Application modernization with Google Cloud Platform: API Management with Apigee

It has been a very long time since my last blog on SCN and even if I left SAP I’m still very close to the SAP ecosystem.

Today I would like to share with you my experience in Application modernization with Google Cloud Platform and in this first episode we will focus on Apigee as the API Management platform for SAP OData endpoints.

I think you may already familiar with the concept of APIs, but the great advantage of using APIs is that we can securely and easily create public endpoints that can be consumed by different consumers such as Mobile Applications, Vendors’ and/or Consumer integrations, or other services.

In this blog we will use the well know SAP ES5 Gateway system to expose an SAP OData end point using Apigee.

The scope of this blog is to give the architecture best practices and the code to extend, change and adapt the scope of the API proxy to your specific needs.

The sample code is not intended for production usage. 

You need few prerequisites in order to proceed with this demo:

1. An account on the Gateway Demo System (ES5)
2. A trial account on Apigee platform

Let’s quick verify that we are all set to start. We can perform a quick check calling the SAP OData endpoint on the ES5 demo system at https://sapes5.sapdevcenter.com/sap/opu/odata/iwbep/GWDEMO/SalesOrderCollection

If everything works as expected you should get a response similar to the one below:

In this step you will create an API proxy that connects to the SAP OData endpoint on the SAP Gateway ES5

1. Login to Apigee Edge.
2. Click on Develop > API Proxies to create an API Proxy.

Open API Proxies

3. Click on +Proxy on the top right to create a new API Proxy
4. Select the Reverse proxy (most common) option in the list.
5. In the following wizard, we will need to define few parameters for the API proxy:

API Proxy Create

6. Click Next
7. Set up the common policies enabling the API Key and the Quota

API Proxy Policies

8. Click Next
9. Set up the Virtual host leaving the default value as below

API Proxy Virtual host

10. Click Next
11. In the summary section check the test deployment

API Proxy Summary

12. Click Create and deploy
13. The system creates and deploys the API proxy

API Proxy Deploy

In this section we introduce few steps that are very common in SAP OData management with API: backend authentication and payload management.

Apigee provides multiple authentication methods such as Basic, OAuth and SAML2 Authentication. These based on the application context of the API can be preferred one over the others.

Specifically to the demo context, we will use a Basic Authentication.

The first best practice for implementing Basic Authentication is to store the credential in a secure store in Apigee, this is the Key Value Maps (KVM).

1. Click on Admin > Environments > Key Value Maps.

Open KVM

2. Switch from Prod to test using the drop down on the top left
3. Click on +Key value map on the top right to create a new KVM
4. In the popup add a name for the KVM and check Encrypted

Create KVM

5. Click on the newly created KVM and create two keys

Create key

Our credential are now stored in a safe place, we can now proceed and introduce the Basic Authentication.

1. Navigate to the API proxies Develop > API Proxies as done before
2. Click on the API proxy SalesOrders that we just created
3. This opens the API proxy overview with all the basic information of our API proxy

API Proxy overview

4. Switch to the develop tab from the top right

API Proxy develop

5. The API proxy develop opens
6. First we add a step in the request to read the KVM value
7. Click on the + Step button in the top flow (Request)

API Proxy add policy

8. In the list look for Key Value Map Operations
9. Select the policy and click Add

API Proxy KVM

10. Select the new policy element in the flow
11. Edit the policy configuration XML using the following code

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<KeyValueMapOperations async="false" continueOnError="false" enabled="true" name="Key-Value-Map-Operations-1" mapIdentifier="ES5"> 
     <DisplayName>Key Value Map Operations-1</DisplayName> 
     <Properties/> 
     <ExclusiveCache>false</ExclusiveCache> 
     <ExpiryTimeInSecs>300</ExpiryTimeInSecs> 
     <Get assignTo="private.username"> 
          <Key> 
               <Parameter>user</Parameter> 
          </Key> 
     </Get>
     <Get assignTo="private.password"> 
          <Key> 
               <Parameter>password</Parameter> 
          </Key> 
     </Get>
     <Scope>environment</Scope>
</KeyValueMapOperations>

1. Next step we add the Basic Authentication policy
2. Click on the + Step button in the top flow
3. In the list look for Basic Authentication and click Add

API Proxy Basic Authentication

4. In the policy configuration XML paste the following code

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<BasicAuthentication async="false" continueOnError="false" enabled="true" name="Basic-Authentication-1">
     <DisplayName>Basic Authentication-1</DisplayName>
     <Operation>Encode</Operation>
     <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
     <User ref="private.username"/>
     <Password ref="private.password"/>
     <AssignTo createNew="false">request.header.Authorization</AssignTo>
     <Source>request.header.Authorization</Source>
</BasicAuthentication>

In this final step, we will convert the default SAP XML Atom payload in a more API friendly JSON format

1. Click on the + Step button in the bottom flow (Response)

API Proxy add policy

2. In the list look for XML to JSON and click Add

APi Proxy XML to JSON

3. Open the XML policy configuration and change the Output variable to sap.body

API Proxy Javascript

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<XMLToJSON async="false" continueOnError="false" enabled="true" name="XML-to-JSON-1">
    <DisplayName>XML to JSON-1</DisplayName>
    <Properties/>
    <Format>yahoo</Format>
    <OutputVariable>sap.body</OutputVariable>
    <Source>response</Source>
</XMLToJSON>

Simplify the SAP payload

The SAP OData payload has many information that enrich the response with many extra information that can increase the complexity of an API consumer. With a simple javascript we will extract only the relevant information.

1. Click on the + Step button in the bottom flow (Response)
2. In the list look for Javascript and click Add

API Proxy Javascript

3. Select the js script source and copy and paste the code below

API Proxy Javascript code

var resp = context.getVariable('sap.body');
var data = JSON.parse(resp);

var newContent = JSON.parse('{"salesOrders":[]}');

var salesOrder = data.feed.entry;
for(var entry in salesOrder) {
    newContent.salesOrders[entry] = salesOrder[entry].content.properties;
}

context.setVariable("sap.response",JSON.stringify(newContent));

Assign the new payload to the response

1. Click on the + Step button in the bottom flow (Response)
2. In the list look for Assign Message and click Add

API Proxy Assign Message

3. Open the XML policy configuration and change the content as below

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage name="AssignResponsePayload">
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <Set>
        <Payload contentType="application/json">{sap.response}</Payload>
    </Set>
</AssignMessage>

1. Your API flow should look like this

API Proxy flow

2. Click the Save button

In this step we will create an API product that contain the API proxy the we just created and allows us to register it against an application

1. Click on Publish > API Products to create an API Product.

Open API Products

2. Click on +API Product on the top right
3. In the following wizard, we will need to define few parameters for the API product:

4. In the API resources section, click on Add a proxy
5. Select the newly created proxy SalesOrder

API Products details

6. Click Save

In this final step we will create an Application that consumes our APIs

1. Click on Publish > Apps to create an Application.

Open API Products

1. Click on +App on the top right to create a new Application {value=2}
2. In the following wizard, we will need to define few parameters for the application:

4. In the Credentials section, click on Add product
5. Select the newly created product Order to cash

Application details

6. Click Create

In this final section we will test the API created.

1. Open your application and click on the show button to see the API Key associated to the application

Application API key

2. Open a web browser (yes, Chrome is preferred)
3. Browse to the URL https://<your org>.apigee.net/salesorders?apikey=<your apikey>

Note: The full URL can be verified in the Overview tab of the API Proxy

4. The output should be similar to the below

Final output

The API created has a very basic endpoint, you can have a more advanced API importing a preconfigured API proxy into your Apigee organization.

This new API proxy includes enhanced javascript code (Javascript-1.js and Javascript-2.js) to handle different navigations in the SAP OData endpoint such search for a single sales order, display the details of a single sales order and the sales order items associated to a specific sales order.

1. Download the apigee proxy zip file into your local PC

gsutil cp gs://public-demo-assets/apigee/SalesOrders_apiproxy.zip ./

Note: the code is stored in a public Google Cloud Storage Bucket and you’ll need gsutil tool to download it

2. Upload the API proxy in your Apigee dashboard selecting Upload proxy bundle

Upload Proxy Bundle

3. Deploy the proxy
4. Include it in the Order to cash API product

This demonstration shows how we can easily expose standard SAP OData endpoint in more modern and standardized Rest Odata to be consumed by any application. In my next blog we will start modernizing the access to SAP utilizing a Chatbot build using Dialogflow CX.