Use the SAP Cloud SDK in the Browser
Using SAP Cloud SDK for frontend use cases (in the browser) is not recommended in general, the tips shown in this document are just workaround and therefore might not work.
Because of the specifics of a browser environment, some SAP Cloud SDK features might be unavailable. To help you get up and running faster in a browser, this document outlines the main steps and caveats of using SAP Cloud SDK on the frontend. Both Angular and React applications are used to illustrate the usage.
Prerequisite
A frontend application set up using either of the following:
- Angular application via
ng new my-app
- React application via
npx create-react-app my-app
. Rewire the create-react-app project using react-app-rewired or other alternatives. This creates aconfig-overrides.js
file in the root directory which can be used to override the settings for various webpack modules.
Include the SAP Cloud SDK
The example below uses the business partner API. To learn how to generate an API client from a service definition, refer to this article.
//In the .html part of the component
<button (click)="callApi()">Click me!</button>
//In the .ts part of the component
import { businessPartnerService } from './generated/business-partner-service';
const { businessPartnerApi } = businessPartnerService();
async function callApi(){
const result = await businessPartnerApi.requestBuilder().getAll().execute(myDest)
console.log(result)
}
For the destination lookup, the SAP Cloud SDK relies on Node.js functionality, e.g., process.env
.
However, the request building, execution, and result parsing do not require any Node.js modules and can be used on the frontend.
Hence, create the destination variable myDest
manually.
Executing npm run build
will result in compilation errors of the kind shown below:
Module not found: Error: Can't resolve 'https' in
Check out the workaround for resolving such errors.
Run Locally
As discussed above, the myDest
can not be fetched via the destination service.
Create and pass the variable when running locally.
import { Destination } from '@sap-cloud-sdk/connectivity';
const myDest: Destination = {
url: 'https://my123456.s4hana.ondemand.com',
username: 'myUser',
password: 'myPassowrd'
};
Executing npm run serve
compiles the project and hosts the application on a local server.
All modern browsers block requests triggered from a browser to a remote system to ensure same origin policy.
One simple way to overcome this issue locally is to disable the web security of the browser temporarily (e.g. --disable-web-security
for Chrome).
Alternatively, create a second localhost proxy server that adds the access-allow-origin-header
to the request.
Run on SAP BTP, Cloud Foundry Environment
For productive usage, the methods mentioned above for running locally are not needed.
Configure the xs-app.json
file of the approuter with an entry as shown below:
{
"source": "/REMOTE_SYSTEM_IDENTIFIER/(.*)",
"target": "/$1",
"destination": "DESTINATION_NAME_ON_CF"
}
and then, in the application, define the destination as follows:
import { Destination } from '@sap-cloud-sdk/connectivity';
const myDest: Destination = {
url: '/REMOTE_SYSTEM_IDENTIFIER'
};
The created request to /REMOTE_SYSTEM_IDENTIFIER/sap/opu/odata/sap/API_BUSINESS_PARTNER/A_BusinessPartner
will be matched by the approuter and the destination with the given URL and credentials is used.
The approuter establishes a session with the client (browser) using a session cookie. This session contains elements like the redirect URL, OAuth token, OAuth scopes, etc. OAuth token is a JSON Web Token (JWT) that is fetched from the UAA and forwarded to backend services in the Authorization header. The client never gets this token.
For a detailed understanding of session handling in the application router, refer to the documentation here.
This approach does not support principal propagation to on-premise systems. For this, you need a JWT and need to include the proper header fields defining the user. See the documentation on on-premise systems for details.
With webpack, it is possible to load resources for local or productive usage. Using such a switch, you can adjust the value of the destination for the two cases.
Workaround
Webpack version 5 removed the automatic node.js polyfills and they need to be added manually. An error message during the compilation from TS to JS provides a hint on how to achieve that.
Angular
-
Add the corresponding library of the node.js core modules or the browserified version in
devDependencies
in yourpackage.json
file -
Include
@angular-builders/custom-webpack
indevDependencies
-
Create a custom webpack configuration named
node-webpack.config.js
and list the node modulesmodule.exports = {
resolve: {
alias: {
process: 'process/browser',
https: 'agent-base',
http: 'agent-base'
},
fallback: {
url: false,
os: false,
assert: false,
constants: false,
zlib: false,
path: false,
http: false,
util: require.resolve('util/'),
process: require.resolve('process/browser'),
stream: require.resolve('stream-browserify'),
buffer: require.resolve('buffer'),
crypto: require.resolve('crypto-browserify'),
https: require.resolve('https-browserify')
}
},
plugins: [new ProvidePlugin({ process: 'process/browser' })]
}; -
In the
angular.json
file, adjust thebuild
target to use the custom builder and setpath
to the custom confignode-webpack.config.js
defined above"build": {
"builder": "@angular-builders/custom-webpack:browser",
"options": {
"customWebpackConfig": {
"path": "./node-webpack.config.js"
}
} -
In the
angular.json
file, adjust theserve
target to use the custom builder as well"serve": {
"builder": "@angular-builders/custom-webpack:dev-server", -
In the
package.json
file, exclude the node modules that do not exist in the browser"browser": {
"fs": false,
"net": false,
"tls": false
} -
Proxy any requests to your API server in development by adding a
proxy.config.json
file in/src
folder This avoids the CORS issues.{
"/api/*": {
"target": "REMOTE_SYSTEM_IDENTIFIER",
"secure": true,
"logLevel": "debug",
"changeOrigin": true
}
}Since the base path has been set in the proxy config, change the value of the
url
property inmyDest
to/
. In theangular.json
file, adjust theserve
options to includeproxyConfig
."proxyConfig": "src/proxy.conf.json"
React
-
Add the corresponding library of the core node.js modules in
devDependencies
in yourpackage.json
file. Add thereact-app-rewired
dependency and adjust the existing calls toreact-scripts
in npm scripts forstart
,build
andtest
"start": "react-app-rewired start"
-
In the
config-overrides.js
file, list the core node modulesmodule.exports = function override(config, env) {
config.ignoreWarnings = [/Failed to parse source map/];
config.resolve.alias = {
https: 'agent-base',
http: 'agent-base'
};
config.resolve.fallback = {
os: false,
url: false,
https: false,
http: false,
fs: false,
path: false,
assert: false,
zlib: false,
tls: false,
net: false,
constants: false,
util: require.resolve('util'),
process: require.resolve('process/browser'),
stream: require.resolve('stream-browserify'),
buffer: require.resolve('buffer'),
console: require.resolve('console-browserify'),
crypto: require.resolve('crypto-browserify'),
https: require.resolve('https-browserify')
};
config.plugins = [
...config.plugins,
new ProvidePlugin({
Buffer: ['buffer', 'Buffer']
}),
new ProvidePlugin({
process: 'process/browser'
}),
new NormalModuleReplacementPlugin(/^node:/, resource => {
resource.request = resource.request.replace(/^node:/, '');
})
];
return config;
}; -
Proxy any requests to your API server in development by adding a proxy field to the
package.json
file. This avoids the CORS issues."proxy": "REMOTE_SYSTEM_IDENTIFIER",
Since the base path has been set in the proxy, change the value of the
url
property inmyDest
to/
cautionThis proxy is only for development. You need to ensure that API URLs point to the right target in production.
Now, the project should build and run locally.