From e86486901fdd8a72a882b34268d4442cf05c29b6 Mon Sep 17 00:00:00 2001
From: Oliver Klemenz <oliver.klemenz@sap.com>
Date: Wed, 19 Feb 2025 13:43:56 +0100
Subject: [PATCH] Update

---
 README.md                                     | 13 ++++------
 bin/afc.js                                    |  3 ++-
 bin/commands/api.js                           | 24 ++++++++++++++++---
 package-lock.json                             |  8 +++----
 package.json                                  |  2 +-
 .../__snapshots__/provider.test.js.snap       |  2 +-
 test/scheduling/provider.test.js              | 13 ++++++----
 7 files changed, 43 insertions(+), 22 deletions(-)

diff --git a/README.md b/README.md
index 203b50a..edae73f 100644
--- a/README.md
+++ b/README.md
@@ -5,13 +5,14 @@
 [![REUSE status](https://api.reuse.software/badge/github.com/cap-js-community/sap-afc-sdk)](https://api.reuse.software/info/github.com/cap-js-community/sap-afc-sdk)
 [![Main CI](https://github.com/cap-js-community/sap-afc-sdk/actions/workflows/main-ci.yml/badge.svg)](https://github.com/cap-js-community/sap-afc-sdk/commits/main)
 
-## About this project
+## About this Project
 
-[SAP Advanced Financial Closing SDK for CDS](https://www.npmjs.com/package/@cap-js-community/sap-afc-sdk) Provides an SDK for SAP Advanced Financial Closing to be consumed with SAP Cloud Application Programming Model (Node.js).
+[SAP Advanced Financial Closing SDK for CDS](https://www.npmjs.com/package/@cap-js-community/sap-afc-sdk)
+Provides an SDK for SAP Advanced Financial Closing to be consumed with SAP Cloud Application Programming Model (Node.js).
 
 ## Table of Contents
 
-- [Getting Started](#getting-started)
+- [Requirements and Setup](#requirements-and-setup)
 - [Architecture](#architecture)
 - [Usage](#usage)
   - [Options](#options)
@@ -24,10 +25,6 @@
 
 ## Requirements and Setup
 
-*Insert a short description what is required to get your project running...*
-
-## Getting Started
-
 - Run `npm add @cap-js-community/sap-afc-sdk` in `@sap/cds` project
 - Execute `cds-serve` to start server
   - Access welcome page at http://localhost:4004
@@ -594,4 +591,4 @@ We as members, contributors, and leaders pledge to make participation in our com
 
 ## Licensing
 
-Copyright (20xx-)20xx SAP SE or an SAP affiliate company and <your-project> contributors. Please see our [LICENSE](LICENSE) for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available [via the REUSE tool](https://api.reuse.software/info/github.com/cap-js-community/sap-afc-sdk).
\ No newline at end of file
+Copyright (20xx-)20xx SAP SE or an SAP affiliate company and <your-project> contributors. Please see our [LICENSE](LICENSE) for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available [via the REUSE tool](https://api.reuse.software/info/github.com/cap-js-community/sap-afc-sdk).
diff --git a/bin/afc.js b/bin/afc.js
index fa2c9a5..e26293c 100755
--- a/bin/afc.js
+++ b/bin/afc.js
@@ -67,6 +67,7 @@ program
   .description("Manage API")
   .addArgument(new commander.Argument("<action>", "Manage API keys").choices(["key"]))
   .option("-n, --new", "Create new API key")
+  .option("-p, --password", "Broker password")
   .action(manageAPI)
   .addHelpText(
     "afterAll",
@@ -108,6 +109,6 @@ async function addFeature(argument) {
 async function manageAPI(action) {
   const options = this.opts();
   const apiFn = require("./commands/api");
-  await apiFn(action, !!options.new);
+  await apiFn(action, { isNew: options.new, password: options.password });
   console.log("Successfully managed API keys.");
 }
diff --git a/bin/commands/api.js b/bin/commands/api.js
index 6f74aca..4096512 100644
--- a/bin/commands/api.js
+++ b/bin/commands/api.js
@@ -1,12 +1,30 @@
+/* eslint-disable no-console */
 "use strict";
 
+const fs = require("fs");
+const path = require("path");
 const shelljs = require("shelljs");
 
-module.exports = (action, isNew) => {
+module.exports = (action, { isNew, password }) => {
   switch (action) {
     case "key":
-      shelljs;
-      isNew;
+      manageKey(isNew, password);
       break;
   }
 };
+
+function manageKey(isNew, password) {
+  const brokerPath = path.join(process.cwd(), "srv/broker.json");
+  if (!fs.existsSync(brokerPath)) {
+    console.log(`broker.json not found at '${brokerPath}'. Call 'afc add broker'`);
+    return;
+  }
+  const broker = require(brokerPath);
+  const name = Object.keys(broker.SBF_SERVICE_CONFIG)[0];
+  if (!name) {
+    console.log(`No service found in broker configuration. Call 'afc add broker'`);
+  }
+  shelljs.exec(
+    `cf create-service-broker ${name}-broker broker-user '${password}' https://${isNew}.cfapps.sap.hana.ondemand.com/broker --space-scoped`,
+  );
+}
diff --git a/package-lock.json b/package-lock.json
index 55d325f..565ceda 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
       "version": "0.1.0",
       "license": "Apache-2.0",
       "dependencies": {
-        "@cap-js-community/event-queue": "^1.8.7",
+        "@cap-js-community/event-queue": "^1.9.0",
         "@cap-js-community/feature-toggle-library": "^1.2.4",
         "@cap-js-community/websocket": "^1.6.0",
         "@sap/sbf": "^6.8.2",
@@ -575,9 +575,9 @@
       "license": "MIT"
     },
     "node_modules/@cap-js-community/event-queue": {
-      "version": "1.8.7",
-      "resolved": "https://registry.npmjs.org/@cap-js-community/event-queue/-/event-queue-1.8.7.tgz",
-      "integrity": "sha512-F70cBEthN73IlMsj8FcHlLbplAprlUPscnXxoNxXi+Aawpni6OBk16h3dfOVgtUEF5cMqjMkvkq7lqaXSP6jvQ==",
+      "version": "1.9.0",
+      "resolved": "https://registry.npmjs.org/@cap-js-community/event-queue/-/event-queue-1.9.0.tgz",
+      "integrity": "sha512-zVW6SkT7eQAQFzYztaupIDLQ+28fnIhUYxkJwmYtzYzkp2B413OBZLJFVVOcVrYilR+HWE39v1xgRag/aEn5yw==",
       "license": "Apache-2.0",
       "dependencies": {
         "@sap/xssec": "^4.2.4",
diff --git a/package.json b/package.json
index 39c567c..6edb768 100644
--- a/package.json
+++ b/package.json
@@ -55,7 +55,7 @@
     "audit": "npm audit --only=prod"
   },
   "dependencies": {
-    "@cap-js-community/event-queue": "^1.8.7",
+    "@cap-js-community/event-queue": "^1.9.0",
     "@cap-js-community/feature-toggle-library": "^1.2.4",
     "@cap-js-community/websocket": "^1.6.0",
     "@sap/sbf": "^6.8.2",
diff --git a/test/scheduling/__snapshots__/provider.test.js.snap b/test/scheduling/__snapshots__/provider.test.js.snap
index 0a0bff9..83e2522 100644
--- a/test/scheduling/__snapshots__/provider.test.js.snap
+++ b/test/scheduling/__snapshots__/provider.test.js.snap
@@ -407,4 +407,4 @@ exports[`API Open API GET API Docs Root 2`] = `
 "
 `;
 
-exports[`API Security GET CSP 1`] = `"default-src 'self' https://ui5.sap.com;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: blob: https://ui5.sap.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ui5.sap.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src wss: https://ui5.sap.com https://authentication.sap.hana.ondemand.com http://localhost"`;
+exports[`API Security GET CSP 1`] = `"default-src 'self' https://ui5.sap.com;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data: blob: https://ui5.sap.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ui5.sap.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src wss: https://ui5.sap.com https://authentication.sap.hana.ondemand.com https://sap-afc-sdk.sap.com"`;
diff --git a/test/scheduling/provider.test.js b/test/scheduling/provider.test.js
index 78ee6e9..36eb615 100644
--- a/test/scheduling/provider.test.js
+++ b/test/scheduling/provider.test.js
@@ -7,6 +7,10 @@ const { JobStatus } = require("../../srv/scheduling/common/codelist");
 
 const { GET, POST, PUT, DELETE, axios, test } = cds.test(__dirname + "/../..");
 
+process.env.VCAP_APPLICATION = JSON.stringify({
+  uris: ["sap-afc-sdk.sap.com"],
+});
+
 process.env.PORT = 0; // Random
 
 describe("API", () => {
@@ -47,16 +51,17 @@ describe("API", () => {
   describe("Security", () => {
     it("GET CSP", async () => {
       let response = await GET("/api/job-scheduling/v1/JobDefinition");
-      const csp = response.headers["content-security-policy"].replace(/localhost:\d+/, "localhost");
-      expect(csp).toMatchSnapshot();
+      expect(response.headers["content-security-policy"]).toMatchSnapshot();
+      expect(response.headers).toMatchObject({
+        "cross-origin-opener-policy": "same-origin",
+        "cross-origin-resource-policy": "same-origin",
+      });
     });
 
     it("GET CORS", async () => {
       let response = await GET("/api/job-scheduling/v1/JobDefinition");
       expect(response.headers).toMatchObject({
         "access-control-allow-origin": "*",
-        "cross-origin-opener-policy": "same-origin",
-        "cross-origin-resource-policy": "same-origin",
       });
     });
   });