diff --git a/bookstore/package.json b/bookstore/package.json index 8102ed67..ed127403 100644 --- a/bookstore/package.json +++ b/bookstore/package.json @@ -9,6 +9,7 @@ "@capire/orders": "*", "@capire/reviews": "*", "@sap/cds": ">=5", + "@sap/xssec": "^4.4.0", "express": "^4.17.1" }, "scripts": { diff --git a/orders/package.json b/orders/package.json index 40a57ac5..d2f501c5 100644 --- a/orders/package.json +++ b/orders/package.json @@ -4,7 +4,8 @@ "dependencies": { "@cap-js/hana": "^1.7.0", "@capire/common": "*", - "@sap/cds": ">=5" + "@sap/cds": ">=5", + "@sap/xssec": "^4.4.0" }, "scripts": { "start": "cds-serve" diff --git a/package-lock.json b/package-lock.json index da00bf32..a6fdc826 100644 --- a/package-lock.json +++ b/package-lock.json @@ -20,7 +20,8 @@ ], "dependencies": { "@cap-js/hana": "^1", - "@sap/cds": ">=8" + "@sap/cds": ">=8", + "@sap/xssec": "^4" }, "devDependencies": { "@cap-js/cds-test": "^0", @@ -53,6 +54,7 @@ "@capire/orders": "*", "@capire/reviews": "*", "@sap/cds": ">=5", + "@sap/xssec": "^4.4.0", "express": "^4.17.1" } }, @@ -532,6 +534,19 @@ "node": ">=14" } }, + "node_modules/@sap/xssec": { + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/@sap/xssec/-/xssec-4.4.0.tgz", + "integrity": "sha512-tVPyF6z6lWN2cucT38kkTu6GTmFXhqd/xa0SrExZ+j8K1cNePEIDHvx/zfibubLeb198vyoreW4QOpR9+Vaj4A==", + "license": "SAP DEVELOPER LICENSE AGREEMENT", + "dependencies": { + "debug": "^4.3.4", + "jwt-decode": "^4" + }, + "engines": { + "node": ">=18" + } + }, "node_modules/@types/body-parser": { "version": "1.19.5", "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz", @@ -2252,6 +2267,15 @@ "dev": true, "license": "MIT" }, + "node_modules/jwt-decode": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/jwt-decode/-/jwt-decode-4.0.0.tgz", + "integrity": "sha512-+KJGIyHgkGuIq3IEBNftfhW/LfWhXUIY6OmyVWjliu5KH1y0fw7VQ8YndE2O4qZdMSd9SqbnC8GOcZEy0Om7sA==", + "license": "MIT", + "engines": { + "node": ">=18" + } + }, "node_modules/keyv": { "version": "4.5.4", "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", @@ -3358,7 +3382,8 @@ "dependencies": { "@cap-js/hana": "^1.7.0", "@capire/common": "*", - "@sap/cds": ">=5" + "@sap/cds": ">=5", + "@sap/xssec": "^4.4.0" } }, "reviews": { @@ -3367,6 +3392,7 @@ "dependencies": { "@cap-js/hana": "^1.7.0", "@sap/cds": ">=5", + "@sap/xssec": "^4.4.0", "express": "^4.17.1" } } diff --git a/reviews/package.json b/reviews/package.json index 4ae33c8c..0222ce63 100644 --- a/reviews/package.json +++ b/reviews/package.json @@ -9,6 +9,7 @@ "dependencies": { "@cap-js/hana": "^1.7.0", "@sap/cds": ">=5", + "@sap/xssec": "^4.4.0", "express": "^4.17.1" }, "scripts": { diff --git a/xs-security.json b/xs-security.json index e1d39923..ca8b592a 100644 --- a/xs-security.json +++ b/xs-security.json @@ -1,6 +1,19 @@ { - "scopes": [], + "scopes": [ + { + "name": "$XSAPPNAME.admin", + "description": "admin" + } + ], "attributes": [], - "role-templates": [], + "role-templates": [ + { + "name": "admin", + "scope-references": [ + "$XSAPPNAME.admin" + ], + "description": "cap samples multi-service shared-db" + } + ], "authorities-inheritance": false }