Contents/Agenda:

1. Converters in SAP CI
2. JAR Files
3. Steps to establish/create IFlow in SAP CI
4. Security Material
5. Groovy Script
6. Testing
7. Conclusion

1. Converters in SAP CI: There are standard in-built converters in SAP CI (CSV to XML, EDI to XML, JSON to XML and vice-versa).

2. JAR Files: 

• There are no in-built libraries available for the PDF files; hence we need to add the JAR files.
• Here is the link to download the JAR Files: 
  https://jar-download.com/artifacts/com.itextpdf/itextpdf/5.5.13/source-code
• We need to add these JAR files in the ‘Reference’ tab under ‘Archives’ folder.

   

  

3. Steps to establish/create IFlow in SAP CI: 

• In this scenario we are going to change normal pdf file into password protected file using SAP CI.
• Steps: 
  1. Create the IFlow with the desired name. 

  2. Connect the sender and integration process with the HTTP Sender Adapter and specify the preferred HTTP address.

   

  

  3. Add the Groovy script (Please see the Groovy Script code below).

   

  

4. Security Material:

It is not a good idea to pass credentials within a Groovy script or store them in a content modifier due to security reasons. Instead, securely save the username and password using security material.

In this example, I have used the username "PDFUser" and password "FileFile". Please modify these as needed; I have used simple one for testing purpose.

5. Groovy Script: Create a Groovy script and write the following script.

//Import necessary classes for SAP gateway and custom development
import com.sap.gateway.ip.core.customdev.util.Message;
import java.util.HashMap;
//Import iTextPDF classes for PDF manipulation
import com.itextpdf.text.Document;
import com.itextpdf.text.Paragraph;
import com.itextpdf.text.pdf.PdfWriter;
import com.itextpdf.text.pdf.PdfReader;
import com.itextpdf.text.pdf.PdfStamper;
//Import SAP IT API classes for secure store access
import com.sap.it.api.ITApi;
import com.sap.it.api.ITApiFactory;
import com.sap.it.api.securestore.*;

def Message processData(Message message) {
def inputPayload = message.getBody();

//Obtain an instance of the SecureStoreService using ITApiFactory
def service = ITApiFactory.getService(SecureStoreService.class, null);
//Retrieve SAP secure store credentials using the alias "PDF Cred"
def credential = service.getUserCredential("PDF Cred");
def unm = new String(credential.getUsername());
def pwd = new String(credential.getPassword());
//Extract substrings from username and password
def pass1 = unm.substring(0,3);
def pass2 = pwd.substring(0,4);
def userPassword = pass1+pass2; //Concatenate substrings to form the userPassword

def reader = new PdfReader(inputPayload.getBytes()); //Create a PdfReader object from the input payload
def outputStreamProtected = new ByteArrayOutputStream(); //Initialize an output stream for the protected PDF
def stamper = new PdfStamper(reader, outputStreamProtected); //Create a PdfStamper to apply encryption to the PDF
stamper.setEncryption(userPassword.getBytes(), null, PdfWriter.ALLOW_PRINTING, PdfWriter.ENCRYPTION_AES_128); //Set encryption parameteres using userPassword
stamper.close(); //Close the PdfStamper to finalize the encrypted PDF
message.setBody(outputStreamProtected.toByteArray()); //Set the modified PDF as the new payload in the message
return message; //Return the modified message
}

After writing the groovy script, deploy the IFlow and copy the endpoint URL from the SAP CI Message Monitoring Section.

6. Testing: To test, we can use the Postman Tool. 

In the Postman tool create a new request with the Endpoint URL and in the Authorization section, use Basic Auth with username and password as Client ID and Client Secret from the BTP Cockpit.

Then in the body, change the type to binary and upload your pdf, after that Click on the send button.

After the completion of this request, we get the below screen, now click on the right-side arrow, and save response to a file.

7. Conclusion: Here, we go!! 😊

Now you can open the downloaded PDF file and check whether the password is set for the given PDF. As per our logic in the Groovy Script, the password to open the PDF file is: PDFFile.

Utilizing SAP CI to convert normal PDFs to password-protected ones ensures enhanced security, especially when securely storing credentials under security material.