Technical Articles
SAP CPI – HTTP Tracing using Own Echo Service
I often test the API(s) required for Interface development in postman before using them in SAP CPI IFlow. Postman gives me the flexibility to see the Raw HTTP request that worked successfully to invoke the API. I wish there was a possibility in SAP CPI to view the Raw HTTP request similarly.
Because it’s not there yet, I end up using HTTP Bin which replies the actual request message as a response for various HTTP Methods for sniffing. Other options are to use the Request Catcher as explained in the Blog How to sniff SAP CPI and SAP PO requests or use mitmproxy as explained in the HTTPS tracing and debugging: (4) Cloud to cloud (using Cloud Foundry) blog. Each method has it’s own merits, I won’t discuss it here.
Challenge
Often I use HTTB Bin or Request Catcher from SAP CPI or SAP APIM for tracing HTTP traffic. In use cases where I had to inspect the OAUTH Flow, JWT Token Flow, OAUTH2SAMLBearer assertion, etc I had no option to anonymize security artifacts, but at the same time concerned using an Internet service to inspect it. So I wrote a Node JS application that act as an Echo Service and deployed it to the SAP Cloud Platform. With this set-up, I no longer worry about the data sent for HTTP tracing.
I thought to share it with the community so it could be of use to someone someday.
How to Deploy the Echo Service Application
- Download or Clone Echoservice from Git repository
- Open Command prompt and navigate to the Echoservice folder in the repository.
- Login to Cloud Foundry
cf login -a https://api.cf.eu10.hana.ondemand.com
- Push the APP to Cloud Foundry.
(Change the App Name and route from manifest.yml if not available in your region)cf push
- Verify the deployment and fetch App URL
cf apps
How to use in IFlow
Testing
Invoke the SAP CPI Interface from postman or from the Sender system with trace mode turned on. Upon message execution, you will find the EchoService reply Original request in the below format.
{
"uri": "<URL Path of http Call>",
"method": "<HTTP Method>",
"headers": {
"<Request Header Name>": "<Request Header Value>"
},
"params": {
"<Query Parameter Name>": "<Query Parameter Value>"
},
"data": "<Request Body>"
}
Or you can find the HTTP Traffic information in CF Logs as below.
cf logs echoservice --recent | findstr /L APP/PROC/WEB/0
In the next blog SAP APIM – Route Service plan to Manage Cloud Foundry Apps, I will show how to manages this Cloud Foundry Micro Service using SAP API Management Route service.
Another nice blog post. Thanks for sharing! Noted it down for the case of sensitive HTTP tracing needs.
Regards,
Fatih
Hi Guys,
Is there a way to find which IP address was used by CPI to send requests for each transmission ?
Thanks
Saurabh
Santhosh Kumar Vellingiri
Hi Santosh - Nice Blog cheers.
I wanted to check regards X-dynaTrace in http header generated and sent to consumer application. Though headers are disabled at SAP CPI end due to this invalid chars the message is failed to consume at end application.
Flow looks like SAP CPI -> EMP (kafka) -> Consumer app(.NET)