dougang5993 2017-07-20 22:35
浏览 78

使用PHP和SOAP生成Web服务标记头

I'm trying to consume a service from a webservice that asks for authentication, but I can not generate the Timestamp and UsernameToken. 

<wsu:Timestamp wsu:Id="TS-1C1ABE5282FC96252314981531909334">
<wsse:UsernameToken wsu:Id="UsernameToken-1C1ABE5282FC96252314981531792593">

Send Corret:

<soapenv:Header>
  <wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"

xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
     <wsu:Timestamp wsu:Id="TS-1C1ABE5282FC96252314981531909334">
        <wsu:Created>2017-07-20T22:07:01.999Z</wsu:Created>
        <wsu:Expires>2017-07-20T22:10:01.999Z</wsu:Expires>
     </wsu:Timestamp>
     <wsse:UsernameToken wsu:Id="UsernameToken-1C1ABE5282FC96252314981531792593">
        <wsse:Username>xxxxxxxxxxxxx</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">nrg2241zhN8HMAn1bg7OLCL/6eM=</wsse:Password>
        <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">ODgwODIzNDMz</wsse:Nonce>
        <wsu:Created>2017-07-20T22:07:01.999Z</wsu:Created>
     </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>

I'm using the function below:

/**
 * This function implements a WS-Security authentication for PHP.
 *
 * @access private
 * @param string $user
 * @param string $password
 * @return SoapHeader
 */
function soapClientWSSecurityHeader($user, $password)
{
// Creating date using yyyy-mm-ddThh:mm:ssZ format
$tm_created = gmdate('Y-m-d\TH:i:s\Z');
$tm_expires = gmdate('Y-m-d\TH:i:s\Z', gmdate('U') + 180); //only necessary if using the timestamp element

// Generating and encoding a random number
$simple_nonce = mt_rand();
$encoded_nonce = base64_encode($simple_nonce);

// Compiling WSS string
$passdigest = base64_encode(sha1($simple_nonce . $tm_created . $password, true));

// Initializing namespaces
$ns_wsse = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
$ns_wsu = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
$password_type = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText';
$encoding_type = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary';

// Creating WSS identification header using SimpleXML
$root = new SimpleXMLElement('<root/>');

$security = $root->addChild('wsse:Security', null, $ns_wsse);

//the timestamp element is not required by all servers
$timestamp = $security->addChild('wsu:Timestamp', null, $ns_wsu);
$timestamp->addAttribute('wsu:Id', 'Timestamp-28');
$timestamp->addChild('wsu:Created', $tm_created, $ns_wsu);
$timestamp->addChild('wsu:Expires', $tm_expires, $ns_wsu);

$usernameToken = $security->addChild('wsse:UsernameToken', null, $ns_wsse);
$usernameToken->addChild('wsse:Username', $user, $ns_wsse);
$usernameToken->addChild('wsse:Password', $password, $ns_wsse)->addAttribute('Type', $password_type);
$usernameToken->addChild('wsse:Nonce', $encoded_nonce, $ns_wsse)->addAttribute('EncodingType', $encoding_type);
$usernameToken->addChild('wsu:Created', $tm_created, $ns_wsu);

// Recovering XML value from that object
$root->registerXPathNamespace('wsse', $ns_wsse);
$full = $root->xpath('/root/wsse:Security');
$auth = $full[0]->asXML();

return new SoapHeader($ns_wsse, 'Security', new SoapVar($auth, XSD_ANYXML), true);
}

My return using the above function:

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
               Id="Timestamp-28">
    <wsu:Created>2017-07-20T22:18:53Z</wsu:Created>
    <wsu:Expires>2017-07-20T22:21:53Z</wsu:Expires>
</wsu:Timestamp>
 <wsse:UsernameToken>
    <wsse:Username>XXXXXXXXXXXXXXXXXXX</wsse:Username>
    <wsse:Password
            Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
        XXXXXXXXXXXXXXXXXX
    </wsse:Password>
    <wsse:Nonce
            EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
        OTUxOTA4NDYz
    </wsse:Nonce>
    <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        2017-07-20T22:18:53Z
    </wsu:Created>
</wsse:UsernameToken>
</wsse:Security>

These two tokens need to be generated, but with this function they are not.

  • 写回答

1条回答 默认 最新

  • dougao7801 2017-07-22 12:20
    关注

    You should try usine the WsSecurity project from Github that handles this sort of thing by facilitating the soap header construction and its inclusion on your soap request

    评论

报告相同问题?

悬赏问题

  • ¥15 高价求中通快递查询接口
  • ¥15 解决一个加好友限制问题 或者有好的方案
  • ¥15 关于#java#的问题,请各位专家解答!
  • ¥15 急matlab编程仿真二阶震荡系统
  • ¥20 TEC-9的数据通路实验
  • ¥15 ue5 .3之前好好的现在只要是激活关卡就会崩溃
  • ¥50 MATLAB实现圆柱体容器内球形颗粒堆积
  • ¥15 python如何将动态的多个子列表,拼接后进行集合的交集
  • ¥20 vitis-ai量化基于pytorch框架下的yolov5模型
  • ¥15 如何实现H5在QQ平台上的二次分享卡片效果?