Solved: REST Lookup UDF with signed and encypted request p...

joel_langoyan · ‎10-03-2023

Hi Experts,

This is related to my other question. For our scenario, for every API calls we need to get a token and the request for token have to be signed and encrypted as well. We're given a sample of the expected encrypted request as below.

PLAIN
<oAuthToken xmlns="some URL">
	<grantType>client_credentials</grantType>
	<scope>value</scope>
	<sourceApplication>value</sourceApplication>
</oAuthToken>

SIGNED and ENCRYPTED
<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
	<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
	<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
		<xenc:EncryptedKey>
			<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
			<xenc:CipherData>
				<xenc:CipherValue>SOME VALUE</xenc:CipherValue>
			</xenc:CipherData>
		</xenc:EncryptedKey>
	</ds:KeyInfo>
	<xenc:CipherData>
		<xenc:CipherValue>SOME VALUE</xenc:CipherValue>
	</xenc:CipherData>
</xenc:EncryptedData><br>

I have referenced below blogs but not sure if encrypted request payload is achievable.

OAuth 2.0 authentication within a UDF mapping to be included in REST receiver channel | SAP Blogs

REST Look Up using UDF in SAP PO | SAP Blogs

SAP PI/PO XML X509 signature by certificate | SAP Blogs - this did not include resulting payload

How to do RSA signature and Base64 by UDF for SAP PO | SAP Blogs

The response later on would have to be decrypted.

If anyone have encountered similar requirement. Please advise. Thank you.