Skip to main content

Release Notes

maven central

Should I update?#

We highly recommend regularly updating to the latest SAP Cloud SDK version. It will help you:

  • Ensure access to the latest Cloud SDK features
  • Keep up with the latest changes in SAP Cloud Platform
  • Update client libraries giving access to latest SAP services on SAP Cloud Platform and SAP S/4HANA
  • Protect yourself from bugs and breaking changes in the future

The SAP Cloud SDK v2 for Java is Deprecated#

Update to the SAP Cloud SDK v3

Version 2.x of the SAP Cloud SDK for Java v2 has reached its end of life and is no longer maintained. To continue using the latest features outlined in the release notes for version 3 below, please upgrade to the SAP Cloud SDK v3.

3.44.1 - May 6, 2021#

Maven Central | Javadoc

Compatibility Notes#

  • The OpenAPI Generator no longer adds the prefix src/main/java to the output directory. Thus, you need to explicitly add this part to the output directory if you need it.

New Functionality#

  • We enhanced the BTP Workflow API client library to reflect the latest state of this BTP service.
  • We introduced a new CLI wrapper for the OpenAPI generator that can be used without having to set up a Maven project.

Improvements#

  • Dependency Updates:
    • Minor version updates:
      • Update Reactor from 3.4.4 to 3.4.5
      • Update Protobuf Java from 3.15.7 to 3.15.8
      • Update PMD from 6.32.0 to 6.33.0
      • Update JPaaS Security Utils for Neo from 1.4.89 to 1.4.90
      • Update Jackson from 2.12.2 to 2.12.3

Fixed issues#

  • The OpenAPI Generator no longer adds the prefix src/main/java unexpectedly to the output directory.
  • The OpenAPI Generator generates the equals method for model classes now with an argument annotated as @Nullable.
  • We fixed an issue where the user JWT token was not sent to destinations that use the SAMLAssertion authentication method.
  • For HTTP destinations with the authentication type OAuth SAML Bearer Assertion Flow the destination key store is no longer used for the TLS handshake.

3.43.0 - April 22, 2021#

Maven Central | Javadoc

New Functionality#

  • We added a new API for creating OData v2 Changesets in Batch requests that mimics the existing OData V4 API. As a natural outcome, this new API also supports custom headers on a per-request basis.

    Example usage:

    // define modification requests including custom headers per request
    MyEntityCreate createRequest = new MyEntityCreate(myNewEntityInstance).withHeader("custom-header", "value");
    MyEntityUpdate updateRequest = new MyEntityUpdate(myUpdatedEntityInstance).withHeader("another-custom-header", "another value");
    // assemble batch request by adding both modifications into a single changeset
    MyEntityBatch batchRequest = new MyEntityBatch().addChangeSet(createRequest, updateRequest);
    // execute the batch request
    BatchResponse response = batchRequest.executeRequest(myDestination);

Improvements#

  • Dependency Updates:
    • Minor version updates:
      • Update Netty from 4.1.60.Final to 4.1.63.Final
      • Update Lombok from 1.18.18 to 1.18.20
      • Update Jetty from 9.4.38.v20210224 to 9.4.39.v20210325
      • Update Bouncycastle from 1.64 to 1.68
      • Update Error Prone from 2.5.1 to 2.6.0
      • Update Java JWT from 3.14.0 to 3.15.0
      • Update Protobuf from 3.15.6 to 3.15.7
      • Update Apache CXF from 3.3.8 to 3.3.10
      • Update Mockito from 3.8.0 to 3.9.0

3.42.0 - April 8, 2021#

Maven Central | Javadoc

New Functionality#

  • We improved OData v4 update requests that use the PATCH HTTP method. Now they allow adding complex properties without the need to use setters for each value inside the complex property. You can use the builder pattern or the constructor to propagate the property values.

    Before:

    Entity entity;
    ComplexProperty property = new ComplexProperty();
    property.setValue("Foo");
    entity.setComplexProperty(property);

    Now:

    Entity entity;
    entity.setComplexProperty(new ComplexProperty("Foo"));

    Transitive changes inside a complex property will automatically be detected.

  • The OData v2 generator is able to maintain argument order in function imports and get-by-key fluent helpers over successive generations, even when the originating specification changes parameter order. This is now a default behavior. It can be disabled by adding the flag to the plugin configuration: <keepExistingSignatures>false</keepExistingSignatures>

  • We updated the OData v2 type-safe client (VDM) for the services that couldn't be generated because of the parameters re-ordering issue mentioned above. Now you can use them as any other service. Find the list below:

    • Purchase Requisition - API_PURCHASEREQ_PROCESS_SRV
    • Production Order Confirmation - API_PROD_ORDER_CONFIRMATION_2_SRV
    • Process Order Confirmation - API_PROC_ORDER_CONFIRMATION_2_SRV
    • Attachments - API_CV_ATTACHMENT_SRV

The collection of released S/4HANA Cloud client libraries from the SAP Cloud SDK is now consistent with the set of OData services that you can find in the SAP API Business Hub for SAP S/4HANA Cloud.

Improvements#

  • We enabled the OpenAPI generator to consider the vendor extension field x-sap-cloud-sdk-api-name in an OpenAPI specification on the operation, path, or on the root level.
  • We enabled the OpenAPI generator to remove the suffix api (regardless of the case) from the extension field value of x-sap-cloud-sdk-api-name, if present.
  • Dependency Updates:
    • SAP dependency updates:
      • Update SCP Neo Java TomEE7 API from 1.93.10.2 to 1.94.8
    • Other dependency updates:
      • Minor version updates:
        • Update Reactor from 3.4.3 to 3.4.4
        • Update Protobuf from 3.15.1 to 3.15.6
        • Update JooQ from 3.14.7 to 3.14.8
        • Update PMD from 6.31.0 to 6.32.0
        • Update Hibernate Core from 5.4.28.Final to 5.4.30.Final
        • Update Guava from 30.1-jre to 30.1.1-jre
        • Update Togglz from 2.8.0 to 2.9.6

3.41.0 - March 25, 2021#

Maven Central | Javadoc

New Functionality#

  • We added a convenience method to configure the proxy authorizations when building a custom DefaultHttpDestination. The .proxyAuthorization("value") will send value within the Proxy-Authorization header, unless that header is already set.

  • The OpenAPI generator now supports the vendor extension field x-sap-cloud-sdk-api-name in an OpenAPI specification. By default, the OpenAPI generator uses the tag of an operation to determine the Java service class name. In case you're not happy with the name generated from the tag field, and changing it is not possible, you can add x-sap-cloud-sdk-api-name vendor extension to the operation section of the specification. This vendor extension will be used by the generator to derive the Java service class name.

  • Enable OData requests to skip the CSRF token retrieval if the server does not require it. Use the method withoutCsrfToken() to disable the CSRF token retrieval.

  • We provided experimental support for OData v2 read requests as items in a Batch request. The API is unified and similar to the OData v4 Batch request:

    BusinessPartnerService service = new DefaultBusinessPartnerService();
    BusinessPartnerFluentHelper readOperationAll = service.getAllBusinessPartner().top(10);
    BusinessPartnerByKeyFluentHelper readOperationByKey = service.getBusinessPartnerByKey("bupa9000");
    BatchResponse response = service.batch()
    .addReadOperations(readOperationAll)
    .addReadOperations(readOperationByKey)
    .executeRequest(destination);
    List<BusinessPartner> entities = response.getReadResult(readOperationAll);
    BusinessPartner entity = response.getReadResult(readOperationByKey);

Improvements#

  • Dependency Updates:
    • SAP dependency updates:
    • Other dependency updates:
      • Minor version updates:
        • Update Spring from 5.3.3 to 5.3.4
        • Update Spring Security from 5.4.2 to 5.4.5
        • Update Jetty BOM from 9.4.36.v20210114 to 9.4.38.v20210224
        • Update Woodstox Core from 5.0.3 to 5.3.0
        • Update Netty from 4.1.59.Final to 4.1.60.Final
        • Update Java JWT from 3.13.0 to 3.14.0
        • Update Jackson from 2.12.1 to 2.12.2
        • Update Apache Commons Lang from version 3.11 to 3.12.0
        • Update JSON from version 20201115 to 20210307
        • Update Jackson from version 2.12.1 to 2.12.2
  • The OData type-safe client (VDM) for OData V4 services of newest release 2102 of SAP S/4HANA Cloud and FPS1 of SAP S/4HANA on-premise 2020 now also supports static fields for accessible properties on VdmComplex types.

Fixed issues#

  • We fixed an issue with OData V2 read requests where an error message was incorrectly written to the log when using filters. The error messages are no longer logged unless it is applicable:

    Registered custom filter expression cannot be used when performing the OData V2 request with toRequest() or executeRequest().

    Registered custom filter expression cannot be used when performing the OData V2 request with execute().

  • Fix an issue with OData response handling where deserialization of one-to-many properties failed for primitive and complex data types.

3.40.0 - March 18, 2021#

Maven Central | Javadoc

Known issues#

  • Update requests via PATCH in OData V4 will not contain any changes to complex properties of an entity. This is a feature gap we plan to solve in the upcoming release.

Compatibility Notes#

  • The general availability of the OpenAPI generator brings the following renamings:
    • The following dependencies in the Maven Group ID com.sap.cloud.sdk.datamodel have been renamed:
      • Rename dependency rest-core to openapi-core
      • Rename dependency rest-generator to openapi-generator
      • Rename dependency rest-generator-maven-plugin to openapi-generator-maven-plugin
    • The Maven Plugin has been renamed from rest-generator-maven-plugin to openapi-generator-maven-plugin

New Functionality#

  • The OData v4 type-safe client (VDM) generator now generates static fields for accessible properties on VdmComplex types, which can be used exactly like their counterparts on VdmEntity when building OData queries.
  • You can clear the cache for remote functions with the new experimental APIs RemoteFunctionCache.clearCache(Destination) and RemoteFunctionCache.clearCache(Destination, functionName).
    • Example usages:
    final Destination destination = DestinationAccessor.getDestination(destinationName);
    try {
    RemoteFunctionCache.clearCache(destination);
    }
    catch( final RemoteFunctionException e ) {
    //deal with exception
    }
    final Destination destination = DestinationAccessor.getDestination(destinationName);
    try {
    RemoteFunctionCache.clearCache(destination, "BAPI_GET_COSTCENTER");
    }
    catch( final RemoteFunctionException e ) {
    //deal with exception
    }

Improvements#

  • Dependency Updates:
    • SAP dependency updates:
      • Update SCP Neo Java Tomcat API from 3.121.8.1 to 3.123.6.2
      • Update SCP Neo Java TomEE7 API from 1.90.9.1 to 1.92.6.2
      • Update JPaaS Security Utils for Neo from 1.4.87 to 1.4.89
      • Update SAP CP Spring XSUAA Security Library from 2.8.3to 2.8.4
    • Other dependency updates:
      • Minor version updates:
        • Update Mockito from 3.7.7 to 3.8.0
        • Update Spring from 5.3.2 to 5.3.3
        • Update Spring Boot from 2.4.1 to 2.4.2
        • Update AQMP Client from 5.10.0 to 5.11.0
        • Update Protobuf java from 3.14.0 to 3.15.1

3.39.0 - February 25, 2021#

Maven Central | Javadoc

Compatibility Notes#

As part of the update of the pre-generated type-safe client for SAP S/4HANA On-premise, we encountered the following changes:

  • The following methods of the OData v4 service ContractAccountingBusinessPartnerPaymentService have been renamed:

    • getAllBusPartPaymentParameters has been renamed to getAllBusPartPayment
    • countBusPartPaymentParameters has been renamed to countBusPartPayment
    • getBusPartPaymentParametersByKey has been renamed to getBusPartPaymentByKey
    • getAllBusPartPaymentItemParameters has been renamed to getAllBusPartPaymentItem
    • countBusPartPaymentItemParameters has been renamed to countBusPartPaymentItem
    • getBusPartPaymentItemParametersByKey has been renamed to getBusPartPaymentItemByKey
  • The following classes of the OData v4 VDM have been renamed:

    • ProtocolQueryReadSingle has been renamed to ProtocolQueryRead
    • StructuredPropertyCollection has been renamed to NavigationPropertyCollection
    • StructuredPropertyCollectionQuery has been renamed to NavigationPropertyCollectionQuery
    • StructuredPropertySingleQuery has been renamed to NavigationPropertySingleQuery
    • StructuredPropertySingle has been replaced by either the NavigationProperty<Single/Collection>Query or the newly introduced ComplexPropertyQuery
  • The type-safe client (VDM) classes for TimeDependentStockLevelService have been removed as the SAP S/4HANA on-premise OData service does not exist in releases 2020 FPS0 or FPS1.

  • With SAP S/4 OnPremise release 2020 FPS1, in the type-safe client (VDM) class for VehicleManagementSystemForVehicleService the getVMSVehicleIncomingInvoiceByKey method now takes only two parameters ( vMSVehicleUUID and vMSVehicleActionDateTime) as input as opposed to three before ( vMSVehicleUUID,vMSVehicleActionDateTime and vMSVehicleActionDocType ).

New Functionality#

  • The type-safe OData client (VDM) is updated to the latest release (FPS1) of SAP S/4HANA on-premise 2020. This also includes completely new services added to the pre-existing com.sap.cloud.sdk.s4hana.onpremise.v2020.datamodel.odata.services and com.sap.cloud.sdk.s4hana.onpremise.v2020.datamodel.odatav4.services packages.

  • In the OData v2 and v4 type-safe client (VDM) generators we now support generating service methods for multiple entity sets belonging to the same entity type. Formerly only the first entity set of an entity type was regarded.

    To ensure backward compatibility this feature is turned off by default.
    To activate the new functionality, supply the feature flag explicitly.
    Generator Maven Plugin Configuration:
    `<serviceMethodsPerEntitySet>true</serviceMethodsPerEntitySet>`
    Generator CLI Flag:
    `--service-methods-per-entity-set`
  • The OpenAPI Generator now allows for customizing the method names on generated API classes. Use the vendor extension x-sap-cloud-sdk-operation-name to specify a name on an operation:

    /operation/path:
    get:
    summary: My Operation.
    x-sap-cloud-sdk-operation-name: performMyOperation
    operationId: myOperation

    This field is optional and the generator will fall back to using the operationId if vendor extensions are not present.

  • The OpenAPI Generator now allows for setting a custom copyright header. Use the option <copyrightHeader> to set a custom header, or set the flag <sapCopyrightHeader> to have an SAP copyright header added. By default, no header is generated.

Improvements#

  • The OData v2 type-safe client (VDM) classes and generator now support null as parameter values for function import methods when applicable. For visibility the respective annotations on arguments are provided, i.e. @Nullable and @Nonnull.

  • The OData v4 VDM now better reflect which operations are allowed on complex properties. Operations that are not applicable to complex properties like top(int) and skip(int) are no longer available. This causes some existing classes to be renamed/removed (see Compatibility Notes)

  • Dependency Updates:

    • Update JUnit Jupiter from 5.7.0 to 5.7.1
    • Update Joda-Time from 2.10.9 to 2.10.10
    • Update Netty from 4.1.58 to 4.1.59.Final to overcome security vulnerability CVE-2021-21290
    • Update Hibernate Core from 5.4.27.Final to 5.4.28.Final
    • Update jOOQ from 3.4.16 to 3.4.17
    • Update Reactor from 3.4.2 to 3.4.3
    • Update OkHttp from 4.9.0 to 4.9.1
    • Update Java JWT from 3.12.1 to 3.13.0
    • Update JUnit from 4.13.1 to 4.13.2
    • Update Caffeine from 2.8.8 to 2.9.0

Fixed issues#

  • We fixed an issue where selecting complex properties in the OData V4 VDM would lead to an incorrect HTTP query.
  • We fixed an issue where very long RFC function names (>= 30 characters) would lead to an incorrect SOAPAction header.

3.38.0 - February 11, 2021#

Maven Central | Javadoc

Compatibility Notes#

  • The method getHeaders(DestinationProperties) of extension API DestinationHeaderProvider is deprecated but still functional. Please implement getHeaders(DestinationRequestContext) instead. The new argument allows accessing the request specific URI as well as the original DestinationProperties.
  • The method ResilienceDecorator#invalidateCache is deprecated but still functional. Please use ResilienceDecorator#clearCache for tenant aware cache invalidation or ResilienceDecorator#clearAllCacheEntries to clear all entries for all tenants and principals.
  • As part of the update of the OData VDM to SAP S/4HANA Cloud 2102 a few operations were removed. The operations were never supported by the S/4 system (like CRUD support for some entities), so no existing functionality is affected. The following services are affected:
    • Nota Fiscal โ€“ Create, Update - API_LOGBR_NOTAFISCAL_SRV
    • Purchase Contracts - API_PURCHASECONTRACT_PROCESS_SRV
    • Outbound Delivery (A2X) - API_OUTBOUND_DELIVERY_SRV_0002

New Functionality#

  • We introduced a new API on table parameters of BapiRequest. When a table uses a domain-type as row-type there are no field names to refer to. But such a table can be treated as a one-dimensional vector of primitive values, e.g.:

    new BapiRequest("BAPI_DEMO", true)
    .withExportingTable("DEMO_TABLE", "BAPI_DEMO_TAB01")
    .asVector()
    .row("CC01")
    .row("CC02")
    .row("CC03")
    .end();
  • We now support the SAMLAssertion authentication type on Cloud Foundry. Refer to the help page for more detail on the SAMLAssertion authentication type.

  • We introduced a new API to build a Destination for connecting to services on Cloud Foundry. The information will be read from the VCAP_SERVICES environment variable at runtime. For certain authentication types i.e. NoAuthentication and OAuth2ClientCredentials this API eliminates the need to manually create a destination in the CF account for connecting to services.

    Example:

    final Map<String, String> mapping =
    ScpCfServiceDestinationLoader.buildClientCredentialsMapping(
    "credentials.endpoints.service_rest_url",
    "credentials.uaa.clientid",
    "credentials.uaa.clientsecret",
    "credentials.endpoints.token_url");

    ScpCfServiceDestinationLoader.buildClientCredentialsMapping creates a mapping for loading a destination and provides JSON paths for all required destination properties.

    final HttpDestination destination =
    ScpCfServiceDestinationLoader.getDestinationForService(
    "label",
    "serviceBindingName",
    AuthenticationType.OAUTH2_CLIENT_CREDENTIALS,
    mapping);

    For certain services (only workflow for now), we provide further convenience that skips the need to provide the mapping explicitly. Example:

    final HttpDestination destination =
    ScpCfServiceDestinationLoader.getDestinationForService(
    ScpCfServiceDestinationLoader.CfServices.WORKFLOW,
    "my-workflow");
  • We introduced a new API to construct a ScpCfDestinationLoader that allows overriding the default timeout for the Time Limiter resilience pattern. If not specified, requests will automatically timeout after 6 seconds.

  • We added support for recursive tables and structures in parameters of BapiRequest API for both protocols: JCo and SOAP. Example:

    final BapiRequest bapiReqauest = new BapiRequest("DEMO_BAPI")
    .withExportingTable("TABLE_PARAMETER1","ABC_T_PARAM1" )
    .row()
    .field("ROW_UUID","STRING","foobar")
    //Start nested table
    + .table("TABLE_NESTED1","ABC_T_NESTED1")
    + .row()
    + .field("NESTED_FIELD1","STRING","john")
    + .field("NESTED_FIELD2","STRING","doe")
    + .end() // End nested table
    // START nested structure
    .fields("NESTED_STRUCTURE", "NESTED_STRUCTURE_TYPE")
    .field("latitude", "Axis", "52")
    .field("longitude", "Axis", "13")
    .end() // End nested structure
    .end();
  • We updated the OData type-safe client also known as a VDM to the newest release 2102 of SAP S/4HANA Cloud. This includes completely new services (available as usual in packages com.sap.cloud.sdk.s4hana.datamodel.odata.services and com.sap.cloud.sdk.s4hana.datamodel.odatav4.services), new operations in previously existing services, and new entity types. The SDK supports all OData services listed in the SAP API Business Hub for SAP S/4HANA Cloud with the exception of the following services:

    • (OData V2) Purchase Requisition - API_PURCHASEREQ_PROCESS_SRV
    • (OData V2) Production Order Confirmation - API_PROD_ORDER_CONFIRMATION_2_SRV
    • (OData V2) Process Order Confirmation - API_PROC_ORDER_CONFIRMATION_2_SRV
    • (OData V2) Attachments - API_CV_ATTACHMENT_SRV
    • (OData V4) Contract Accounting: Invoices of Business Partner - API_CABUSPARTINVOICE_0001

Improvements#

  • ResilienceDecorator.clearCache(ResilienceConfiguration) does now also respect parameters defined in the ResilienceConfiguration.CacheConfiguration when selecting cache entries to clear.

  • Dependency Updates:

    • SAP dependency updates:
    • Other dependency updates:
      • Minor version updates:
        • Update Spring from 5.2.10.RELEASE to 5.3.2
        • Update Spring Security from 5.3.5.RELEASE to 5.4.2
        • Update Mockito from 3.7.0 to 3.7.7
        • Update AssertJ from 3.18.1 to 3.19.0
        • Update Fabric SDK for Java from 2.2.4 to 2.2.5
        • Update Resilience4J from 1.6.1 to 1.7.0
        • Update Java JWT Java from 3.12.0 to 3.12.1
        • Update PMD from 6.30.0 to 6.31.0
        • Update Lombok from 1.18.16 to 1.18.18
        • Update Jetty from 9.4.35.v20201120 to 9.4.36.v20210114

Fixed Issues#

  • We fixed an issue with OData V4 update requests where the serialization of primitives with types like Integer, Boolean, and Double leads to null values.
  • We fixed an issue with the JCo serialization of BAPI requests, where adding field parameter values of type ErpType led to an exception.

3.37.0 - January 28, 2021#

Maven Central | Javadoc

Compatibility Notes#

  • We deprecated the constructor UncheckedFilterExpression(FilterExpression). It can still be used for OData V2 type-safe client (VDM) read requests that are executed with the deprecated execute(...) method. However, we strongly encourage you to migrate to executeRequest(...). Unchecked filter expressions can be instantiated with recommended constructor UncheckedFilterExpression(ValueBoolean).
  • We deprecated the class com.sap.cloud.sdk.s4hana.connectivity.RequestBody as it has no usage.
  • For BTP Cloud Foundry, instances of DestinationHeaderProvider will be called for every HTTP request as of now. Earlier versions invoked the API only once during destination construction.

New Functionality#

  • OData V2 helper class UncheckedFilterExpression can be instantiated for generic instances of ValueBoolean. Example:

    BusinessPartnerService service;
    HttpDestination destination;
    ValueBoolean customExpression = FieldReference.of("ShoeSize").equalTo(42);
    List<BusinessPartner> items = service
    .getAllBusinessPartner()
    .filter( new UncheckedFilterExpression<>(customExpression) )
    .executeRequest(destination);
  • The DefaultHttpDestination now allows for registering a DestinationHeaderProvider to enrich outgoing HTTP requests with headers. It can be used as follows:

    DefaultHttpDestination
    .builder(uri)
    .headerProviders(new CustomHeaderProvider(), new AnotherCustomHeaderProvider())
    .build();

Improvements#

  • OData requests are now allowed to contain null values within entity keys and function parameters as per the OData specification. Previously an exception would be thrown in these cases.
  • Removed Swagger annotations ApiModel and ApiModelProperty from classes generated by the OpenAPI client generator
    • Swagger annotations dependency (io.swagger.swagger-annotations) can now safely be removed from the project's pom.xml
  • The Workflow API client library in module scp-workflow-cf got enhanced to reflect the latest Workflow API features.
  • Dependency Updates:
    • SAP dependency updates:
      • Update SCP CF Java Logging Support from 3.2.1 to 3.3.0
      • Update SCP Neo Java Tomcat API from 3.119.9 to 3.121.8.1
      • Update SCP Neo Java TomEE7 API from 1.88.6 to 1.90.9.1
      • Update JPaaS Security Utils for Neo from 1.4.86 to 1.4.87
    • Other dependency updates:
      • Major version updates: -
      • Minor version updates:
        • Update Error Prone Annotations from 2.4.0 to 2.5.0
        • Update Liquibase from 3.8.6 to 3.10.3
        • Update OWASP Json Sanitizer from 1.2.1 to 1.2.2
        • Update JsonPath from 2.4.0 to 2.5.0
        • Update Reactor Core from 3.4.1 to 3.4.2
        • Update Mockito from 3.6.28 to 3.7.0
        • Update Jackson from 2.12.0 to 2.12.1
        • Update Netty BOM from 4.1.56.Final to 4.1.58.Final
        • Update Hyperledger Fabric SDK from 2.2.3 to 2.2.4
        • Update Hibernate from 5.4.26.Final to 5.4.27.Final
        • Update Joda time library from 2.10.8 to 2.10.9
        • Update Apache Olingo OData V4 from 4.7.1 to 4.8.0

3.36.0 - January 14, 2021#

Maven Central | Javadoc

Compatibility Notes#

  • We removed the following dependencies from the SAP Cloud SDK Bill-of-Material (BOM):
    • Netty
    • Protobuf
    • Spring Security OAuth
    • Hibernate Validator

New Functionality#

  • We introduced support for the String-based filter functions endsWith, startsWith and substringOf in the OData V2 type-safe client (VDM).
  • Check out our new Feature Matrix. We're actively extending it. Let's us know what you'd like to see there by creating a GitHub issue.

Improvements#

  • We replaced the deprecated constant org.apache.commons.codec.Charsets.UTF_8 in the HelloWorldControllerTest class of the Spring archetype by its recommended successor java.nio.charset.StandardCharsets.UTF_8. This resolves a compiler warning.
  • We added Maven module s4hana-api-odata-v4 into s4hana-all to enable type-safe OData v4 client library (VDM) for SAP S/4HANA Cloud Edition.
  • Dependency Updates:
    • SAP dependency updates:
    • Other dependency updates:
      • Major version updates:
      • Minor version updates:
        • Downgrade Spring dependencies to resolve conflicts with SAP CP Spring XSUAA Security Library
          • Change Spring Framework BOM from 5.3.1 to 5.2.10.RELEASE
          • Change Spring Security BOM from 5.4.2 to 5.3.5.RELEASE
        • Update PMD from 6.29.0 to 6.30.0
        • Update Caffeine from 2.8.6 to 2.8.8
        • Update Jackson from 2.11.3 to 2.12.0
        • Update Reactor from 3.4.0 to 3.4.1
        • Update Guava from 30.0-jre to 30.1-jre
        • Update Hibernate Core from 5.4.25.Final to 5.4.26.Final
        • Update Netty BOM from 4.1.49.Final to 4.1.56.Final
        • Update Java JWT from 3.11.0 to 3.12.0

Fixed issues#

  • We fixed incorrect serialization of date values for OData V2 requests using the PATCH request method.
  • We fixed an issue where OData Batch requests were sending an invalid Accept header.
  • We fixed an issue where the API for OData Batch responses did not conveniently throw or wrap an exception for failing HTTP response code health checks. Affected methods:
    • OData v4 VDM: getReadResult of BatchResult
    • OData v2 VDM: get of BatchResponse
    • OData Client: getResult of ODataRequestResultMultipartGeneric
  • We removed a log message that incorrectly indicated an error when receiving an OData response without payload.

3.35.0 - December 17, 2020#

Maven Central | Javadoc

Known issues#

  • OData Batch response API is known to not conveniently throw or wrap an exception for failing HTTP response code health checks. This affects the type-safe batch request builders for both v2 and v4 protocol. We're working to fix this in the next release.

Compatibility Notes#

  • We removed a dependency reference for JUnit Pioneer. The last used version was 1.0.0

Improvements#

  • Dependency Updates:
    • SAP dependency updates:
      • Update SAP Cloud Security Client from 2.7.6 to 2.8.0
      • Update API of Java EE 7 Web Profile TomEE 7 from 1.87.4 to 1.88.6
      • Update API of Java Web Tomcat 8 from 3.118.5 to 3.119.9
    • Other dependency updates:
      • Minor version updates:
        • Update Mockito from 3.6.0 to 3.6.28
        • Update Apache HttpComponents Core from 4.4.13 to 4.4.14
        • Update Spring Security from 5.4.1 to 5.4.2
        • Update Jetty from 9.4.34.v20201102 to 9.4.35.v20201120

Fixed issues#

  • We fixed an issue where OData errors originating in OData batch change sets requests could not be parsed correctly.

3.34.1 - December 9, 2020#

Maven Central

Compatibility Notes#

  • To use the experimental version of OpenAPI type-safe client generator you longer need to add the org.springframework:spring-context dependency in a project.
  • Requests to fetch CSRF token that are done for OData v2 function imports now contain all explicitly specified HTTP headers. Before they contained only implicitly set HTTP headers and neglect headers provided via .withHeaders() method of RequestBuilder class.

New Functionality#

  • We improved @ODataResponseException to contain an HTTP status code returned from the server to improve debugging experience.
  • Caught instances of ODataResponseException allow accessing @Nonnull Option<String> getHttpBody to simplify investigation while debugging and at runtime.
  • OData function imports now allow accessing the built-in OData request object via the toRequest method.

Improvements#

  • Add support for alternative OData v4 metadata field notations @type, @context, and other introduced with OData Version 4.0.1. The SDK is now able to parse this notation. However, outgoing requests will always use the notation that is compatible with Version 4.0.0 of the standard for now to ensure server compatibility.

  • The Workflow API client library in module scp-workflow-cf was enhanced with the latest Workflow API features.

  • The CSRF token retrieval of OData v2 type-safe function imports has been improved:

    • Function imports using the HTTP method GET no longer issue the unnecessary CSRF token request
    • Function imports using the HTTP method POST can be processed even if the CSRF token retrieval fails (for example, if the server does not support CSRF tokens)
  • Dependency Updates:

    • SAP dependency updates:
      • Downgrade SAP security related libraries from 2.7.8 to 2.7.6

Fixed issues#

  • ClassCastException fix an issue with accessing navigational properties directly in OData V4 requests. Read and count operations performed on nested collections directly via e.g. service.naviagteTo(Entity.COLLECTION_PROPERTY).getAll() would cause a ClassCastException when parsing the result. This is now done correctly.
  • Fix an issue where dependency conflicts between the SDK and the SAP Java Buildback lead to runtime issues on the SCP Cloud Foundry.
  • Fix an issue where operations with empty payload in OData Batch request changesets on SAP S/4HANA OData services failed with Bad Request responses.

3.34.0 - December 3, 2020#

Maven Central

Compatibility Notes#

  • The Maven artifact rest-core moved from the group id com.sap.cloud.sdk.services to com.sap.cloud.sdk.datamodel.
  • We introduced new implementations of ThreadContextListener and ThreadContextDecorator. We adapted the internal priority of listeners and decorators accordingly.
  • Archetypes generated by the Cloud SDK for Java were migrated to the general purpose pipeline of project "Piper". Before they were using the SAP Cloud SDK for Continuous Delivery pipeline that is now deprecated. For existing projects we also recommend migrating migrating to this pipeline.

New Functionality#

  • We released experimental type-safe client generator for OpenAPI 3.0 specification and maven plugin to run it. We do not yet recommend using it in production.

  • We released experimental support for OData server-driven paging
    • The read request builders for OData v2 and v4 have a new feature that enables lazy iteration through result-set pages.
    • You can use memory-efficient or latency-reduced data processing depending on your use-case.

Example:

// Let's assume these are your requests for OData v2 and v4 to fetch entities.
FluentHelperRead<?, EntityT, ?> request = service.getEntities(); // for v2
GetAllRequestBuilder<EntityT> request = service.getEntities(); // for v4
// Before you had only this method which would fetch all the data eagerly by
// travesing through pages and providing the final result set for you.
List<EntityT> defaultEager = request.execute( destination );
// Now you have an option to handle paginated results yourself using one of the
// methods below depending on your use-case.
Iterable<EntityT> lazyIterable = request.iteratingEntities().execute( destination );
Stream<EntityT> lazyStream = request.streamingEntities().execute( destination );
Iterable<List<EntityT>> lazyPages = request.iteratingPages().execute( destination );
note
  • For OData v2 the execute method is called executeRequest
  • The default behavior for OData v2 and v4 is now to return accumulated results from all pages. Before only the first page of results was returned.

Improvements#

  • Dependency Updates:
    • SAP dependency updates:
      • Update API of Java EE 7 Web Profile TomEE 7 from 1.86.9 to 1.87.4
      • Update API of Java Web Tomcat 8 from 3.117.9 to 3.118.5
      • Update Cf Java Logging Support Logback from 3.2.0 to 3.2.1
    • Other dependency updates:
      • Minor version updates:
        • Update Apache CXF from 3.3.7 to 3.3.8
        • Update EclipseLink from 2.7.6 to 2.7.7
        • Update Hibernate validator from 6.1.5.Final to 6.1.6.Final
        • Update Jetty from 9.4.33.v20201020 to 9.4.34.v20201102
        • Update Json from 20200518 to 20201115
        • Update Protobuf java from 3.12.2 to 3.14.0
        • Update Swagger annotation from 1.5.22 to 1.6.2
        • Update Vavr from 0.10.2 to 0.10.3
        • Update hibernate-core from 5.4.3 to 5.4.24 to overcome security vulnerability CVE-2020-25638

Fixed Issues#

  • RFC calls executed via the resilience decorator now use subscriber tenant instead of provider tenant which is correct behavior for multi-tenant applications.
  • non-Latin characters in the quNonery and path part of OData URLs are now correctly encoded.

3.33.0 - November 20, 2020#

Javadoc | Release blog | Maven Central

Compatibility Notes#

  • The client library for SAP S/4HANA Enterprise Messaging is deprecated. This affects all classes in the following modules: s4hana-api-messaging, messaging-core, messaging-jms

  • Blockchain Business Services Visibility: The members of the class MerkleProof are now immutable, forbidding any external modification of a proof

New Functionality#

  • Destinations can be conveniently added into the DestinationAccessor logic at runtime. It exposes two new methods appendDestinationLoader() and prependDestinationLoader() which add destination loaders with high or low priority to the accessor logic. Leverage a new default implementation for the DestinationLoader interface to load destinations created at runtime:

    DestinationLoader loader = new DefaultDestinationLoader().registerDestination(myHttpDestination);
    DestinationAccessor.appendDestinationLoader(loader);

    This new API is experimental.

Improvements#

  • The SCP Workflow API client library in module scp-workflow-cf is now generally available and released for productive usage.

  • All OData V2 and V4 request builder classes now expose an experimental method toRequest() that returns a low-level, generic request object. It provides more convenience for debugging and flexibility to work around a non-standard service behavior.

  • The method withHeader() of OData V4 request builders is no longer experimental.

  • Improve the class hierarchy of ODataException:

  • Dependency Updates:

    • API of Java EE 7 Web Profile TomEE 7 from 1.85.7.2 to 1.86.9
    • API of Java Web Tomcat 8 from 3.116.7.2 to 3.117.9
    • Support for Logback for SCP CF from 3.0.1 to 3.2.0
    • Tomcat from 8.5.50 to 8.5.59 to overcome the security vulnerability CVE-2020-13943
    • Jetty from version 9.4.31.v20200723 to 9.4.33.v20201020 to overcome the security vulnerability CVE-2020-27216
    • Netty BOM from 4.1.53.Final to 4.1.54.Final
    • Spring Boot from 2.3.4.RELEASE to 2.3.5.RELEASE
    • Spring from 5.2.9.RELEASE to 5.3.1
    • AssertJ from 3.17.2 to 3.18.1
    • AssertJ Vavr from 0.2.0 to 0.3.0
    • Fabric SDK for Java from 2.2.2 to 2.2.3
    • Fabric Gateway for Java from 2.2.0 to 2.2.1
    • Mockito from 3.5.15 to 3.6.0
    • Joda Time from 2.10.6 to 2.10.8
    • io.projectreactor:reactor-core from 3.3.10.RELEASE to 3.4.0
    • Okio from 2.7.0 to 2.9.0
    • OkHttp from 4.5.0 to 4.9.0

Fixed Issues#

  • Blockchain Business Services Visibility: Fixed an issue where validating a structurally invalid proof could result in a stack overflow.
  • Fixed missing request header If-Match on batch request for Update or Delete Operation.
  • Fixed missing custom headers and parameters on OData V2 count requests.

3.32.0 - November 5, 2020#

Javadoc | Release blog | Maven Central

Compatibility Notes#

  • OData requests do no longer send the query parameter $format=json by default. Instead the Accept header is set to application/json by default.

The following changes apply to experimental functionality of the SAP Cloud SDK:

  • The SCP service "Hyperledger Fabric on SAP Cloud Platform" is deprecated, the corresponding Maven dependency com.sap.cloud.sdk.services:scp-blockchain gets deprecated too. Use the dependency com.sap.cloud.sdk.serices:blockchain-client-fabric instead.
  • The method setResponseFormat() in the class ODataRequestGeneric is no longer available. You can still configure the Accept header via the method addHeaderIfAbsent(). Example: request.addHeaderIfAbsent(HttpHeaders.ACCEPT, "application/xml").
  • The enum com.sap.cloud.sdk.datamodel.odata.client.request.ODataFormat is no longer public.

New Functionality#

  • Update the OData client library to the newest release 2011 of SAP S/4HANA Cloud. This includes completely new services (available as usual in packages com.sap.cloud.sdk.s4hana.datamodel.odata.services and com.sap.cloud.sdk.s4hana.datamodel.odatav4.services), new operations in previously existing services, and new entity types. The SDK supports all OData services listed in the SAP API Business Hub for SAP S/4HANA Cloud.
  • Released new pre-generated type-safe client libraries for the OData v4 services in the latest RTC release 2020 of SAP S/4HANA On-premise
  • The untyped, generic OData client and OData V4 client now support Edm.Binary as value type for Entity properties. In Java, this type is conveniently represented as byte[]. The OData V4 generator will now generate affected services without raising a warning. Generated entities that have binary properties now have static accessors to the respective fields, similar to the other entity properties. OData filter expressions for binary properties can be created.
  • Add generated service DocumentComplianceElectronicDocumentFileService for API ELECTRONICDOCFILE_0001

Improvements#

  • OData requests contain the Accept header with value application/json by default.
  • Dependency Updates:
    • SAP Cloud Security Client from 2.7.7 to 2.7.8
    • SAP Cloud Application Programming Model from version 1.40.6 to 1.40.11
    • Guava from 29.0-jre to 30.0-jre
    • Lombok from 1.18.14 to 1.18.16
    • Caffeine from 2.8.5 to 2.8.6
    • Resilience4j from 1.6.0 to 1.6.1
    • Mockito from 3.5.13 to 3.5.15
    • Fabric SDK for Java from 2.2.1 to 2.2.2
    • Netty from 4.1.52.Final to 4.1.53.Final

3.31.0 - October 22, 2020#

Javadoc | Release blog | Maven Central

New Functionality#

Improvements#

  • The Workflow API client library in module scp-workflow-cf got enhanced to reflect the latest Workflow API features.
  • Update Dependencies
    • Spring dependency for the SAP Cloud Platform multitenancy implementation module to version 4.3.29.RELEASE to overcome the security vulnerability CVE-2020-5421.
    • Apache HttpComponents from version 4.5.12 to 4.5.13
    • Jackson from 2.11.2 to 2.11.3
    • Java JWT from 3.10.3 to 3.11.0
    • JUnit Pioneer from version 0.9.0 to 1.0.0
    • Lombok from version 1.18.12 to 1.18.14
    • Mockito from version 3.5.11 to 3.5.13
    • Resilience4J from version 1.5.0 to 1.6.0
    • Spring Security from 5.4.0 to 5.4.1
    • io.projectreactor:reactor-core from 3.3.9.RELEASE to 3.3.10.RELEASE
    • JUnit from version 4.13 to 4.13.1
    • Tomcat from 9.0.37 to 9.0.39, fixing the vulnerability CVE-2020-13943

Fixed Issues#

  • Fix an issue where responses of OData batch requests could not be evaluated if the batch request contained semantically identical request objects (e.g. creating two similar entities).
  • Fix an issue where an OData VDM generated with the OData V4 generator would not compile when a complex type contained a list of properties.
  • Fix an issue where error responses of OData V2 requests could not be parsed correctly.

3.30.0 - October 8, 2020#

Javadoc | Release blog | Maven Central

Compatibility Notes#

To unify OData V2 client to OData V4 client APIs, the API of custom header configuration has been simplified and partially deprecated on OData V2 side:

requestV2
.withHeader("Authorization", "Basic user:secret")
.onRequestAndImplicitRequests() // deprecated
.withHeader("User-Agent", "Robot")
.onRequestOnly() // deprecated
.execute(httpDestination);
// ... still works, but should be migrated to:
requestV2
.withHeader("Authorization", "Basic user:secret")
.withHeader("User-Agent", "Robot")
.executeRequest(httpDestination);

The deprecated code ist still usable. No breaking changes in code or behavior are introduced.

The internal fluent helper class FluentHelperCustomHttpHeader is changed to a deprecated interface. The related methods getHeadersForRequestAndImplicitRequests and getHeadersForRequestOnly are deprecated. The former modifier will be used by default in the future. Please use the existing withHeader and withHeaders methods without the stating a deprecated modifier.

The internal protected methods getHeadersForRequestOnly and getHeadersForRequestAndImplicitRequests from abstract base class FluentHelperBasic are deprecated. Please use protected getHeaders() instead.

The internal interface CsrfTokenRetriever defines another retrieveCsrfToken method with additional headers parameter to be passed in the HTTP request.

New Functionality#

Blockchain Business Services update:

  • It is now possible to send, receive, and validate notarizations. Sending a document will automatically also send its notarizations if the visibility configuration is set to include notarizations.

Improvements#

  • In case a DefaultErpHttpDestination decorates an on-premise HttpDestination and the destination configuration lacks a sap-client property, an information message is logged to raise awareness for potential authentication issues.
  • Dependency Updates:
    • Update Spring Boot from 2.3.3.RELEASE to 2.3.4.RELEASE
    • Update JUnit Jupiter from 5.6.2 to 5.7.0
    • Update Spring from 5.2.8.RELEASE to 5.2.9.RELEASE
    • Update Spring Security from 5.3.4.RELEASE to 5.4.0
    • Update Mockito from 3.5.10 to 3.5.11
  • Maven Plugin Updates in Archetypes:
    • Update Maven Surefire Plugin from 3.0.0-M4 to 3.0.0-M5
    • Update Maven Jacoco Plugin from 0.8.5 to 0.8.6

3.29.1 - September 24, 2020#

Javadoc | Release blog | Maven Central

Compatibility Notes#

  • To leverage the new OData v2 client, you need to adjust existing code. Refer to documentation on how to switch for detailed instructions.
  • We start deprecating APIs of the outdated OData v2 client. In this release we deprecated:
    • Methods: execute, toQuery, withErrorHandler, cachingMetadata, withoutCachingMetadata, ignoringVersionIdentifier and ignoreVersionIdentifier.
    • Error handler: ODataVdmErrorResultHandler.
    • Exception classes VersionIdentifierMissingException and VersionIdentifierExpiredException.
    • You'll find instructions how to adjust the code to use the new OData v2 client in the Javadoc of deprecated method or class.

New Functionality#

  • The improved OData v2 type-safe client is now Generally Available. From now on we recommend it for OData API consumption. Refer to the documentation on how to switch for more details on the new OData 2 client.

    • The methods executeRequest are no longer marked as Beta and ready for use in production code.
    • The new methods matchAnyVersionIdentifier() and disableVersionIdentifier() allow for better control over ETag handling.
  • The DefaultHttpDestination and DefaulErptHttpDestination can use a java.security.KeyStore and a key store password for HTTP communication. This is especially useful when utilizing mutual TLS (mTLS) for the communication with a remote system. Use the respective builder methods to set these values as in the following code snippet:

final DefaultHttpDestination defaultHttpDestination =
DefaultHttpDestination.builder(uri).
keyStore(keyStore).
keyStorePassword(keyStorePassword).
build();
  • We updated the Workflow API client library that is shipped as scp-workflow-cf module. It now supports the latest Workflow API service features.

Improvements#

  • Handle requesting a CSRF token for OData V4 batch operations and actions

  • Improve the log output and error handling of CSRF token requests

  • In case a DefaultErpHttpDestination decorates an on-premise HttpDestination and the destination configuration lacks an sap-client property, a notification appears in app logs to raise awareness of potential authentication issues.

  • Update and Delete requests in OData v4 type-safe client no longer send a * in the IF_MATCH header if no version identifier (ETag) has been retrieved from the server previously. This ensures consistent behavior of Update and Delete requests and protects you from unintended data loss and integrity problems.

  • Dependency Updates:

    • Update SAP Cloud Security Client from 2.7.6 to 2.7.7
    • Upgrade Fabric SDK for Java from 2.1.0 to 2.2.1
    • Upgrade Fabric Gateway for Java from 2.1.0 to 2.2.0
    • Upgrade Commons Codec from 1.14 to 1.15
    • Upgrade Commons IO from 2.7.0 to 2.8.0
    • Upgrade AssertJ from 3.17.0 to 3.17.2
    • Upgrade Mockito from 3.5.7 to 3.5.10
    • Upgrade Wiremock from 2.27.1 to 2.27.2
    • Upgrade Netty from 4.1.51.Final to 4.1.52.Final

Fixed Issues#

  • Fix an issue where invalid service metadata files would cause the odata-generator to fail. The generator now skips such services with a warning and only fails if the failOnWarning flag is set.
  • Fix special characters escaping and double encoding issues. The following characters are encoded now:
    • %, # ,' ', ? , \ and " in the service and entity path
    • %, # ,' ', ? , \ , " , $ and & in system query options
    • %, # ,' ', ? , \ , " , $ , & and / in string parameters being passed in functions and GetByKey requests

3.28.1 - September 10, 2020#

Javadoc | Release blog | Maven Central

Compatibility Notes#

  • Blockchain Business Services: The constructors of classes Me and Partner are no longer public. New instances can be constructed using a builder, by calling Me.builder() and Partner.builder() respectively.
  • Blockchain Business Services: IdentityClient.deletePartner now only requires the Partner's ID instead of a full object.

New Functionality#

  • The Currency Conversion library has been added. You can use this library to facilitate currency exchange rate conversions within your Cloud application.
    • Note that no exchange rates are provided by the library. It is assumed that you have your own data providers for getting the exchange rates.
    • The library supports bulk conversions, direct one-to-one conversions from a source value to a target value, and indirect conversions based on inverse rates or a reference currency.
    • You can perform currency conversions based on a fixed currency exchange rate, or a non-fixed rate (if you want the library to select the most appropriate rate based on a list of data from various data providers).
    • To use the library, add the currency-conversion-core and currency-conversion-datamodel Maven dependencies in your pom.xml.

Improvements#

  • Update dependencies:
    • Update SAP Cloud Security Client from 2.7.5 to 2.7.6
    • Update AssertJ Core from 3.16.1 to 3.17.0
    • Update Caffeine from 2.8.4 to 2.8.5
    • Update Apache Commons Lang from version 3.10 to 3.11
    • Update Apache Commons Text from version 1.8 to 1.9
    • Update Apache CXF from 3.3.6 to 3.3.7
    • Update Mockito from 3.3.3 to 3.5.7
    • Update Jackson from 2.11.0 to 2.11.2
    • Update Junit Pioneer from 0.6.0 to 0.9.0
    • Update Netty from 4.1.50.Final to 4.1.51.Final
    • Update Jetty from 9.4.27.v20200227 to 9.4.31.v20200723
    • Update Protocol Buffers Java from 3.12.1 to3.12.2
    • Update Resilience4J from 1.4.0 to 1.5.0
    • Update Spring from version 5.2.6.RELEASE to 5.2.8.RELEASE
    • Update Spring Security from 5.3.2.RELEASE to 5.3.4.RELEASE
    • Update Wiremock from 2.26.3 to 2.27.1
    • Update Togglz from 2.6.1.Final to 2.8.0
    • Update SQLite JDBC Driver from 3.28.0 to 3.32.3.2
    • Update JavaPoet from 1.12.1 to 1.13.0
    • Update Spring Boot from 2.3.0.RELEASE to 2.3.2.RELEASE
    • Update JSON Unit AssertJ from 2.17.0 to 2.18.1
    • Update io.projectreactor:reactor-core from 3.3.5.RELEASE to 3.3.9.RELEASE
    • Update CDS4 from 1.11.0 to 1.12.1
    • Update com.squareup.okio:okio from 2.6.0 to 2.7.0

Fixed Issues#

  • Fix an issue where numbers where not serialised correctly in OData V2 requests using executeRequest. Fractional and long numbers are now correctly serialised as JSON strings.
  • Fix an org.springframework.beans.BeanInstantiationException with a nested java.lang.NoSuchMethodException when adding the Maven dependency scp-workflow-cf to a Spring Boot project

3.27.0 - August 27, 2020#

New functionality#

  • The implicit properties of DefaultHttpClientFactory can now be customized.
    • With HttpClientAccessor.setHttpClientFactory( HttpClientFactory ) it is possible to change the logic that manages creation and configuration of HttpClient instances. These clients are used to handle the connection between platform services and integration endpoints internally. The DefaultHttpClientFactory class has been updated to allow for conveniently changing properties like time-out duration and maximum number of connections. Since the implementation can easily be extended, a custom logic would not need to start from scratch.
    • To change the properties, either create a new class that inherits from DefaultHttpClientFactory and override the accessor methods with scope protected. Or explore the flexible builder pattern for a similar result: DefaultHttpClientFactory.builder().
    • For more information, please find the related documentation.

Improvements#

  • Improve log message quality of OData V2 errors that may occur within executeRequest method.
  • Update dependencies in maven archetypes:
    • Archetype scp-cf-tomee:
      • Update tomee-maven-plugin from 8.0.3 to 8.0.4
    • Archetype scp-cf-spring:
      • Update spring-boot from 2.3.0.RELEASE to 2.3.2.RELEASE
    • Archetype scp-neo-javaee7:
      • Update scp.sdkVersion from 1.74.10 to 1.79.14

3.26.0 - August 13, 2020#

New functionality#

OData and type-safe client libraries#

  • We released a Beta version of improved type-safe client library implementation for OData v2 protocol which now shares a code base with OData v4 protocol. It brings significant advantages like:
    • Boosting performance by avoiding unnecessary metadata calls
    • The same code base for both OData protocol versions speeds up the innovation cycle and unlocks the developing of advanced features for both OData versions.
    • For more insights and guide how to switch to an new version check our type-safe client documentation

  • The results of create and update operations in OData v4 type-safe client now offer getModifiedEntity() method which returns a new Entity object including any changes to payload or metadata the service may have responded with.

  • We released a regular update for pre-generated type-safe client libraries (also known as VDM) for the latest RTC release 2008 of SAP S/4HANA Cloud.
    • The update covers all the changes to existing services and introduces new ones. You'll find them in com.sap.cloud.sdk.s4hana.datamodel.odata.services and com.sap.cloud.sdk.s4hana.datamodel.odatav4.services. Below is the quick reference on difference and compatibility between 2005 and current 2008 of SAP S/4HANA Cloud releases:
    • These deprecated OData services are no longer allowed:
    • These OData service methods have a changed argument order:
      • In service SalesDocumentWithCreditBlocksService the methods rejectCreditBlock and releaseCreditBlock are updated.
      • In service CustomerReturnsDeliveryV2Service the methods setPutawayQuantityWithBaseQuantity, putawayOneItemWithBaseQuantity and putawayOneItemWithSalesQuantity are updated.
    • These OData service methods have been removed:
      • In service ProductionOrderConfirmationV2Service the method createProdnOrdConfMatlDocItm has been removed.
      • In service ProcessOrderConfirmationV2Service the method createProcOrdConfMatlDocItm has been removed.
      • In service SupplierInvoiceIntegrationService the methods createSuplrInvcItemAcctAssgmt and createSuplrInvcItemPurOrdRef have been removed.
    • For reference on what OData services are included in current release, check out SAP API Business Hub for SAP S/4HANA Cloud

REST#

  • The experimental REST SCP Workflow client library got enhanced with a new API class constructor that expects an ApiClient, which allows for easier integration with e.g., the Spring RestTemplate.

    final String basePath = "https://my-api.org";
    final RestTemplate restTemplate = obtainRestTemplate();
    final ApiClient apiClient = new ApiClient(restTemplate).setBasePath(basePath);
    new WorkflowDefinitionsApi(apiClient).queryDefinitions();

SAP Cloud Platform - Clound Foundry#

  • We added support for new authentication types recently introduced on SAP Cloud Platform - Cloud Foundry. It further improves handling of Destinations and keeps SDK up to date with SCP features:
    • SAP_ASSERTION_SSO
    • OAuth2JWTBearer
    • OAuth2Password

Known issues#

  • The module testutil-core references the dependency org.eclipse.jetty:jetty-server:jar:9.4.27.v20200227 transitively which is subject to vulnerability CVE-2019-17638. As we look into updating to the newest version of jetty-server, one can mitigate the risk by assuming that testutil-core is used for testing only and hence not used in production environments.

Compatibility notes#

  • Client library for ELECTRONICDOCFILE_0001 service is missing from SAP S/4HANA 2008 release. We're working to fix this as fast as possible and will communicate it in release notes.

Fixed Issues#

  • Fix an issue where calling a remote-enabled function module that returns a table of type raw (byte sequence) returned the hash code of the byte sequence. It returns the String representation of the byte sequence instead now.
  • Fix a NullPointerException when invoking a function module in SAP S/4HANA which is not remote-enabled or does not exist.
  • Fix an issue where calling a remote-enabled function module with a byte sequence as an exporting parameter was not supported before. It is now possible to pass byte sequences as exporting parameters.

3.25.0 - July 30, 2020#

New Functionality#

  • OData 4.0: Extract version identifiers from the ETag header in case of create and update operations. Now result entities obtained via ModificationRespnse#getResponseEntity() will contain a version identifier. It will be sent as IF-MATCH header in subsequent update and delete operations.

  • New experimental method ScpCfDestinationLoader#tryGetDestination. It allows for custom request handling to resources on SAP Cloud Platform Destination Service. With the handler acting as functional interface, you can conveniently manage your own HTTP interaction. E.g.

    String destinationName;
    String basePath;
    String relativePath;
    Try<ScpCfDestination> destination = new ScpCfDestinationLoader()
    .tryGetDestination(
    destinationName, basePath, relativePath,
    (uri) -> restTemplate.getForObject(uri, ScpCfDestinationServiceV1Response.class));

Improvements#

  • Update dependencies:
  • Update Maven plugins in Maven archetypes:
    • Archetype scp-cf-tomee:
      • Update tomee-maven-plugin from 8.0.1 to 8.0.3
    • Archetype scp-cf-tomee and neo-javaee7:
      • Update maven-war-plugin from 3.2.3 to 3.3.1
  • Add public enum SoapNamespace to rfc module, with experimental support to customize expected XML tag namespace from SOAP response messages. This can be useful if target SOAP service is not working with ABAP code.
  • The principal id can be extracted from authorization tokens of grant type urn:ietf:params:oauth:grant-type:jwt-bearer.

Fixed Issues#

  • Fix an issue on SCP Neo with anonymous HTTP requests being blocked, when optional module concurrency-scp-neo was added as application dependency.
  • Fix an issue with SOAP wrapped RFC and BAPI calls that sends pure exporting parameters as empty tags in SOAP serialised requests. Exporting parameters are no longer sent in SOAP serialised requests.
  • Fix an issue with SOAP wrapped RFC and BAPI calls where de-serialisation failed when the exporting parameter is a list and is empty.
  • Fixed an issue with listeners where FileWritingODataQueryListener was inadvertently called for OData CRUD operations.

3.24.0#

Release date: July 16, 2020

Improvements#

3.23.0#

Compatibility Notes#

  • Method and parameter names for the SCP Workflow client library were adjusted

Improvements#

  • Improved the error messages shown when JWT validation fails.
  • Improved the AuthTokenBuilder so that public keys used for verification of authorization tokens created by it are now being cached.
  • Client Library for SCP Workflow:
    • Method names improved to better reflect the Workflow domain
    • Methods return strong return types, the previous version had generic return types
    • Parameter names improved to better reflect their semantics
  • Update dependencies:
    • Update com.mikesamuel:json-sanitizer from 1.2.0 to 1.2.1
    • Update org.json:json from 20190722 to 20200518
    • Update commons-io:commons-io from 2.6 to 2.7
    • Update org.springframework.security.oauth:spring-security-oauth2 from 2.4.1.RELEASE to 2.5.0.RELEASE
    • Update com.github.ben-manes.caffeine:caffeine from 2.8.1 to 2.8.4
    • Update com.google.errorprone:error_prone_annotations from 2.3.4 to 2.4.0
    • Update io.projectreactor:reactor-core from 3.3.4.RELEASE to 3.3.5.RELEASE
    • Update Spring Boot from 2.2.7.RELEASE to 2.3.0.RELEASE
    • Update com.squareup.okio:okio from 2.4.3 to 2.6.0
    • Update OK HTTP from 4.4.1 to 4.5.0
    • Update SAP Cloud Security Client from 2.6.2 to 2.7.2

Fixed Issues#

3.22.0#

Compatibility Notes#

  • Deprecated the constructor SoapRequest(Class<ServiceT>, Destination) in favor of SoapRequest(Class<ServiceT>, HttpDestination) because SOAP API invocation always uses the HTTP protocol.

New Functionality#

  • A new, experimental API to run generic OData batch requests via ODataRequestBatch in version agnostic module odata-client. It allows for batching entity read and modification requests. Modifications are grouped within changesets and, depending on the service implementation, they are expected to rollback if one change in the set was unsuccessful. Multiple changesets and read requests can be attached. The class supports entity request handling for create, read, update and delete, as well as service specific functions and actions.

    • Notes

      • The API is not considered final yet. The class is @Beta annotated. Please refrain from using it in productive application code.

      • There are no helper methods on the result object yet to conveniently parse the multipart response. However the HttpResponse object can be accessed already.

      • The order of method invocations matters. It defines how the individual requests are serialized, when constructing the multipart batch request.

      • Sample code:

        HttpClient httpClient;
        ODataRequestRead read1;
        ODataRequestCreate create2;
        ODataRequestUpdate update3;
        ODataRequestBatch batchRequest =
        new ODataRequestBatch( "service-path/", ODataProtocol.V4 )
        .addRead( read1 )
        .beginChangeset()
        .addCreate( create2 )
        .addUpdate( update3 )
        .endChangeset();
        batchRequest.execute( httpClient );
  • Add getAllDestinations(DestinationOptions options) in ScpCfDestinationLoader class to fetch all the cloud foundry destinations. The method prioritizes the destination at service instance level in case there exists a destination with the same name on service instance and on sub account level.

Fixed Issues#

  • Fix an issue where subscriber tenant and principal information would not be available in asynchronous threads when running on SAP Cloud Platform Neo.

3.21.0#

New Functionality#

  • Enhance the interface CloudPlatform with the method setEnvironmentVariableReader(Function<String, String>) allowing adjusting the way how environment variables are read.
  • Add experimental filter expressions in OData client value types of package com.sap.cloud.sdk.datamodel.odata.client.expression to allow for custom requests having entity-independent, yet type-safe query filters.

Improvements#

  • Update dependencies:
    • Update Java JWT from 3.10.2 to 3.10.3
    • Update Junit Pioneer from 0.5.6 to 0.6.0
    • Update AssertJ from 3.15.0 to 3.16.1
    • Update Spring from 5.2.5.RELEASE to 5.2.6.RELEASE
    • Update Spring Security from 5.3.1.RELEASE to 5.3.2.RELEASE
    • Update Hibernate Validator from 6.1.2.Final to 6.1.5.Final
    • Update Netty BOM from 4.1.49.Final to 4.1.50.Final
    • Update Stax2 api from 4.2to 4.2.1
    • Update Protocol Buffers Java from 3.11.4 to3.12.1
  • Update dependencies in maven archetypes:
    • Archetype scp-cf-spring:
      • Update spring-boot from 2.2.6.RELEASE to 2.3.0.RELEASE
    • Archetype scp-neo-javaee7:
      • Update scp.sdkVersion from 1.72.13 to 1.74.10

Fixed Issues#

  • Fix an issue in the realm of HTTP destinations created through the SAP Cloud Platform Extension Factory where a DestinationAccessException occurs

3.20.0#

New Functionality#

  • New builder pattern for type Resilience4jDecorationStrategy to enable custom function decoration properties.

  • A new, experimental interface ServiceWithNavigableEntities for OData v4 VDM, to allow for recursive traversal of navigation properties in entity sets. This generic type offers type-safe methods to create a request along chained entities with their navigation properties. By delegating to the existing request builder classes, the interface supports all basic CRUD operations, plus count. You can use all existing request modifiers, e.g. filter or select statements in Read. The interface type is @Beta annotated to declare methods and sub-types are still open for changes in the future.

    • Example

      • Create a new Trip in Vacation (id 2020) of Person (username "John")

      • HTTP request: POST /ODataService/People('John')/Vacations(2020)/Trips

      • Sample code:

        Trip tripItem;
        CreateRequestBuilder<Trip> createRequest = service
        .forEntity( Person.builder().username("John").build() )
        .navigateTo( Person.VACATIONS )
        .forEntity( Vacation.builder().id(2020).build() )
        .navigateTo( Vacation.TRIPS )
        .create( tripItem );
        createRequest.execute( destination );
  • Add public methods String getApplicationUrl() and String getApplicationProcessId() to ScpCfCloudPlatform and expose them in CloudPlatform to partially match the existing public API of subtype ScpNeoCloudPlatform.

Improvements#

  • Renamed module odata-v4-client to odata-client and packages contained from c.s.c.s.datamodel.odatav4.client to c.s.c.s.datamodel.odata.client. Only API that is declared unstable is affected so changes are only required if unstable parts of the API are being used explicitly.
  • The OData generator (so the odata-generator, odata-generator-cli, and odata-generator-maven-plugin modules) are now able to also parse swagger files according to the OpenAPI v3 spec (in addition to the already supported OpenAPI v2 spec).

3.19.1#

Compatibility Notes#

  • As part of the update of the OData VDM to SAP S/4HANA Cloud 2005, in the Inbound Delivery (A2X) - API_INBOUND_DELIVERY_SRV_0002 API, some previously published methods that were not actually supported by the S/4 system (like CRUD support for entity MaintenanceItemObjList) were removed from the SAP API Business Hub and as a consequence, from the SDK.

New Functionality#

3.19.0#

  • Release date: April 30, 2020

New Functionality#

  • Introducing the client library for the Workflow API on SAP Cloud Platform, Cloud Foundry

    • Example usage:
    final HttpDestination httpDestination = DestinationAccessor.getDestination(destinationName).asHttp();
    final List<WorkflowDefinition> workflowDefinitions =
    new WorkflowDefinitionsApi(httpDestination).getWorkflowDefinitions();
    • Maven dependency:
    <dependency>
    <groupId>com.sap.cloud.sdk.services</groupId>
    <artifactId>scp-workflow-cf</artifactId>
    </dependency>
  • New VDM request builder for OData v4 to fetch the count of entries in an entity collection endpoint. The result is a non-null Long, the number of matching entries according to optional filter and search expressions.

    • Example for the VDM usage:
      long numEntries = new DefaultEntityService()
      .countEntities()
      .filter(SomeEntity.FIELDNAME.contains("foo"))
      .search("bar")
      .execute(someDestination);
    • Example for the generic usage:
      long numEntries = new CountRequestBuilder<>("/odata/service/path/", SomeEntity.class)
      .filter(SomeEntity.FIELDNAME.contains("foo"))
      .search("bar")
      .execute(someDestination);
  • Provide support for unbound actions in OData v4. The OData v4 generator generates unbound actions at the service level. Etag handling in actions is still not supported.

    • Note: Regenerate the VDM to enable these features on your classes.
  • The VDM request builders for OData v4 to delete and update entities DeleteRequestBuilder and UpdateRequestBuilder allow to influence the submission of the version identifier (ETag) of the respective entity in the remote system.

    • The method disableVersionIdentifier allows to avoid that the request header If-Match is sent at all.
    • The method matchAnyVersionIdentifier allows to control that the request header If-Match is sent with the value *.
    • Note that if both methods are invoked on the same request builder, the latest invocation takes precedence.
    • Example for the VDM usage to delete an entity without sending a version identifier:
    new DefaultEntityService()
    .deleteEntity(entity)
    .disableVersionIdentifier()
    .execute(destination);
    • Example for the VDM usage to update an entity while sending the * value in the request header:
      new DefaultEntityService()
      .updateEntity(entity)
      .matchAnyVersionIdentifier()
      .execute(destination);

Improvements#

  • Update dependencies:
    • Update Guava from 28.2-jre to 29.0-jre
    • Update Apache CXF from 3.3.5 to 3.3.6
    • SAP Cloud Security Client from 2.6.1 to 2.6.2
    • Update Jackson from 2.10.3 to 2.11.0
    • Update Resilience4J from 1.3.1 to 1.4.0
    • Update AssertJ Guava from 3.3.0 to 3.4.0
    • Update Spring Security OAuth from 2.4.0.RELEASE to 2.4.1.RELEASE
    • Update Fabric SDK from 2.0.0 to 2.1.0
    • Update Netty BOM from 4.1.48.Final to 4.1.49.Final
  • Update Maven plugins in Maven archetypes:
    • Archetype scp-cf-tomee:
      • Update tomee-maven-plugin from 7.0.5 to 8.0.1
    • Archetype scp-cf-spring:
      • Update spring-boot-maven-plugin from 2.2.5.RELEASE to 2.2.6.RELEASE
    • Archetype scp-neo-javaee7:
      • Update jacoco-maven-plugin from 0.8.2 to 0.8.5
      • Update maven-surefire-plugin from 3.0.0-M3 to 3.0.0-M4

3.18.0#

Compatibility Notes#

  • The custom pmd plugin (com.sap.cloud.sdk.quality:pmd-plugin) was removed. The ruleset (com.sap.cloud.sdk.quality:pmd-rules) from now on contains only the rules shipped with the SAP Cloud SDK. All other imported rules were removed. To still use the ruleset with standard pmd plugin, especially in the SAP Cloud SDK for Continuous Delivery, we recommend adding the following configuration to the root pom of your project:
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-pmd-plugin</artifactId>
<configuration>
<rulesets>
<ruleset>rulesets/cloud-sdk-qualities.xml</ruleset>
<ruleset>rulesets/java/maven-pmd-plugin-default.xml</ruleset>
</rulesets>
</configuration>
<dependencies>
<dependency>
<groupId>com.sap.cloud.sdk.quality</groupId>
<artifactId>pmd-rules</artifactId>
<version>3.18.0</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</pluginManagement>
...
</build>

Improvements#

  • Update Dependencies:
    • Spring Security from 5.3.0.RELEASE to 5.3.1.RELEASE
    • JUnit Pioneer from 0.5.5 to 0.5.6
    • Java JWT from 3.10.1 to 3.10.2
    • SAP Cloud Security Client from 2.5.3 to 2.6.0

3.17.2#

  • Release date: Apr 15, 2020

Compatibility Notes#

  • The beta annotated CustomOperationRequestBuilder class has been renamed as FunctionRequestBuilder

Fixed Issues#

  • Fix an issue with access token validation in a provider/subscriber setup, when having multiple XSUAA service bindings, e.g. one with service plan broker and one with service plan application.

3.17.1#

Improvements#

  • The interface ResilienceDecorationStrategy now provides an additional, optional argument to pass a custom ExecutorService in methods decorateCallable and decorateSupplier. This way the thread pool and task execution can be adjusted upon decoration. If the time limiter is enabled, it will be running in a thread through the passed executor. If Callable or Supplier lambda is queued, then the asynchronous task will be run with the given ExecutorService as well.

  • For communication with XSUAA, the recommended JWT Bearer Token Grant is now preferred over (discouraged) combination of User Token Grant and Refresh Token. This saves one internal HTTP request and the "uaa.user" scope is not necessary any longer in the xs-security.json configuration of the XSUAA service instance.

Fixed Issues#

  • Fix unnecessary second request to destination service, when using proxy type "OnPremise" and authentication type "Principal Propagation".

  • Fix a regression introduced in 3.16.1 where public keys for token validation are not cached.

3.17.0#

  • Release date: April 2, 2020

New Functionality#

  • New support for OData V4 - Deep Update.
    • Single and collection-based entity navigation properties can be used when updating a base entity. This way nested entities can be updated and created, while performing a single OData request.
    • Note: This feature can only be used with UpdateRequestBuilder#modifyingEntity() (default), and not with UpdateRequestBuilder#replacingEntity() (custom).
    • Note: Removing an existing element from a collection-based entity navigation property is not yet supported.

Improvements#

  • The OData v4 VDM now allows for ordering by multiple fields through calling orderBy and passing fields to it with the corresponding order.

    getPersons().orderBy(Person.FIRST_NAME.asc(), Person.LAST_NAME.desc());
  • Update Dependencies

    • Update Java JWT from 3.10.0 to 3.10.1
    • Update Mockito from 3.3.0 to 3.3.1
    • Update Wiremock from 2.26.2 to 2.26.3
    • Update Spring Security from 5.2.2.RELEASE to 5.3.0.RELEASE
    • Update Netty BOM from 4.1.47.Final to 4.1.48.Final
    • Update Apache TomEE libraries from version 7.0.6 to 7.0.7
    • Update SAP Cloud Application Programming Model from version 1.38.0 to 1.39.0
    • Update SAP Cloud Security Client from 2.5.1 to 2.5.3
    • Update Apache Commons Lang from version 3.9 to 3.10
    • Update JUnit from version 5.6.0 to 5.6.1
    • Update JUnit Pioneer from version 0.5.4 to 0.5.5
    • Update Spring from version 5.2.4.RELEASE to 5.2.5.RELEASE
  • Dependencies and Maven plugin versions in the archetypes scp-cf-spring, scp-cf-tomee and scp-neo-javaee7 updated.

    • jacoco-maven-plugin updated to 0.8.5
    • maven-surefire-plugin updated to 3.0.0-M4
    • maven-enforcer-plugin updated to 3.0.0-M3
    • maven-war-plugin updated to 3.2.3
    • maven-dependency-plugin updated to 3.1.2
    • Spring Boot updated from 2.2.1.RELEASE to 2.2.5.RELEASE

Fixed Issues#

  • Fix a bug in the odata-v4-generator that causes fields of type Edm.TimeOfDay to not be recognized and thus generated properly, leading to missing SimpleProperty fields on the generated entity.

3.16.1#

Compatibility Notes#

  • As the Olingo dependency was removed from the Virtual Data Model (VDM), Olingo types are now set as custom fields and can be accessed by method getCustomField("fieldName").

New Functionality#

  • Introduce the module SCP Blockchain Client Fabric for easy interaction with a Hyperledger Fabric network using all necessary configuration and credentials from a standardized user-provided service in the Cloud Foundry environment.
  • JSON Web Tokens (JWT) are now validated using their issuer and jku properties. Public keys for signature verification are fetched from the URL specified by the jku property. This only works if the issuer domain matches the domain of the XSUAA service. In case this fails or if the properties are not set, the implementation falls back to the previous validation mechanisms (e.g. verification key of XSUAA service binding, XSUAA token endpoint provider).

Improvements#

  • Update Dependencies
    • Update Slf4J from version 1.7.26 to 1.7.30
    • Update Jackson from version 2.10.2 to 2.10.3
    • Update Wiremock from version 2.26.1 to 2.26.2
    • Update Jetty from version 9.4.26.v20200117 to 9.4.27.v20200227
    • Update Spring from version 5.2.3.RELEASE to 5.2.4.RELEASE
    • Update Apache HttpComponents from version 4.5.11 to 4.5.12

Fixed Issues#

  • Fix missing authorization header with Principal Propagation for OnPremise connectivitiy on CloudFoundry.
  • Fix several special characters escaping and encoding issues.
    • ? in the service path
    • # and & in filter and select expressions
    • ' in string literals and in string parameters being passed in functions and GetByKey requests
    • " and \ in search expressions

3.15.1#

Compatibility Notes#

  • Use the library XSUAA Token Client and Token Flow API for handling communication with XSUAA service instances.

    • If you mock XSUAA service requests in your tests, some assertions might need to be updated. When using the new library, XSUAA request parameters should be passed as HTTP body content instead of query arguments.
    • The internally used types SubdomainReplacer and DefaultSubdomainReplacer became obsolete and were removed. The usage of this classes was replaced by the new library.
    • The behavior of following methods in the utility class XsuaaService has been changed.
      • retrieveAccessTokenViaUserTokenGrant()
      • retrieveAccessTokenHeaderViaUserTokenGrant() The old behavior is implemented in following methods.
      • retrieveAccessTokenViaUserTokenExchange()
      • retrieveAccessTokenHeaderViaUserTokenExchange() The change was made in order to better reflect on the internal logic of these methods. In addition to "Token Grant", the "Token Exchange" flavored operation will perform an authorization request with "Refresh Token" flow, which is required for Principal Propagation when manually consuming the CloudFoundry Connectivity Service. Please update your code accordingly.
  • The module com.sap.cloud.sdk.services:blockchain has been renamed to com.sap.cloud.sdk.services:blockchain-client-multichain to better reflect its focus on the Multichain Service.

New Functionality#

  • Stabilize OData v4 Virtual Data Model (VDM). Following parts are considered stable as of this release:
    • execute() on all request builders (e.g., `CreateRequestBuilder)
    • select(), filter(), top(), skip(), and search() on GetAllRequestBuilder
    • GetByKeyRequestBuilder.select()
    • of(), and(), or(), not() for defining a SearchExpression
    • includingFields(), replacingEntity(), modifyingEntity() on UpdateRequestBuilder
    • The generic exception class ODataException
    • The classes NavigationProperty, ComplexProperty and SimpleProperty
    • The OData v4 generator now generates ComplexProperty fields on entities that can be used to build queries. Single instances and collections of complex types are supported.
  • Provide support for unbound functions in OData v4. The OData v4 generator generates unbound functions at the service level.
  • The OData v4 generator now creates entity classes that are only referenced by navigation properties and functions (not part of an entity set).

Improvements#

  • Introduce snakeyaml version 1.26 as direct dependency and exclude the one used by the jackson library to overcome the security vulnerability CVE-2017-18640.
  • Replace the SAP Cloud SDK implementation for handling authentication and authorization within the SAP Cloud Platform landscape by the library XSUAA Token Client and Token Flow API version 2.5.1. See the compatibility notes for details.
  • Update Dependencies
    • SAP Cloud Application Programming Model from version 1.37.1 to 1.38.0
    • Lombok from version 1.18.10 to 1.18.12
    • Caffeine from version 2.8.0 to 2.8.1
    • Commons CSV from version 1.7 to 1.8
    • Apache HTTP Components CSV from version 4.5.10 to 4.5.11
    • EclipseLink CSV from version 2.7.5 to 2.7.6
    • Liquibase CSV from version 3.6.3 to 3.8.6
    • Resilience4J CSV from version 1.2.0 to 1.3.1
    • JUnit CSV from version 5.5.2 to 5.6.0
    • JUnit Pioneer from version 0.5.1 to 0.5.4
    • Jetty from version 9.4.25.v20191220 to 9.4.26.v20200117
    • Spring Security from version 5.2.1.RELEASE to 5.2.2.RELEASE
    • Hibernate Validator from version 6.0.17.Final to 6.1.2.Final
    • Java JWT from version 3.9.0 to 3.10.0
    • AssertJ from version 3.14.0 to 3.15.0
    • Mockito from version 3.2.4 to 3.3.0
    • Wiremock from version 2.20.0 to 2.26.1
    • SAP Cloud Platform SDK For Neo Environment (Java EE 7 Web Profile TomEE 7) to version 1.69.18

Fixed Issues#

  • Fix an issue where the OData v2 URL query generation was not escaping single-quotes ' in String literals correctly. This character can now be used as part of entity keys and filter expressions.
  • Fix an issue with Decimal OData values being formatted in unexpected scientific notation (e.g. 4.2e-7) instead of expected decimal form (e.g. 0.00000042). The solution is provided for serializing entity properties of Java type BigDecimal.

3.14.0#

Compatibility Notes#

  • Remove the public enum com.sap.cloud.sdk.cloudplatform.connectivity.DestinationRetrievalStrategy as it had no usage in the realm of the SAP Cloud SDK version 3.

New Functionality#

  • OData VDM client: Add preview support for OData v4 services.
    • The new OData client implementation is capable of the basic Create, Read, Update, Delete (CRUD) operations on OData v4 services.
    • Include an updated, dedicated generator that is capable of creating virtual data models through a command line interface or Maven plugin. Reference the artifact id odata-v4-generator in your .pom file.
    • Advanced features like functions, actions or batch requests are not yet supported.
    • The implementation is initially in beta and thus does not guarantee a stable API.

Improvements#

3.13.0#

Compatibility Notes#

New Functionality#

Improvements#

  • Update the Spring dependency for the SAP Cloud Platform multitenancy implementation module to version 4.3.26.RELEASE to overcome the security vulnerability CVE-2020-5397.

3.12.0#

New Functionality#

  • SCP Blockchain Module: Allow the usage of custom HTTP clients by adding support for a custom HTTP request factory for the rest template in MultichainRequest.
  • When creating a MultichainService instance using a SAP Cloud Platform destination, the destination's HTTP client will now be used as a pre-configured HttpClient instance with authentication, HTTP connection pooling, etc. for each MultichainRequest.

Improvements#

  • Update dependencies:
    • Jackson from version 2.10.1 to 2.10.2
    • Commons Codec from version 1.13 to 1.14
    • Apache HttpComponents Core from version 4.4.12 to 4.4.13.
    • Apache CXF from version 3.3.4 to 3.3.5
    • JUnit Pioneer from version 0.4.2 to 0.5.1
    • Spring from version 5.2.2.RELEASE to 5.2.3.RELEASE

Fixed Issues#

  • OData Generator: Fix an issue where if only some of the declared EntitySets contained related service operations annotations in the .edmx file, the ones without such annotations got no operations resolved at all.
  • Fix an issue with BapiRequest where a NoSuchElementException was thrown in case a Destination without a name was used.
  • Fix an issue concerning the encoding of special characters such as #, &, etc. in OData filter expressions.

3.11.0#

Compatibility Notes#

  • The existence of a principal as retrieved by the PrincipalAccessor is no longer an indicator for a JWT to be present. Due to the introduction of BasicAuthenticationAccessor a principal can also originate from the Basic Authentication header on the current request. As before verifying authentication and authorizations needs to be done explicitly by the application using the SAP Cloud SDK.

  • The behavior for principal propagation when accessing on-premise systems has changed as explained below in the Improvements section.

New Functionality#

  • Introduce a new BasicAuthenticationAccessor to read the username and password from the Basic Authentication header of the currently incoming request on Cloud Foundry.

    • Use it like the other *Accessor classes:
      Try<BasicCredentials> basicCredentials = BasicAuthenticationAccessor.tryGetCurrentBasicCredentials();
    • To handle the Try gracefully you can write something like the following:
      BasicCredentials basicCredentials = BasicAuthenticationAccessor.tryGetCurrentBasicCredentials().getOrElseGet(this::useFallbackCredentials);
    • To provide custom logic into the accessor the default logic can be overwritten by using the setBasicAuthenticationFacade() method:
      BasicAuthenticationAccessor.setBasicAuthenticationFacade(new CustomBasicAuthenticationFacade());
  • Enable the PrincipalAccessor to also read the current principal from the newly introduced BasicAuthenticationAccessor, in addition to the already existing way to read it from the current JWT. This functionality applies to Cloud Foundry. A valid JWT takes precedence over a Basic Authentication header.

    The order of resolution is

    1. If a principal is given in the current context (e.g. via PrincipalAccessor.executeWithPrincipal()), this will we be used.
    2. Otherwise, if a JWT is given in the current context (e.g. via an incoming request or manually set via the AuthTokenAccessor.executeWithAuthToken() methods) the principal is read from there.
    3. Otherwise, If there is no JWT or the resolution fails the user retrieved via the BasicAuthenticationAccessor used (if existent).
    4. If no principal could be found with the steps above the Try returned by PrincipalAccessor.tryGetCurrentPrincipal() will contain an Exception.
  • Support self-signed certificates (file extensions .cer, .crt, and .der) as trust store locations for HTTPS destinations.

Improvements#

  • The connectivity to on-premise systems from SCP Cloud Foundry is updated, so that the authentication now follows the recommended protocol for principal propagation.

    • Instead of populating two headers SAP-Connectivity-Authentication and Proxy-Authorization for on-premise requests, the SAP Cloud SDK now takes the recommended approach of just using Proxy-Authorization with a dynamically resolved User Exchange Access Token.
    • Introduce PrincipalPropagationStrategy for configuring that the previous behavior should be used.

    If for compatibility reasons the previous approach should be used, you can adjust strategy with the following code snippet:

    import com.sap.cloud.sdk.cloudplatform.connectivity.PrincipalPropagationStrategy;
    PrincipalPropagationStrategy.setDefaultStrategy(PrincipalPropagationStrategy.COMPATIBILITY);
  • Support reading the principal from an OAuth SAML Bearer token on Cloud Foundry.

  • Update dependencies:

Fixed Issues#

  • Fix an issue with the cache of ResilienceDecorator invalidating itself upon calling, when using a JCache SPI different from JCache RI.
  • OData VDM client: Fix an issue concerning update requests with PATCH semantics where null values were being filtered out before the update. Explicitly set null values are being retained now.
  • Fix an issue with the deserialization of function import responses returning objects creatable by a single String parameter as reported here.
  • Fix a regression in the OData VDM Generator where anotations within EDMX metadata files were interpreted in an unexpected way leading to missing operations in the generated classes as reported here.

3.10.0#

Compatibility Notes#

Improvements#

  • Update dependencies:
    • SAP Cloud Application Programming Model from version 1.35.2 to 1.36.1
    • Spring from version 5.1.2-RELEASE to 5.2.1-RELEASE
    • Spring Security OAuth from version 2.3.6-RELEASE to 2.4.0-RELEASE
    • Eclipse Link from version 2.7.4 to 2.7.5
    • Resilience4J from version 1.1.0 to 1.2.0
    • JUnit Pioneer from version 0.3.3 to 0.4.2
    • Mockito from version 2.22.0 to 3.2.0
    • Spring Boot from version 2.1.1-RELEASE to 2.2.1-RELEASE
  • Introduce more consistency in builders for destinations.

Fixed Issues#

  • Fix an issue concerning HTTP destinations on Cloud Foundry where the default JDK trust store was mistakenly taken into account even if an own trust store is defined.
  • Fix OData query formatting for filter expressions with temporal values. This affects queries comparing entity properties based on Edm.Time, Edm.DateTime or Edm.DateTimeOffset.

3.9.0#

Compatibility Notes#

Improvements#

  • SCP blockchain: Add support for Basic Authentication to MultichainRequest, allowing the request to be used with AWS and Azure Multichain nodes.
  • Resilience framework: Use new name format for threads spawned by asynchronous calls: cloudsdk-resilience-<number>
  • Add new method DestinationProperties.getPropertyNames() to retrieve the set of properties of a destination. This allows you to enumerate the names of all properties retrieved from the destination service and their values.
  • Update dependencies:
    • Jackson from version 2.10.0 to 2.10.1, fixing the vulnerabilities CVE-2019-17267 and CVE-2019-17531
    • SAP Cloud Application Programming Model from version 1.33.0 to 1.35.2
    • Joda Time from version 2.10.4 to 2.10.5
    • Vavr from version 0.9.3 to 0.10.2
    • Commons CSV from version 1.6 to 1.7
    • Java JSON from version 20180813 to 20190722
    • Apache CXF from version 3.3.2 to 3.3.4
    • AssertJ Core from version 3.13.2 to 3.14.0
    • AssertJ Guava from version 3.2.1 to 3.3.0
    • JUnit Pioneer from version 0.3.0 to 0.3.3

Fixed Issues#

  • Fix an issue that caused the OData VDM generator to wrongly identify available operations on a service entity.
  • Fix an issue where special characters (e.g. /) were incorrectly escaped in OData requests made when dynamically fetching a navigation property of an entity whose key contains such characters.

3.8.0#

Compatibility Notes#

  • Create, update, and delete operations have been removed from some VDM services, as they are no longer available on the SAP API Business Hub.
  • The custom constructor parameters of Resilience4jDecorationStrategy have been changed to accept generic modular decorators for the following properties. The default behavior has not been changed. This should not affect existing code, but you may need to recompile your code.
    • Time limiter
    • Bulkhead
    • Circuit breaker
    • Retry
    • Caching

New Functionality#

Fixed Issues#

  • Fix an issue that caused unnecessary requests to the XSUAA service when accessing auth tokens in requests.

3.7.0#

Known Issues#

  • SDK version 3.7.0 references Jackson 2.10.0 which has two known security vulnerabilities, which were not yet fixed in time for version 3.7.0 of the SDK. Note that the SDK does not use the vulnerable functionality and is thus not vulnerable itself. If you use Jackson yourself, you should consider the relevant recommendations CVE-2019-17267 and CVE-2019-17531. For more details, also consider this article with more background.

Compatibility Notes#

  • The resilience configuration API has been adjusted as follows:
  • The default buffer sizes for circuit breakers in CircuitBreakerConfiguration have been changed as follows:
    • From 100 to 10 for transitioning from CLOSED to OPEN state.
    • From 10 to 5 for transitioning from HALF-OPEN back to CLOSED state.

New Functionality#

Improvements#

3.6.0#

Known Issues#

  • SDK version 3.6.0 references Jackson 2.10.0 which has two known security vulnerabilities, which were not yet fixed in time for version 3.6.0 of the SDK. For your reference, this concerned the following recommendations:

Compatibility Notes#

  • The overridable method getJsonResponseObjectName() of base class FluentHelperFunction has been deprecated in favor of its successor refineJsonResponse. Both reside in protected scope and are therefore only used to customize the default behavior. The new method allows limitless modification of the response JSON element during the refinement step of the deserialization process for function import responses.

New Functionality#

  • Offer retries as part of ResilienceConfiguration via a RetryConfiguration.
    • Retries allow for re-attempting a request in case it fails a limited number of times.
    • The feature offers to specify the maximum amount of attempts, a wait duration between attempts and a predicate that determines, whether or not a failure should be retried.

Improvements#

  • OData VDM generator: Mark generated sources for compilation when using odata-generator-maven-plugin. For this feature just add the property <compileScope>...</compileScope> with the compilation phase to your configuration. Valid values are COMPILE, TEST_COMPILE, and NONE, representing the different compile phases or no automatic compilation at all. The default value (for backwards compatibility reasons) is NONE.
  • Update dependencies:
    • Jackson from version 2.9.10 to 2.10.0.
    • Lombok from version 1.18.8 to 1.18.10.
    • Guava from version 28.0-jre to 28.1-jre.
    • GSON from version 2.8.5 to 2.8.6.
    • Java JWT from version 3.8.1 to 3.8.3.
    • Commons-Text from version 1.7 to 1.8.
    • Http Core from version 4.4.11 to 4.4.12.
    • Http Components Client from version 4.5.9 to 4.5.10.
    • Resilience4J from version 0.17.0 to 1.1.0.

Fixed Issues#

  • OData VDM: Fix an issue where the response of function imports was not correctly handled. The response is now parsed according to OData specification. The deviating behavior of OData services in some SAP solution is still supported as in previous versions, via a (modifiable) refinement step.
  • OData VDM generator: Parse allowed requests in a more careful manner when handling an EDMX file. The generator will no longer throw an exception for missing XML attributes.
  • Fix an issue regarding timeouts in the execution of resilient requests. The issue prevented threads from being terminated when a timeout occurs.

3.5.0#

Compatibility Notes#

  • Previous versions of the SDK only recognized an access token in the authorization header if "Bearer" was spelled in title case. Now, corresponding methods do a case insensitive check for "bearer". That means, "bearer" and "Bearer" are now equally supported as correct authorization header.
  • OData VDM generator: The generator now identifies which CRUD operations an entity set supports by first consulting the annotations based on the OData specification. Only when these annotations are not declared, the custom SAP specifications are considered.

Improvements#

  • No longer require a binding to an XSUAA service instance when consuming the destination or connectivity service via the SDK.
  • Automatically read the principal ID from the user_name claim of the current JWT in ScpCfPrincipalFacade when the JWT has the user_token grant type.
  • Update dependencies on Jackson from 2.9.9/2.9.9.2 to 2.9.10.
  • Verify that the Maven artifactId does not contain an underscore character when creating a project using the scp-cf-spring and scp-cf-tomee archetypes. This is necessary as the artifact ID will also be used as Cloud Foundry application name and the deployment to Cloud Foundry will fail if the application name contains an underscore.

3.4.0#

Compatibility Notes#

  • In preparation for an upcoming change to the way how the XSUAA service supplies verification keys to applications, the SAP Cloud SDK from version 3.4.0 onwards retrieves the key from the XSUAA service instead of relying on a verification key present in the XSUAA service binding credentials.
  • Remove dependency rest-assured from the sdk-bom. Projects that depends on it must now declare a version explicitly. This also removes the need to explicitly declare a version of hamcrest-core and hamcrest-library since they were previously both introduced as transitive dependencies via jUnit and rest-assured but had conflicting versions.

Improvements#

  • Validate user access tokens issued by XSUAA with the verification key retrieved from the XSUAA service, instead of relying on a verification key present in the XSUAA service binding credentials. The retrieved key is cached for 5 minutes (depending on feedback, the cache duration may change in the future).
  • Support SystemUser property in destinations with authentication type "OAuth2SAMLBearerAssertion". The system user will be used instead of the currently logged in principal to retrieve an access token to the destination. That is, no principal propagation takes place. As a consequence, no user JWT is required.

3.3.1#

Compatibility Notes#

  • The OData VDM Generator now constructs the service URL based on the service name from the namespace provided in the metadata file. The previously used filename is only considered as the service name in case the namespace does not not provide the information.

Improvements#

  • OData VDM Generator: use the service name from the namespace provided in the metadata file to construct the service name part of the OData request URL. Fall back to the filename of the metadata file as the service name only if the namespace information is not available.
  • Update dependency to Java libraries of SAP Cloud Application Programming Model (com.sap.cloud.servicesdk.*) from version 1.32.5 to 1.33.0.
  • Remove listeners-all dependencies from projects generated via archetypes since the SAP Cloud SDK Pipeline will inject this dependency during a pipeline run.

3.2.0#

Compatibility Notes#

  • The following methods in the resilience module have been deprecated in favor of the new methods introduced for asynchronous resilient execution: decorateFutureSupplier and executeFutureSupplier in ResilienceDecorator, decorateFutureSupplier and executeFutureSupplier in ResilienceDecorationStrategy.
  • OData VDM: we have added deprecation information to service classes that represent SAP S/4HANA Cloud APIs which are deprecated on the SAP API Business Hub, such as ChangeMasterService, ProcessOrderConfirmationService, and ProductionOrderConfirmationService. Take a look at the corresponding Javadoc and use the appropriate successor service listed therein.

New Functionality#

Improvements#

  • OData VDM Generator: add deprecation information contained in the provided Swagger file of a service to generated service classes.
  • Update dependencies:
    • Java libraries of SAP Cloud Application Programming Model (com.sap.cloud.servicesdk.*) from version 1.32.0 to 1.32.5
    • Caffeine from 2.7.0 to 2.8.0
    • Commons Codec from 1.12.0 to 1.13.0
    • CXF from 3.2.6 to 3.3.2
    • Resilience4J from 0.16.0 to 0.17.0
    • JUnit from 5.5.0-M1 to 5.5.1
    • AssertJ Core from 3.12.2 to 3.13.2
    • Joda Time from 2.10.2 to 2.10.3
  • Reduce log verbosity of ThreadContextExecutor and the accessor classes that use it (e.g. execute... methods in TenantAccessor).

Fixed Issues#

  • OData VDM: Fix an issue with function imports where special characters in query parameters, e.g. spaces, led to wrong URLs.
  • Fix an issue with XsuaaService where it always forcibly used the provider tenant when calling retrieveAccessToken... methods. Now the methods retrieve access tokens for the tenant that called the method.
  • Fix an issue with error handling in functions of MultichainService so that it appropriately throws instances of MultichainException.

3.1.0#

Compatibility Notes#

  • As part of the update of the OData VDM to SAP S/4HANA Cloud 1908, the OutboundDeliveryService has been removed from the SAP API Business Hub and, as a consequence, from the SDK. Use OutboundDeliveryV2Service instead.
  • The destination expected as the second parameter of the attachToService() method of VdmEntity is now mandatory (@Nonnull), rather than nullable because attaching to a service does not work without a destination to designate the target system.

New Functionality#

Improvements#

  • Update dependency to Jackson Databind to version 2.9.9.2 (from 2.9.9.1) in order to fix reported security vulnerabilities.

Fixed Issues#

  • Fix an issue where DefaultHttpDestination failed to load the authentication type, so that authentication was not correctly applied when loading destinations from an environment variable or instantiating DefaultHttpDestination manually.
  • Fix issues with HTTP destinations in the SAP Cloud Platform Neo environment when using EJBs to run code on server startup.

3.0.0#

Known Issues#

When defining destinations via the environment variable destinations, version 3.0.0 does not use basic authentication even if credentials are given. Either update to version 3.1.0 or manually add the following properties to the JSON defining a destination: "authentication": "BasicAuthentication", "authType": "BasicAuthentication".

Compatibility Notes#

  • Update several implementations of destination classes to the new Destination API.

    • Change the Extension Factory destination loader class: Now ScpXfDestinationLoader extends from generic ScpVcapDestinationLoader.
  • Introduce separate enums by a platform for destination retrieval strategy.

    • ScpCfDestinationRetrievalStrategy and ScpNeoDestinationRetrievalStrategy
    • Removed the PLATFORM_DEFAULT value from all destination retrieval strategy enums.
      • Use null values instead, or do not set the parameter at all.
  • Removed the destination retrieval strategy configuration from the DestinationAccessor. It is no longer a global configuration by destination name.

    • Destination retrieval strategy configuration is now stored in instances of the new DestinationOptions class.
    • To set the destination retrieval strategy, use the ScpCfDestinationOptionsHelper or ScpNeoDestinationOptionsHelper with the builder of DestinationOptions.
    • e.g. on Cloud Foundry:
      final DestinationOptions destinationOptions = DestinationOptions.builder()
      .parameter("myParameter", myValue)
      .augmentBuilder(ScpCfDestinationOptionsHelper.augmenter()
      .retrievalStrategy(ScpCfDestinationRetrievalStrategy.SUBSCRIBER_THEN_PROVIDER))
      .augmentBuilder((new MyDestinationOptionsAugmenter())
      .myCustomParameter1(myCustomValue1)
      // any number of custom parameters
      .myCustomParameterN(myCustomValueN))
      // other parameters/augmenters you need
      .build();
  • Use the new ResilienceDecorator class to wrap logic instead of extending the Command class.

  • Configure resilience using the new ResilienceConfiguration class. ResilienceDecorator requires at least a unique identifier configured.

  • Configure caching within the ResilienceConfiguration class by providing an instance of CacheConfiguration class.

    • As a parameter, CacheConfiguration requires at least a value for a duration until the cache entry will be expired.
    • Additional items can be attached as part of the dynamic cache key. If these items are Serializable then the cache key itself automatically becomes serializable as well. This fulfills a requirement for some caching configurations.
    • The caching strategy only works, when a service provider for (JSR-107 / JCache) is registered at runtime.
  • Can provide fallback functions, which are executed when the wrapped code throws exceptions.

  • Ability to configure ResilienceDecorator with a custom function decoration strategy by implementing the ResilienceDecorationStrategy interface.

  • Removed the ODataRequestCommand since it's no longer needed by VDM fluent helpers.

  • Classes ODataServicesQueryCommand, SqlQueryCommand, BapiQueryCommand, RfcQueryCommand, HierarchyQueryCommand, and UserProfileQueryCommand have been removed. The execute() method of queries can be easily wrapped using ResilienceDecorator instead.

  • Removed the asResilientCommand() methods from all VDM fluent helpers. The execute() method of VDM fluent helpers can be easily wrapped using ResilienceDecorator instead.

  • Internal only: Removed the SigningServiceCommand class. Use instead the SigningServiceErpQuerySigner class.

  • Classes referred to with "query" are renamed to "request", in case their main purpose is to read result data.

  • s4hana / connectivity

    com.sap.cloud.sdk.s4hana.connectivity.AbstractQuerySerializer -> com.sap.cloud.sdk.s4hana.connectivity.AbstractRequestSerializer
    com.sap.cloud.sdk.s4hana.connectivity.QueryExecutor -> com.sap.cloud.sdk.s4hana.connectivity.RequestExecutor
    com.sap.cloud.sdk.s4hana.connectivity.QueryResult -> com.sap.cloud.sdk.s4hana.connectivity.RequestResult
    com.sap.cloud.sdk.s4hana.connectivity.QuerySerializer -> com.sap.cloud.sdk.s4hana.connectivity.RequestSerializer
    com.sap.cloud.sdk.s4hana.connectivity.Query -> com.sap.cloud.sdk.s4hana.connectivity.Request
    com.sap.cloud.sdk.s4hana.connectivity.QueryBody -> com.sap.cloud.sdk.s4hana.connectivity.RequestBody
    com.sap.cloud.sdk.s4hana.connectivity.QueryExecutionMeasurements -> com.sap.cloud.sdk.s4hana.connectivity.RequestExecutionMeasurements
    com.sap.cloud.sdk.s4hana.connectivity.SerializedQuery -> com.sap.cloud.sdk.s4hana.connectivity.SerializedRequest
    com.sap.cloud.sdk.s4hana.connectivity.SerializedQueryResult -> com.sap.cloud.sdk.s4hana.connectivity.SerializedRequestResult
    com.sap.cloud.sdk.s4hana.connectivity.exception.QueryExecutionException -> com.sap.cloud.sdk.s4hana.connectivity.exception.RequestExecutionException
    com.sap.cloud.sdk.s4hana.connectivity.exception.QuerySerializationException -> com.sap.cloud.sdk.s4hana.connectivity.exception.RequestSerializationException
  • s4hana / soap

    com.sap.cloud.sdk.s4hana.connectivity.soap.SoapQuery -> com.sap.cloud.sdk.s4hana.connectivity.soap.SoapRequest
  • s4hana / rfc

    com.sap.cloud.sdk.s4hana.connectivity.rfc.BapiQuery-> com.sap.cloud.sdk.s4hana.connectivity.rfc.BapiRequest
    com.sap.cloud.sdk.s4hana.connectivity.rfc.RemoteFunctionQueryErrorHandler-> com.sap.cloud.sdk.s4hana.connectivity.rfc.RemoteFunctionRequestErrorHandler
    com.sap.cloud.sdk.s4hana.connectivity.rfc.RemoteFunctionQueryExecutor -> com.sap.cloud.sdk.s4hana.connectivity.rfc.RemoteFunctionRequestExecutor
    com.sap.cloud.sdk.s4hana.connectivity.rfc.AbstractRemoteFunctionQuery -> com.sap.cloud.sdk.s4hana.connectivity.rfc.AbstractRemoteFunctionRequest
    com.sap.cloud.sdk.s4hana.connectivity.rfc.AbstractRemoteFunctionQueryResult -> com.sap.cloud.sdk.s4hana.connectivity.rfc.AbstractRemoteFunctionRequestResult
    com.sap.cloud.sdk.s4hana.connectivity.rfc.BapiQueryResult -> com.sap.cloud.sdk.s4hana.connectivity.rfc.BapiRequestResult
    com.sap.cloud.sdk.s4hana.connectivity.rfc.RemoteFunctionQueryListener -> com.sap.cloud.sdk.s4hana.connectivity.rfc.RemoteFunctionRequestListener
    com.sap.cloud.sdk.s4hana.connectivity.rfc.RfcQuery -> com.sap.cloud.sdk.s4hana.connectivity.rfc.RfmRequest
    com.sap.cloud.sdk.s4hana.connectivity.rfc.RfcQueryResult -> com.sap.cloud.sdk.s4hana.connectivity.rfc.RfmRequestResult
    com.sap.cloud.sdk.s4hana.connectivity.rfc.RfcTransactionFactory -> com.sap.cloud.sdk.s4hana.connectivity.rfc.RfmTransactionFactory
    com.sap.cloud.sdk.s4hana.connectivity.rfc.SoapRemoteFunctionQuerySerializer -> com.sap.cloud.sdk.s4hana.connectivity.rfc.SoapRemoteFunctionRequestSerializer
  • quality

    com.sap.cloud.s4hana.quality.FileWritingQueryListenerUtil -> com.sap.cloud.s4hana.quality.FileWritingRequestListenerUtil
    com.sap.cloud.s4hana.quality.FileWritingRemoteFunctionQueryListener -> com.sap.cloud.s4hana.quality.FileWritingRemoteFunctionRequestListener
  • cloudplatform / servlet

    com.sap.cloud.sdk.cloudplatform.servlet.response.QueryExecutionErrorResponse -> com.sap.cloud.sdk.cloudplatform.servlet.response.RequestExecutionErrorResponse
  • RequestContext is now ThreadContext

    • New concept of ThreadContextDecorator to allow decorating the callable which is wrapped in a ThreadContext. The difference to ThreadContextListener is that the listener is responsible for setting ThreadContext properties, while the decorator allows decorating the callable that is wrapped in the ThreadContext.
    • Now there is a RequestAccessor
    • Rename RequestContextServletFilter to RequestAccessorFilter
    • DestinationsRequestContextListener has been renamed to HttpClientsThreadContextListener to better reflect its purpose
  • Lenient behavior

  • USE_MOCKED_TENANT, USE_MOCKED_USER, and ALLOW_MOCKED_AUTH_HEADER are no longer available.

  • TenantNotAvailableException etc. were removed and replaced with Option.

  • Principal replaces User.

    • No Locale as part of principal anymore (only available on Neo, cast to ScpNeoPrincipal if needed)
    • No hasAuthorizations method, use authorizations with "contains" method of setting
    • CacheKey and CacheManager have been adjusted accordingly to reflecting naming: the user is now principal
    • AccessDeniedException also now uses "principal" instead of "user" (note, however, that the AccessDeniedResponse still exposes "user" to remain compatible on REST API level).
  • LocalScopePrefixProvider now uses Try instead of throwing exceptions that were previously not declared on the API.

  • Remove ErpEdition (also removed in the mocking of ErpSystem)

  • Accessors now use vavr in more places (offering methods returning Try).

  • TenantAccessor, PrincipalAccessor, AuthTokenAccessor, and RequestAccessor now support on-behalf execution, with-fallback execution, and a global fallback.

  • SapPassportBuilder now uses the following defaults:

    • "SAP_CLOUD_SDK_APPLICATION" instead of "S4SDK_APPLICATION"
    • "SAP_CLOUD_SDK_USER" instead of "S4SDK_USER"
    • "SAP_CLOUD_SDK_REQUEST" instead of "S4SDK_REQUEST"
  • Add a new module security-servlet containing servlet-based security filters. Note that this may require that you add the following dependency to your project if you rely on these web filters:

    <dependency>
    <groupId>com.sap.cloud.s4hana.cloudplatform</groupId>
    <artifactId>security-servlet</artifactId>
    </dependency>
  • Remove CloudLoggerFactory along with pipeline rule

  • MockUtil no longer mocks platform-specific classes, but only interface. Mock the facade manually, if you have to rely on the specific class.

  • MockUtil no longer offers methods for mocking destinations or servers with the default destination name "MyDestination". The destination name now is a mandatory parameter.

  • The following maven dependencies have been updated:

LibraryVersion used in SDK 2.XVersion used in SDK 3.X
bcpkix-jdk15on1.61.62
bcprov-jdk15on1.61.62
guava27.0.1-jre28.0-jre
plexus-utils3.1.03.2.0
lombok1.18.21.18.8
javax.ejb:javax.ejb-api3.23.2.2
javax.servlet:javax.servlet-api3.1.04.0.1
javax.ws.rs:javax.ws.rs-api2.02.1.1
org.eclipse.jetty:apache-jsp9.4.17.v201904189.4.17.v20190418
org.jboss.arquillian.config:arquillian-config-api1.4.0.Final1.4.1.Final
byte-buddynot used1.9.13
commons-codec1.111.12
commons-lang33.8.13.9
commons-text1.41.7
httpclient4.5.64.5.9
httpcore4.4.104.4.11
assertj-core3.12.03.12.2
hibernate-core5.0.12.Final5.4.3.Final
eclipselink2.7.3-RC12.7.4
java-jwt3.4.03.8.1
javax.persistence2.1.02.2.1
joda-time2.102.10.2
jooq3.6.23.11.11
jsoup1.11.31.12.1
liquibase-core3.6.23.6.3
spring-security-oauth2.3.4.RELEASE2.3.6.RELEASE
tomcat-annotations-api8.5.408.5.42
tomcat-jdbc8.5.408.5.42
io.rest-assured:json-path3.2.04.0.0
javax:javaee-api7.08.0.1
javax.validation:validation-api1.1.0.Final2.0.1.Final
org.assertj:assertj-guava3.2.03.2.1
org.hibernate.validator:hibernate-validator6.0.13.Final6.0.17.Final
lombok-maven-plugin1.18.2.01.18.6.0
javax.cache:cache-api1.0.01.1.1
vavr0.9.20.9.3
wiremock2.19.02.20.0
io.github.resilience4j:resilience4j-bulkhead0.14.00.16.0
io.github.resilience4j:resilience4j-cache0.14.00.16.0
io.github.resilience4j:resilience4j-timelimiter0.14.00.16.0
  • The dependency org.checkerframework:checker-qual has been excluded entirely. That is, it is neither a direct dependency of the SDK anymore, nor is it a transitive dependency of both Caffeine and Guava.

  • Renamed/Moved Modules. Our goals with the renaming were the following:

    • Use the prefix com.sap.cloud.sdk instead of com.sap.cloud.s4hana.
    • Make all artifact ids unique, so that tools gradle can easily consume our modules.
    • The term s4hana in the group id is only used if the contained module is in some way specific for SAP S/4HANA.
    • Remove all obsolete modules.
v2.19.2v3.0.0
com.sap.cloud.s4hana.archetypes:archetypes-parentcom.sap.cloud.sdk.archetypes:archetypes-parent
com.sap.cloud.s4hana.archetypes:scp-cf-springcom.sap.cloud.sdk.archetypes:scp-cf-spring
com.sap.cloud.s4hana.archetypes:scp-cf-tomcat
com.sap.cloud.s4hana.archetypes:scp-cf-tomeecom.sap.cloud.sdk.archetypes:scp-cf-tomee
com.sap.cloud.s4hana.archetypes:scp-neo-javaee7com.sap.cloud.sdk.archetypes:scp-neo-javaee7
com.sap.cloud.s4hana.cloudplatform:auditlogcom.sap.cloud.sdk.cloudplatform:auditlog
com.sap.cloud.s4hana.cloudplatform:auditlog-scp-cfcom.sap.cloud.sdk.cloudplatform:auditlog-scp-cf
com.sap.cloud.s4hana.cloudplatform:auditlog-scp-neocom.sap.cloud.sdk.cloudplatform:auditlog-scp-neo
com.sap.cloud.s4hana.cloudplatform:cachingcom.sap.cloud.sdk.cloudplatform:caching
com.sap.cloud.s4hana.cloudplatform:cloudplatform-parentcom.sap.cloud.sdk.cloudplatform:cloudplatform-parent
com.sap.cloud.s4hana.cloudplatform:concurrency-scp-neocom.sap.cloud.sdk.cloudplatform:concurrency-scp-neo
com.sap.cloud.s4hana.cloudplatform:connectivitycom.sap.cloud.sdk.cloudplatform:cloudplatform-connectivity
com.sap.cloud.sdk.cloudplatform:cloudplatform-connectivity-scp
com.sap.cloud.s4hana.cloudplatform:connectivity-scp-cfcom.sap.cloud.sdk.cloudplatform:cloudplatform-connectivity-scp-cf
com.sap.cloud.s4hana.cloudplatform:connectivity-scp-neocom.sap.cloud.sdk.cloudplatform:cloudplatform-connectivity-scp-neo
com.sap.cloud.s4hana.cloudplatform:corecom.sap.cloud.sdk.cloudplatform:cloudplatform-core
com.sap.cloud.s4hana.cloudplatform:core-scp-cfcom.sap.cloud.sdk.cloudplatform:cloudplatform-core-scp-cf
com.sap.cloud.s4hana.cloudplatform:core-scp-neocom.sap.cloud.sdk.cloudplatform:cloudplatform-core-scp-neo
com.sap.cloud.s4hana.cloudplatform:meteringcom.sap.cloud.sdk.cloudplatform:metering
com.sap.cloud.s4hana.cloudplatform:metering-scp-neocom.sap.cloud.sdk.cloudplatform:metering-scp-neo
com.sap.cloud.sdk.cloudplatform:resilience
com.sap.cloud.s4hana.cloudplatform:sap-passportcom.sap.cloud.sdk.cloudplatform:sap-passport
com.sap.cloud.s4hana.cloudplatform:scp-cfcom.sap.cloud.sdk.cloudplatform:scp-cf
com.sap.cloud.s4hana.cloudplatform:scp-neocom.sap.cloud.sdk.cloudplatform:scp-neo
com.sap.cloud.s4hana.cloudplatform:securitycom.sap.cloud.sdk.cloudplatform:security
com.sap.cloud.s4hana.cloudplatform:security-scp-cfcom.sap.cloud.sdk.cloudplatform:security-scp-cf
com.sap.cloud.s4hana.cloudplatform:security-scp-neocom.sap.cloud.sdk.cloudplatform:security-scp-neo
com.sap.cloud.sdk.cloudplatform:security-servlet
com.sap.cloud.s4hana.cloudplatform:servletcom.sap.cloud.sdk.cloudplatform:servlet
com.sap.cloud.s4hana.cloudplatform:tenantcom.sap.cloud.sdk.cloudplatform:tenant
com.sap.cloud.s4hana.cloudplatform:tenant-scp-cfcom.sap.cloud.sdk.cloudplatform:tenant-scp-cf
com.sap.cloud.s4hana.cloudplatform:tenant-scp-neocom.sap.cloud.sdk.cloudplatform:tenant-scp-neo
com.sap.cloud.s4hana.datamodel:bapi-api
com.sap.cloud.s4hana.datamodel:bapi-generator
com.sap.cloud.s4hana.datamodel:bapi-parent
com.sap.cloud.s4hana.datamodel:messaging-apicom.sap.cloud.sdk.s4hana:s4hana-api-messaging
com.sap.cloud.sdk.datamodel:datamodel-parent
com.sap.cloud.s4hana.datamodel:messaging-corecom.sap.cloud.sdk.datamodel:messaging-core
com.sap.cloud.s4hana.datamodel:messaging-generatorcom.sap.cloud.sdk.datamodel:messaging-generator
com.sap.cloud.s4hana.datamodel:messaging-jmscom.sap.cloud.sdk.datamodel:messaging-jms
com.sap.cloud.s4hana.datamodel:messaging-parentcom.sap.cloud.sdk.datamodel:messaging-parent
com.sap.cloud.s4hana.datamodel:odata-apicom.sap.cloud.sdk.s4hana:s4hana-api-odata
com.sap.cloud.s4hana.datamodel:odata-corecom.sap.cloud.sdk.datamodel:odata-core
com.sap.cloud.s4hana.datamodel:odata-generatorcom.sap.cloud.sdk.datamodel:odata-generator
com.sap.cloud.s4hana.datamodel:odata-generator-clicom.sap.cloud.sdk.datamodel:odata-generator-cli
com.sap.cloud.s4hana.datamodel:odata-generator-maven-plugincom.sap.cloud.sdk.datamodel:odata-generator-maven-plugin
com.sap.cloud.s4hana.datamodel:odata-parentcom.sap.cloud.sdk.datamodel:odata-parent
com.sap.cloud.s4hana.frameworks:cxfcom.sap.cloud.sdk.frameworks:cxf
com.sap.cloud.s4hana.frameworks:eclipselinkcom.sap.cloud.sdk.frameworks:eclipselink
com.sap.cloud.s4hana.frameworks:eclipselink-javaeecom.sap.cloud.sdk.frameworks:eclipselink-javaee
com.sap.cloud.s4hana.frameworks:frameworks-parentcom.sap.cloud.sdk.frameworks:frameworks-parent
com.sap.cloud.s4hana.frameworks:hystrix
com.sap.cloud.s4hana.frameworks:hystrix-scp-neo
com.sap.cloud.s4hana.frameworks:javaeecom.sap.cloud.sdk.frameworks:javaee
com.sap.cloud.s4hana.frameworks:jaxrscom.sap.cloud.sdk.frameworks:jaxrs
com.sap.cloud.s4hana.frameworks:jaxrs-gsoncom.sap.cloud.sdk.frameworks:jaxrs-gson
com.sap.cloud.s4hana.frameworks:liquibasecom.sap.cloud.sdk.frameworks:liquibase
com.sap.cloud.s4hana.frameworks:liquibase-javaeecom.sap.cloud.sdk.frameworks:liquibase-javaee
com.sap.cloud.sdk.frameworks:resilience4j
com.sap.cloud.s4hana.frameworks:spring-boot-multitenancy-scp-cfcom.sap.cloud.sdk.frameworks:spring-boot-multitenancy-scp-cf
com.sap.cloud.s4hana.frameworks:spring-webcom.sap.cloud.sdk.frameworks:spring-web
com.sap.cloud.s4hana.frameworks:togglzcom.sap.cloud.sdk.frameworks:togglz
com.sap.cloud.s4hana.plugins:plugins-parentcom.sap.cloud.sdk.plugins:plugins-parent
com.sap.cloud.s4hana.plugins:s4sdk-maven-plugincom.sap.cloud.sdk.plugins:scp-neo-maven-plugin
com.sap.cloud.s4hana.plugins:scp-neo-maven-plugincom.sap.cloud.sdk.plugins:usage-analytics
com.sap.cloud.s4hana.plugins:usage-analyticscom.sap.cloud.sdk.plugins:usage-analytics-maven-plugin
com.sap.cloud.s4hana.quality:commoncom.sap.cloud.sdk.quality:common
com.sap.cloud.s4hana.quality:httpclient-listenercom.sap.cloud.sdk.quality:httpclient-listener
com.sap.cloud.s4hana.quality:listeners-allcom.sap.cloud.sdk.quality:listeners-all
com.sap.cloud.s4hana.quality:odata-querylistenercom.sap.cloud.sdk.quality:odata-querylistener
com.sap.cloud.s4hana.quality:pmd-plugincom.sap.cloud.sdk.quality:pmd-plugin
com.sap.cloud.s4hana.quality:pmd-rulescom.sap.cloud.sdk.quality:pmd-rules
com.sap.cloud.s4hana.quality:quality-parentcom.sap.cloud.sdk.quality:quality-parent
com.sap.cloud.s4hana.quality:rfc-querylistenercom.sap.cloud.sdk.quality:rfc-querylistener
com.sap.cloud.s4hana.services:blockchaincom.sap.cloud.sdk.services:blockchain
com.sap.cloud.s4hana.services:recast-aicom.sap.cloud.sdk.services:recast-ai
com.sap.cloud.s4hana.services:scp-blockchaincom.sap.cloud.sdk.services:scp-blockchain
com.sap.cloud.sdk.services:scp-business-logging-core
com.sap.cloud.s4hana.services:scp-kernel-servicescom.sap.cloud.sdk.services:scp-kernel-services
com.sap.cloud.s4hana.services:scp-machine-learningcom.sap.cloud.sdk.services:scp-machine-learning
com.sap.cloud.s4hana.services:services-parentcom.sap.cloud.sdk.services:services-parent
com.sap.cloud.s4hana.tests:end-to-end-testscom.sap.cloud.sdk.tests:end-to-end-tests
com.sap.cloud.s4hana.tests:integration-testscom.sap.cloud.sdk.tests:integration-tests
com.sap.cloud.s4hana.tests:odata-generator-testscom.sap.cloud.sdk.tests:odata-generator-tests
com.sap.cloud.s4hana.tests:performance-testscom.sap.cloud.sdk.tests:performance-tests
com.sap.cloud.s4hana.tests:tests-parentcom.sap.cloud.sdk.tests:tests-parent
com.sap.cloud.s4hana.tests:unit-testscom.sap.cloud.sdk.tests:unit-tests
com.sap.cloud.s4hana:authorizations
com.sap.cloud.s4hana:connectivitycom.sap.cloud.sdk.s4hana:s4hana-connectivity
com.sap.cloud.s4hana:connectivity-abap
com.sap.cloud.s4hana:corecom.sap.cloud.sdk.s4hana:s4hana-core
com.sap.cloud.s4hana:datamodel
com.sap.cloud.s4hana:fluent-resultcom.sap.cloud.sdk.datamodel:fluent-result
com.sap.cloud.s4hana:hierarchy
com.sap.cloud.s4hana:odata-service-discovery
com.sap.cloud.s4hana:plainstring
com.sap.cloud.s4hana:rfccom.sap.cloud.sdk.s4hana:rfc
com.sap.cloud.s4hana:rfc-json
com.sap.cloud.s4hana:s4hana-allcom.sap.cloud.sdk.s4hana:s4hana-all
com.sap.cloud.s4hana:s4hana-parentcom.sap.cloud.sdk.s4hana:s4hana-parent
com.sap.cloud.sdk.s4hana:s4hana-api-parent
com.sap.cloud.s4hana:sdk-bomcom.sap.cloud.sdk:sdk-bom
com.sap.cloud.s4hana:sdk-modules-bomcom.sap.cloud.sdk:sdk-modules-bom
com.sap.cloud.s4hana:sdk-parentcom.sap.cloud.sdk:sdk-parent
com.sap.cloud.s4hana:signing
com.sap.cloud.s4hana:soapcom.sap.cloud.sdk.datamodel:soap
com.sap.cloud.s4hana:sql
com.sap.cloud.s4hana:tables
com.sap.cloud.s4hana:testutilcom.sap.cloud.sdk.testutil:testutil-core
com.sap.cloud.sdk.testutil:testutil-parent
com.sap.cloud.s4hana:testutil-resourcescom.sap.cloud.sdk.testutil:testutil-resources
com.sap.cloud.s4hana:userprofile

New Functionality#

  • Provide builders to construct destinations explicitly by providing values for properties in code, for example, DefaultHttpDestination.builder or ScpCfHttpDestination.builder.
  • Give more control when loading a destination by providing DestinationOptions.
    • Different destination loaders such as ScpCfDestinationLoader or ScpNeoDestinationLoader will consider different options that give fine-granular control over the behavior when loading the destination (for example, if provider or subscriber destinations shall take precedence).
    • Construct a DestinationOptions instance via the builder method.
    • Use the augmentBuilder method to set configuration parameters that are specific to a loader (platform or environment) using an appropriate class implementing DestinationOptionsAugmenter.
  • Execute code (given as Callable or Executable) by overriding (that is, "on-behalf of") the Tenant, Principal, or AuthToken of the context in TenantAccessor, PrincipalAccessor, and AuthTokenAccessor.
    • At the example of TenantAccessor.executeWithTenant, the given callable/executable will be executed in a context where the given tenant is set as the current tenant.
    • In addition to overriding, provide the option to set a fallback for a single execution (for example, with TenantAccessor.executeWithFallbackTenant) or globally (for example, with TenantAccessor.setFallbackTenant). Whenever, for example, a tenant is requested but not available, the SDK will retrieve a fallback tenant from the given supplier.
  • Offer access to the current request, if available, via the new RequestAccessor and allow overriding the request and providing a fallback request when executing code.
  • Make XsuaaService public for communicating with a given XSUAA service on SAP Cloud Platform, Cloud Foundry.

Improvements#

  • Decouple the implementation of resilient behavior from a concrete framework with the generic functional-style adapters in com.sap.cloud.sdk.cloudplatform.resilience. Provide default implementation of resilience using resilience4j as underlying library.
    • Provide ResilienceDecorator as the entry point for wrapping any code (callable or supplier) with resilient behavior.
    • Provide ResilienceConfiguration
  • Allow using any JSR-107 (JCache) compliant library for caching as part of resilience.
  • Allow nesting of ThreadContexts.
  • Improve log output on log level "debug" for DefaultMessageDelegator to improve error inspection in the messaging core module.
Last updated on by cloud-sdk-js