我正在尝试使用 node-soap 使用
WSSecurityCertwsunode-soapWSSecurityCert我的代码:
const client = await soap.createClientAsync(url);
const securityOptions = {
hasTimeStamp: true,
}
const wsSecurity = new soap.WSSecurityCert(PRIVATE_KEY, PUBLIC_CERT, '', securityOptions);
client.setSecurity(wsSecurity);
const result = await client.method(args);
生成的时间戳如下所示:
<Timestamp
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
Id="_1">
<Created>2024-05-08T13:20:09Z</Created>
<Expires>2024-05-08T13:30:09Z</Expires>
</Timestamp>
我需要使时间戳看起来像这样:
<wsu:Timestamp wsu:Id="TS-7C14BF4AA3E26845E015637928928701">
<wsu:Created>2024-05-08T13:20:09Z</wsu:Created>
<wsu:Expires>2024-05-08T13:25:09Z</wsu:Expires>
</wsu:Timestamp>
我尝试将
createdexpiressecurityOptions是否可以使用node-soap库来实现这一点而不需要分叉它?
我仍在评估这一点,如果我得出更确定的结论,我会稍后更新答案。
soap但是您可以做的一件事是将
hasTimestampwsu:Timestampconst options: IWSSecurityCertOptions = {
hasTimeStamp: false,
additionalReferences: [
'wsu:Timestamp',
'wsa:To',
],
signerOptions: {
prefix: 'ds',
attrs: { Id: 'Signature' },
existingPrefixes: {
wsse11: 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd',
},
},
};
const wsSecurity = new WSSecurityCert(privateKey, publicKey, password, options);
soapClient.setSecurity(wsSecurity);
然后,添加您自己的时间戳:
const expiry = '2100-05-08T00:00:00Z'; // TODO: compute this
soapClient.addSoapHeader((methodName, location, soapAction, args) => {
return `<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<wsu:Timestamp>
<wsu:Created>${new Date().toISOString()}</wsu:Created>
<wsu:Expires>${expiry}</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
`;
});
请注意,此处包含安全标头。这是有效的,因为
soap旁注:我必须为安全类编写如下所示的导入语句,不确定是否有更好的方法:
import { IWSSecurityCertOptions, WSSecurityCert } from 'soap/lib/security/WSSecurityCert';