/byd-event-bridge

A prototype built with SAP Cloud Application Studio enables an event pub/sub mechanism for SAP Business ByDesign by plugging into modern cloud messaging services for side-by-side solution/extension development via an event-driven and loosely-coupled approach.

Primary LanguageCsound DocumentApache License 2.0Apache-2.0

REUSE status License: Apache2 Not Maintained

Description

A prototype built with SAP Cloud App Studio enables an event pub/sub mechanism for SAP Business ByDesign by plugging into modern cloud messaging services for side-by-side solution/extension development via an event-driven and loosely-coupled approach.

Please refer to this blog post about an overview introduction to the ByDEventBridge prototype.

Architecure and Design

High level architecture

Architecture: Architecture Logical Components: Components

Detail Design

Architecture

How-to guide

Requirements

  • SAP Business ByDesign tenant
  • SAP Cloud Application Studio
  • An instance of Cloud Messaging Service, such as
    • SAP Cloud Platform Enterprise Messaging
    • SAP Cloud Platform Integration
    • Azure Service Bus
    • AWS SQS

Step 1: Create your own ByDEventBridge with Cloud Application Studio

The prototype ByDEventBridge is a customer-specific solution built with SAP Cloud Application on our internal tenant, therefore it is not possible to download the package, then directly import and deploy to another tenant. And the published source code only includes BODL and ABSL files, the wizard-based artifacts are exclusive due to the fact of their strict dependence with tooling and tenant, such as UI Screen, Query, Mass Data Run, External Service Integration, Communication Scenario and Communication Arrangement etc... which require to be created or configured with your own SAP Cloud Application on your own target ByD tenant.

It is recommended to create a solution template including all reusable artifacts, such as BODL file, ABSL file and Reuse Library etc which are shared in this github, then you create customer specific solution by importing the solution template.

Please create the CodeList below per screenshots.

  • AuthenticationMode
  • ChannelStatus
  • EventPublicationChannelType
  • EventPublicationStatus
  • EventPublisher
  • EventType

BusinessObjectEvent

BusinessObjectEvent

EventPublicationChannel

ObjectEventConfig

In this sample, CustomerInvoice and Account are included as event sources through Event-BeforeSafe() of Business Object Extension.

You can generate the business object event to a standard business object or custom business object by adding the following code in the Event-BeforeSafe on the targe node of the source business object.

Step 2: Setup your own Cloud Messaging Service

The cloud messaging service here refers to as an extenral cloud-based messaging broker. The following are supported in the prototype ByDEventBridge. You may choose one above as the messaging broker for publication of ByD events.

  • SAP Cloud Platform Enterprise Messaging
  • SAP Cloud Platform Integration
  • Azure Service Bus
  • AWS SQS

SAP Cloud Platform Enterprise Messaging

Please refer to this blog post about how to setup an instance SAP Cloud Platform Enterprise Messaging, and create a message queue for receiving ByD events.
As a result, you should have obtained the secret key of the instance, which includes the tokenendpoint, clientid, and clientsecret, and uri for the httprest protocol used for setting up EventPublicationChannel in step 3.

A sample snippet json of oa2(Oauth 2.0) for httprest protocol

"oa2": {
        "clientid": "sb-default-abcdefghijkl....",
        "clientsecret": "abcdefg...",
        "tokenendpoint": "https://<your_instance>.authentication.eu10.hana.ondemand.com/oauth/token",
        "granttype": "client_credentials"
      },
"protocol": [
        "httprest"
      ],
"broker": {
        "type": "saprestmgw"
      },
"uri": "https://enterprise-messaging-pubsub.cfapps.eu10.hana.ondemand.com"

SAP Cloud Platform Integration

Please refer to this blog post about how to setup an instance and create an integration flow with https adapter.

Here you a sample for ByD Event

Azure Service Bus

Please refer to Azure Service Bus document about how to create and setup an Azure Service Bus namespace and a queue.

The following authentication methods of Azure Service Bus are supported in the prototype ByDEventBridge

  • OAuth 2.0:
    Not tested against Azure Service Bus due to internal Azure AD permission. However, OAuth 2.0 is implemented in source code and tested against SAP Cloud Platform Enterprise Messaging.
  • Shared Access Signature:
    Implemented in source code, and tested against Azure Service Bus.
    It is recommended to create a policy including the Send claim for the prototype ByDEventBridge, which only allows to send the message to the queue of Azure Service Bus. As a result, you have a custom send-only policy and its primary key, which will bed used in step 3 for EventPublication setup if you are using Azure Service Bus.
    Azure_SAS_SendOnlyPolicy

AWS SQS

Please refer to AWS SQS document about how to create and setup a SQS service and a SQS queue.

Due to some technical limitations about Hash function and HMAC function in ABSL, AWS Signature V4 authentication for SQS is too complicated to implement with ABSL. Therefore, a custom REST API(namely ByDEventProxy-API) to send message to SQS with authentication as API Key through AWS API Gateway, which triggers a AWS Lambda function(namely ByDEventProxy) based on AWS SDK to send messages to SQS queue. Please refer to this AWS document about Creating a REST API with Lambda integrations in Amazon API Gateway. And an API Key should be required to access the REST API, and authorisation as none. Therefore, please create a API Key for the REST API(ByDEventProxy-API) in API Gateway.

  • Configuration of the REST API(ByDEventProxy-API) in API Gateway AWS_API_Gateway_Config
  • ByDEventProxy Lambda Function Source Code(NodeJS)
    AWS_ByDEventProxy_LambdaFunction_Code
  • Configuration of ByDEventProxy Lambda Function Trigger by API Gatway
    AWS_ByDEventProxy_LambdaFunction_Trigger

    As a result, you now should obtain the endpoint and API Key of the REST API(ByDEventProxy-API) in API GateWay to send messages to your AWS SQS queue, which will be used in Step 3 about EventPublicationChannel setup for AWS SQS.

Step 3: Configure an EventPublicationChannel representing your Cloud Messaging Service

In this section, you will need to create External REST Service Integration(through CAS), Communication Scenario(through CAS), and Communication Arrangement(through CAS by Manage Communication Arrangemnt) for

  • Channel Authentication (How to Authenticate the access of the Channel. Only required by Channel Authentication Method as OAuth 2.0) via outbound REST HTTP call
  • Channel Access (How to Publish the event message from ByD to the channel via outbound REST HTTP call).

    It is recommended to structure the artifacts of Channel Communication as the sample here.

    The service name and communication scenario of external REST service integration about Channel Authenticaiton and Channel Access will be used in the configuration of EventPublicationChannel. If you are new to Integrate an External Web Service Using REST with SAP Cloud Application Studio, please refer to this online document for details.

    Some general tips about external REST service integration for EventPublicationChannel
  • A communication system will be created automatically on the creation of the communication scenario, therefore, it is unnecessary to create a communication system for the service by manual. For example, a communication system named SAPENTMSGAUTHCS-YCNOWIADY for communication scenario SAPEntMsgAuth_CS, YCNOWIADY as the prefix of my ByDEventBridge solution in Cloud Application Studio.
  • Please use Advanced setting for the technical configuration of Communication Arrangement, and select None Authentication. The actual authenticaitons are implemented in the source code via http headers.

SAP Cloud Platform Enterprise Messaging

Channel Authentication Configuraiton

  • Create an External Service Integration(REST) and a Communication Scenario for then chanel authentication with SAP Cloud Application Studio, for example the service name as SAPEntMsgAuth and the communication scenario as SAPEntMsgAuth_CS.

    The url of channel authentication is the tokenendpoint obtained in step 2 for SAP Cloud Platform Enterprise Messaging.

  • Create a Communication Arrangement for the Communication Scenaion(SAPEntMsgAuthCS) by right clicking the communicaiton scenrio, and select "Manage Communication Arrangement".

    A communication system is automatically created on the creation of the communication scenario, therefore, it is unnecessary to create a communication system for the service by manual. For example, a communication system named SAPENTMSGAUTHCS-YCNOWIADY for communication scenario SAPEntMsgAuth_CS, YCNOWIADY as the prefix of my ByDEventBridge solution in Cloud Application Studio.

    Please use None Authentication for the Communication Arrangement.

Channel Access Configuraiton

  • Create an External Service Integration using REST and a Communication Scenario for then channel access with SAP Cloud Application Studio, for example the service name as SAPEntMsgAccess and the communication scenario as SAPEntMsgAccess_CS

    The url of channel access is the uri obtained in step 2 for SAP Cloud Platform Enterprise Messaging.

  • Create a Communication Arrangement for the Communication Scenaion(SAPEntMsgAuthCS) by right clicking the communicaiton scenrio, and select "Manage Communication Arrangement".

    A communication system is automatically created on the creation of the communication scenario, therefore, it is unnecessary to create a communication system for the service by manual. For example, a communication system named SAPENTMSGAUTHCS-YCNOWIADY is created for communication scenario SAPEntMsgAuth_CS, YCNOWIADY as the prefix of my ByDEventBridge solution in Cloud Application Studio.

    Please use None Authentication for the Communication Arrangement.

Configuration of EventPublicationChannel for SAP Cloud Platform Enterprise Messaging

EventPublicationChannel_SAP_Ent_Msg

SAP Cloud Platform Integration

Integration Flow Configuraiton in SAP Cloud Platform Integration

The target integration flow should be triggered by https, therefore the ByDEventBridge can send the event message to CPI by invoking an outbound https call .
For example. SAPCPI_FlowSenderConfig In the connection of the integration flow, you can setup the authentication as User Role, which requires a user and password(Basic Authentication) to invoke the flow via https. And the address is used as part of the endpoint to invoke the flow via https. SAPCPI_FlowAuthConfig

Channel Authentication Configuraiton in EventPublicationChannel

No separated authentication required.

Channel Access Configuraiton in EventPublicationChannel

  • Create an External Service Integration using REST and a Communication Scenario for then channel access with SAP Cloud Application Studio, for example the service name as SAPCPI_ByDEvents and the communication scenario as SAPCPI_ByDEvents_CS

    The url of channel access is the url enpoint configured in the integration flow of SAP Cloud Platform Integration.

  • Create a Communication Arrangement for the Communication Scenaion(SAPCPI_ByDEvents_CS) by right clicking the communicaiton scenrio, and select "Manage Communication Arrangement".

    A communication system is automatically created on the creation of the communication scenario, therefore, it is unnecessary to create a communication system for the service by manual. For example, a communication system named SAPCPI_ByDEvents_CS-YCNOWIADY is created for communication scenario SAPCPI_ByDEvents_CS, YCNOWIADY as the prefix of my ByDEventBridge solution in Cloud Application Studio.

    Please use None Authentication for the Communication Arrangement.

Configuration of EventPublicationChannel for SAP Cloud Platform

EventPublicationChannel_SCP_CPI

Azure Service Bus

Channel Authentication Configuraiton

For OAuth 2.0
  • Create an External Service Integration using REST and comminucation scenario with SAP Cloud Application Studio. The url of channel authentication is the OAuth url for the queue within Azure Service Bus.
  • Create a Communication Arrangement for the Communication Scenaion. Please use None Authentication for the Communication Arrangement.
For Shared Access Signature

No channel authenticaion configuration required.

Channel Access Configuraiton

  • Create an External Service Integration using REST and a Communication Scenario for then channel access with SAP Cloud Application Studio, for example the service name as AzureServiceBus and the communication scenario as AzureServiceBus_CS

    The url of channel access is the uri obtained in step 2 for Azure Service Bus.

  • Create a Communication Arrangement for the Communication Scenaion(AzuerServiceBus_CS) by right clicking the communicaiton scenrio, and select "Manage Communication Arrangement".

    A communication system is automatically created on the creation of the communication scenario, therefore, it is unnecessary to create a communication system for the service by manual. For example, a communication system named AZURESERVICEBUS-YCNOWIADY is created for communication scenario AzuerServiceBus_CS, YCNOWIADY as the prefix of my ByDEventBridge solution in Cloud Application Studio.

    Please use None Authentication for the Communication Arrangement.

Configuration of EventPublicationChannel for Azure Service Bus

EventPublicationChannel_AzureServiceBus

AWS SQS

Frequently Asked Questions:

What solution type should I adopt ByDEventBridge? A Customer-Specific Solution or Solution Template or Multiple-Customer Solution?

Answer: It is recommended to create a solution template including all reusable artifacts, such as BODL file, ABSL file and Reuse Library etc which are shared in this github, then you create customer specific solution by importing the solution template. In the long run, if you think it as a good solution which you would like to resell to multiple customers, then you can request approval to create a multi customer solution, and importing the solution template.

What are the best practice for event operation?

Answer: As rules of thumb

  • Only generate the event on the target node of the desired object. Filter the undesired event message as early as possible.
  • Be very careful to generate the event for the very low-level foundation object such as BusinessPartner and Material etc. As BusinessPartner object is depended by Employee, Account, Supplier etc.
  • If it doesn't require real-time, periodical Mass Event Publication is recommended to minimize the impact on your ByD tenant.
  • To reduce the size of events, the completed or obsolete events should be periodically deleted by Mass Event Deletion(Mass Data Run Object).

What cloud-based messaging service to use?

Answer: Although, the sample prototype is cloud-messaging-service-agnostic, supporting SAP Enterprise Messaging, SAP Cloud Platform Integration, Azure Service Bus and AWS SQS. In reality, most likely one type of cloud message service is enough.It is up to your company's strategy and client's preference to pick. If the client opt-in one vendor strategy, then SAP Enterprise Messaging or SAP Cloud Platform Integration is the right choice since they have already been a SAP customer for SAP Business ByDesign. for details, you may refer to the blog posts SCP Enterprise Messaging for the SMBs by my colleague Thiago Mendes, and SAP Cloud Platform Integration for SAP Business ByDesign webinar  by Maria Trinidad MARTINEZ GEA .

Can I send the event directly to my external app without a cloud-based message service?

Answer: Yes. The ByDEventBridge itself implements the event pub/sub mechanism. The event message can be published to ANY http service with the following authentication by defining a publication channel with the target http access endpoint.

  • No Authentication
  • Basic Authentication
  • OAuth 2.0 Therefore, you can have the event message published to an external partner app directly for processing, which can handle an http request without a cloud-based message service.

When do you need event? What granularity of messaging queue or topic and partner solution as event subscriber?

Answer: The granularity of messaging queue or topic could be per partner solution/object type/source tenant or any combination, giving the flexibility of partner solution development and operation for addressing the variety of business and security etc requirements. For instance:

  • Case#1: Your company(SAP Partner) would like to develop and operate an eInvoicing solution as SaaS for multiple ByD customers, it is recommended to have one queue per client for the invoice object for the separation, and also due to the fact most cloud messaging service are charged by the number of messages, not by the number of queue.  For the eInvoicing app(event subscriber) which could be multi-tenant sharing among tenant, and you may need to design a mechanism when and how-to scale. If the eInvoicing app is implemented with serverless function, then it could be dynamically scaled up or down to accommodate the client requests with ease of mind. The pricing of your SaaS now could be easily calculated by the number of messages, and the process time of messages.

  • Case#2: Your ByD client A requests an integration of warehouse activities in ByD with their in-house Warehouse Management System. Of course, the requirement could be implemented with Cloud Application Studio, OData/Web Service of SAP ByD or SAP Cloud Platform Integration etc, which it doesn't need event and additional messaging service. However, with increase of the complexity of integration and the number of systems to be integrated, an event-driven architecture becomes approperiate. In this case, you may request the client to purchase an appropriate cloud messaging service, and you will help to bridge the event in SAP ByD and integration scenario development.

Support and Contributions

This repository is provided "as-is". No support is available. Feel free to open issues or provide pull requests.

License

Copyright (c) 2020 SAP SE or an SAP affiliate company. All rights reserved. This project is licensed under the Apache Software License, version 2.0 except as noted otherwise in the LICENSE file.