import type { MtlsOptions } from '../../internal'; import type { CachingOptions } from '../cache'; import type { ProxyConfiguration } from '../connectivity-service-types'; import type { IsolationStrategy } from './destination-cache'; /** * A resolved destination containing information needed to execute requests, such as the system URL. * * You can create a destination as a local object when supplying all necessary information, or it could be retrieved from the destination service on SAP Business Technology Platform (via {@link DestinationFetchOptions}). * When creating a local object representing a destination, you need to supply at least the {@link url} and, if required by the target system, valid credentials with {@link username} and {@link password}. */ export interface Destination { /** * Name of the destination retrieved from SAP Business Technology Platform. */ name?: string | null; /** * Base URL for calls to this destination. * The URL has to define the protocol, like `http://` or `https://`, and a host. * The path for requests against this destination will be appended to the path defined in the URL as a new path segment. */ url?: string; /** * Type of authentication to use. * * Defaults to `NoAuthentication`, unless {@link username} and {@link password} are provided, in which case the default is `BasicAuthentication`. */ authentication?: AuthenticationType; /** * Proxy type to specify whether the target resides on-premise (not used). */ proxyType?: DestinationProxyType; /** * Client to target in an SAP system, will be added as HTTP header `sap-client` if set. */ sapClient?: string | undefined | null; /** * Username to use for basic authentication, optional if other means of authentication shall be used. */ username?: string | null; /** * Password to use for basic authentication, optional if other means of authentication shall be used. */ password?: string | null; /** * Authentication tokens returned from destination service on SAP Business Technology Platform. */ authTokens?: DestinationAuthToken[] | null; /** * Flag indicating whether all certificates should be accepted when communicating with the destination. Should not be "true" in production. */ isTrustingAllCertificates?: boolean; /** * ProxyConfiguration for on-premise connectivity and http(s) web proxies. Is present if proxyType of the destination equals "OnPremise" or environment variables [http_proxy] or [https_proxy] are set See {@link ProxyConfiguration}. */ proxyConfiguration?: ProxyConfiguration; /** * Client Id used to retrieve access token for "OAuth2ClientCredentials", "OAuth2UserTokenExchange" and "OAuth2JWTBearer" authentication. */ clientId?: string; /** * Client Secret used to retrieve access token for "OAuth2ClientCredentials", "OAuth2UserTokenExchange" and "OAuth2JWTBearer" authentication. */ clientSecret?: string; /** * URL to retrieve access token for "OAuth2ClientCredentials", "OAuth2UserTokenExchange" and "OAuth2JWTBearer" authentication. */ tokenServiceUrl?: string; /** * User for basic authentication to OAuth server (if required). */ tokenServiceUser?: string; /** * Password for tokenServiceUser (if required). */ tokenServicePassword?: string; /** * The type of the destination, defaults to 'HTTP'. The SAP Cloud SDK only understands destinations of type 'HTTP' and 'MAIL'. */ type?: 'HTTP' | 'LDAP' | 'MAIL' | 'RFC'; /** * Further properties of the destination as defined in destination service on SAP Business Technology Platform, possibly empty. */ originalProperties?: { [key: string]: any; }; /** * Flag indicating whether the destination is for test purpose. Should be "undefined" or "false" for non-mocked destinations. */ isTestDestination?: boolean; /** * Location ID of the Cloud Connector to be used for connection to an On-Premise system. Optional. Corresponds to property "CloudConnectorLocationId" in the additional properties of a destination. */ cloudConnectorLocationId?: string; /** * Array of certificates used for authentication type ClientCertificateAuthentication. */ certificates?: DestinationCertificate[]; /** * Trusted certificate for https requests used by the destination. Only relevant for self-signed certificates where trust needs to be enabled in the client. */ trustStoreCertificate?: DestinationCertificate; /** * Name of the key store/certificate to be used for ClientCertificateAuthentication. */ keyStoreName?: string; /** * Password of the key store/certificate to be used for ClientCertificateAuthentication. */ keyStorePassword?: string; /** * System user to be used for OAuth2SAMLBearerAssertion authentication type. */ systemUser?: string; /** * Additional headers to be used for calls against the destination, originally defined by `URL.headers.`. * The keys of this object denote the names of the headers and the values their values. */ headers?: Record; /** * Additional query parameters to be used for calls against the destination, originally defined by `URL.queries.`. * The keys of this object denote the names of the query parameters and the values their values. */ queryParameters?: Record; /** * If set to true the auth token provided to the request execution is forwarded to the destination target. */ forwardAuthToken?: boolean; /** * Base64-encoded JSON web key set, containing the signing keys which are used to validate the JWT provided in the X-User-Token header. * This field is used to authenticate the destination using a JWT without JKU. */ jwks?: string; /** * URI of the JSON web key set, containing the signing keys which are used to validate the JWT provided in the X-User-Token header. * This field is used to authenticate the destination using a JWT without JKU. */ jwksUri?: string; /** * Destination has automatic mTLS handling on CloudFoundry. * * If this option is set to true, the CloudFoundry [instance identity](https://docs.cloudfoundry.org/devguide/deploy-apps/instance-identity.html) * will be automatically used for TLS secured HTTP requests. */ mtls?: boolean; /** * MTLS key pair consisting of certificate and private key in PEM format. * This field is used to authenticate the destination using mTLS. */ mtlsKeyPair?: MtlsOptions; } /** * Represents authentication token returned from destination service. */ export interface DestinationAuthToken { /** * Type of the token, e.g., Bearer. */ type: string; /** * Value of the token. */ value: string; /** * The number of seconds until the access token expires. */ expiresIn?: string; /** * Potential error of token retrieval in the destination service. */ error: string | null; /** * An object containing ready-to-use key-value pairs like `Authorization` : `Bearer U29tZVRva2VuVmFsdWU=`. */ http_header: { key: string; value: string; }; } /** * Represents the proxy type on a destination. */ export type DestinationProxyType = 'OnPremise' | 'Internet' | 'PrivateLink' | null; /** * Represents a certificate attached to a destination. */ export interface DestinationCertificate { /** * Name of the certificate file. */ name: string; /** * Content of the certificate as base64 encoded binary. */ content: string; /** * Type of the certificate. */ type: string; } /** * Options to use while fetching destinations. Encompasses both {@link CachingOptions} and isolation strategy. */ export type DestinationRetrievalOptions = CachingOptions & { /** * The isolation strategy used for caching destinations. For the available options, see {@link IsolationStrategy}. * By default, 'tenant-user' is set. */ isolationStrategy?: IsolationStrategy; /** * The call to `destination/{name}` sometimes also performs a token exchange. Such calls can be flaky due to an unstable token exchange endpoint. * This parameter enables 3 retries on the destination by name calls. * By default, the retry is disabled. */ retry?: boolean; }; /** * Destination for HTTP request where the URL is mandatory. */ export type HttpDestination = Destination & { url: string; }; /** * Assertion that the Destination is a HttpDestination. * This method comes in handy when you retrieved a destination from the destination service and need to check if it is a HttpDestination. * @param destination - Destination or HttpDestination. */ export declare function assertHttpDestination(destination: Destination | HttpDestination): asserts destination is HttpDestination; /** * Type guard to find if object is a Destination. * @param destination - Destination to be checked. * @returns Boolean. */ export declare function isHttpDestination(destination: HttpDestination | Destination | null): destination is HttpDestination; /** * Represents the authentication type of a destination. */ export type AuthenticationType = 'PrincipalPropagation' | 'NoAuthentication' | 'BasicAuthentication' | 'SAMLAssertion' | 'OAuth2SAMLBearerAssertion' | 'OAuth2ClientCredentials' | 'OAuth2UserTokenExchange' | 'ClientCertificateAuthentication' | 'OAuth2JWTBearer' | 'OAuth2Password' | 'OAuth2RefreshToken';