如何更改node-soap时间戳持续时间和前缀?

问题描述 投票:0回答:1

我正在尝试使用 node-soap 使用

WSSecurityCert
来使用 SOAP 服务。该服务要求我设置时间戳,使 SOAP 请求的有效期为 5 分钟并带有
wsu
前缀。
node-soap
库的“硬编码”有效期为 10 分钟,没有明显的方法可以覆盖它。我不知道如何或是否可以在发送之前修改时间戳,因为
WSSecurityCert
签名可能会失效。

我的代码:

const client = await soap.createClientAsync(url);

const securityOptions = {
  hasTimeStamp: true,
}

const wsSecurity = new soap.WSSecurityCert(PRIVATE_KEY, PUBLIC_CERT, '', securityOptions);

client.setSecurity(wsSecurity);

const result = await client.method(args);

生成的时间戳如下所示:

<Timestamp
  xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
  Id="_1">
  <Created>2024-05-08T13:20:09Z</Created>
  <Expires>2024-05-08T13:30:09Z</Expires>
</Timestamp>

我需要使时间戳看起来像这样:

<wsu:Timestamp wsu:Id="TS-7C14BF4AA3E26845E015637928928701">
  <wsu:Created>2024-05-08T13:20:09Z</wsu:Created>
  <wsu:Expires>2024-05-08T13:25:09Z</wsu:Expires>
</wsu:Timestamp>

我尝试将

created
expires
添加到
securityOptions
,但无济于事。

是否可以使用node-soap库来实现这一点而不需要分叉它?

node.js soap ws-security node-soap
1个回答
0
投票

我仍在评估这一点,如果我得出更确定的结论,我会稍后更新答案。

soap
不提供任何自定义时间戳标头的方法,请参阅硬编码行:https://github.com/vpulim/node-soap/blob/master/src/security/WSSecurityCert.ts#L124 .

但是您可以做的一件事是将

hasTimestamp
设置为 false,并使用您自己对
wsu:Timestamp
的签名引用:

const options: IWSSecurityCertOptions = {
  hasTimeStamp: false,
  additionalReferences: [
    'wsu:Timestamp',
    'wsa:To',
  ],
  signerOptions: {
    prefix: 'ds',
    attrs: { Id: 'Signature' },
    existingPrefixes: {
      wsse11: 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd',
    },
  },
};
const wsSecurity = new WSSecurityCert(privateKey, publicKey, password, options);
soapClient.setSecurity(wsSecurity);

然后,添加您自己的时间戳:

const expiry = '2100-05-08T00:00:00Z'; // TODO: compute this
soapClient.addSoapHeader((methodName, location, soapAction, args) => {
  return `<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
    <wsu:Timestamp>
      <wsu:Created>${new Date().toISOString()}</wsu:Created>
      <wsu:Expires>${expiry}</wsu:Expires>
    </wsu:Timestamp>
  </wsse:Security>
  `;
});

请注意,此处包含安全标头。这是有效的,因为

soap
中有逻辑可以进行相应调整,请参阅 https://github.com/vpulim/node-soap/blob/master/src/security/WSSecurityCert.ts#L141

旁注:我必须为安全类编写如下所示的导入语句,不确定是否有更好的方法:

import { IWSSecurityCertOptions, WSSecurityCert } from 'soap/lib/security/WSSecurityCert';
© www.soinside.com 2019 - 2024. All rights reserved.