+/**
+ * Configuration for Cloud Foundry OAuth middleware.
+ */
+export interface CfOAuthMiddlewareConfig {
+    /**
+     * Array of backend destinations.
+     * Each destination has its own URL and paths.
+     */
+    backends: BackendDestination[];
     /**
      * Manual OAuth credentials (optional).
      * If not provided, middleware will attempt to auto-detect from Cloud Foundry ADP project.

package/dist/validation.js

@@ -10,11 +10,17 @@ const adp_tooling_1 = require("@sap-ux/adp-tooling");
  * @throws {Error} If configuration is invalid.
  */
 async function validateConfig(config, logger) {
-    if (!config.url) {
-        throw new Error('Backend proxy middleware (CF) requires url configuration.');
+    if (!config.backends || !Array.isArray(config.backends) || config.backends.length === 0) {
+        throw new Error('Backend proxy middleware (CF) requires "backends" array configuration.');
     }
-    if (!config.paths || !Array.isArray(config.paths) || config.paths.length === 0) {
-        throw new Error('Backend proxy middleware (CF) has no paths configured.');
+    // Validate each backend
+    for (const backend of config.backends) {
+        if (!backend.url) {
+            throw new Error('Backend proxy middleware (CF) requires url for each backend.');
+        }
+        if (!backend.paths || !Array.isArray(backend.paths) || backend.paths.length === 0) {
+            throw new Error(`Backend proxy middleware (CF) has no paths configured for URL: ${backend.url}`);
+        }
     }
     const cfConfig = (0, adp_tooling_1.loadCfConfig)(logger);
     if (!(await (0, adp_tooling_1.isLoggedInCf)(cfConfig, logger))) {

package/package.json

@@ -9,7 +9,7 @@
   "bugs": {
     "url": "https://github.com/SAP/open-ux-tools/issues?q=is%3Aopen+is%3Aissue+label%3Abug+label%3Abackend-proxy-middleware-cf"
   },
-  "version": "0.0.51",
+  "version": "0.0.53",
   "license": "Apache-2.0",
   "author": "@SAP/ux-tools-team",
   "main": "dist/index.js",
@@ -23,9 +23,9 @@
   "dependencies": {
     "axios": "1.13.5",
     "http-proxy-middleware": "3.0.5",
-    "@sap-ux/adp-tooling": "0.18.61",
+    "@sap-ux/adp-tooling": "0.18.63",
     "@sap-ux/logger": "0.8.1",
-    "@sap-ux/project-access": "1.35.2"
+    "@sap-ux/project-access": "1.35.3"
   },
   "devDependencies": {
     "@types/express": "4.17.21",