Cannot lookup destinations created from mapped service bindings with SAP IAS authentication only (no xsuaa).

[ptesny]

Describe the bug

Cannot lookup destinations created from mapped service bindings with SAP IAS authentication only!

To Reproduce
Steps to reproduce the behavior:

• Have only SAP IAS (no xsuaa!) for user authentication with SAP Approuter.
• Have a simple backend service with SAP Cloud SDK acting as a approuter destination
• Have destination, service-manager, etc services instances created with their respective service bindings.
• The service bindings secrets are mounted as volumes into the simple backend service.
• Failed to resolve the destination 'name: faas-dest-x509'.

Expected behavior
A clear and concise description of what you expected to happen.

All these destinations are OAuth2ClientCredentials destinations thus fall into the category of No user JWT required

The SDK should be able to retrieve these destinations via 'xsevv' with SAP IAS only.

Screenshots
If applicable, add screenshots to help explain your problem.

Used Versions:

• node version via node -v20.x
• npm version via npm -v10.x
• SAP Cloud SDK version you used as dependency:

    ,"@sap-cloud-sdk/http-client": "latest"
    ,"@sap-cloud-sdk/connectivity": "latest"
    ,"@sap-cloud-sdk/resilience": "latest"

Code Examples
If applicable, add code snippets as examples to help explain your problem. Please remove sensitive information.

Log file
If applicable, add your log file or related error message. Again, please remove your sensitive information.

params:  { '0': '/srv/instanceDestinations' }
[2024-06-17T05:54:29.797Z] DEBUG    (env-destination-accessor): Attempting to retrieve destination from environment variable.
[2024-06-17T05:54:29.798Z] DEBUG    (env-destination-accessor): No environment variable set.
[2024-06-17T05:54:29.806Z] DEBUG    (environment-accessor): Could not find binding to service 'xsuaa', that includes credentials.
[2024-06-17T05:54:29.806Z] DEBUG    (register-destination): Could not determine tenant from service binding to XSUAA. Destination will be registered without tenant information.
[2024-06-17T05:54:29.807Z] DEBUG    (jwt): JWT zid is: tenant_id.
[2024-06-17T05:54:29.807Z] DEBUG    (register-destination): Could not retrieve 'faas-dest-x509' from registered destinations.
[2024-06-17T05:54:29.807Z] DEBUG    (destination-accessor-vcap): Attempting to retrieve destination from service binding.
[2024-06-17T05:54:29.865Z] DEBUG    (environment-accessor): Could not find binding to service 'xsuaa', that includes credentials.
[2024-06-17T05:54:29.866Z] DEBUG    (destination-accessor-vcap): Could not retrieve destination from service binding. If you are not using SAP Extension Factory, this information probably does not concern you. Cannot destructure property 'zid' of 'undefined' as it is undefined.
[2024-06-17T05:54:29.866Z] DEBUG    (destination-accessor-service): Attempting to retrieve destination from destination service.
[2024-06-17T05:54:29.875Z] DEBUG    (jwt): JWT zid is: e041581c-0342-4f4d-84f6-eaa9e5f75bd7.
[2024-06-17T05:54:29.882Z] DEBUG    (environment-accessor): No JWT given to select binding to service 'destination.
[2024-06-17T05:54:29.883Z] DEBUG    (environment-accessor): Found one service binding for service 'destination'. App name: clone6f5930835db049aa926181ff46b73cfc!b65688|destination-xsappname!b2.
[2024-06-17T05:54:29.963Z] DEBUG    (jwt): JWT zid is: e041581c-0342-4f4d-84f6-eaa9e5f75bd7.
[2024-06-17T05:54:29.963Z] DEBUG    (proxy-util): Tried to read https_proxy or HTTPS_PROXY from the environment variables. Value is undefined.
[2024-06-17T05:54:29.963Z] DEBUG    (proxy-util): Could not find proxy settings for https in the environment variables - no proxy used.
[2024-06-17T05:54:30.034Z] DEBUG    (destination-accessor-service): Could not retrieve destination from destination service.
Error: Failed to resolve the destination 'name: faas-dest-x509'.
    at resolveDestination (/usr/src/app/function/node_modules/@sap-cloud-sdk/connectivity/dist/scp-cf/destination/destination-accessor.js:53:15)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async /usr/src/app/function/node_modules/@sap-cloud-sdk/http-client/dist/http-client.js:69:37
    at async main (/usr/src/app/function/handler.js:727:21)

Impact / Priority

Affected development phase: Release

Impact: Blocked

Timeline: Now

Additional context
Add any other context about the problem here.
@#4731

[marikaner]

Hey @ptesny,

sorry for not responding earlier, I looked into these issues and was working on improving IAS support throughout the SDK in the last days. I only now realize, that you are talking about retrieving destinations from service bindings. I think this might not be related to IAS, but let's see.

The error above indicates, that the service binding was found, but not resolved and that it then goes over the destination service where it doesn't find the destination. If you a different service binding than those that are supported out of the box you need to provide the serviceBindingTransformFn() as indicated in the documentation.
With this you can return a destination that you build based on the credentials of your service binding. If you need to fetch tokens for this, you currently need to do this on your own, no matter if we are looking at XSUAA or IAS.