使用Strongloop Loopback SOAP连接器配置SOAP标头

Question

我正在尝试使用Loopback SOAP连接器通过SOAP头元素连接到实现其WS安全性的SOAP Web服务。

不幸的是，有关如何配置连接器的soap标头选项的文档很少。

如果您可以通过指示如何构建soap标头以便Web服务成功进行身份验证，那将非常感激。

var loopback = require('loopback');
var path = require('path');

var app = module.exports = loopback();

app.set('restApiRoot', '/api');

var myHeader =  {
      Security:
      {      
        UsernameToken:{      
          Username: "Staging Integration Store 3",
          Password: "WSAUFbw6"
        } 
      }
    };

var ds = loopback.createDataSource('soap',
  {
    connector: require('../index'),
/*    security: {
    scheme: 'wsse',
    created: null,
    username: "Staging Integration Store 3",
    password: "WSAUFbw6",
    passwordType: 'PasswordText'
    
    }, */
    soapHeaders: [{
    element: myHeader, // The XML element in JSON object format
    prefix: 'wsse', // The XML namespace prefix for the header
    namespace: 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' // The XML namespace URI for the header
    }],
    remotingEnabled: true,
    // wsdl: 'https://staging.payu.co.za/service/PayUAPI?wsdl' // The url to WSDL
    wsdl: path.join(__dirname, './PayUAPI.wsdl')
  });

// Unfortunately, the methods from the connector are mixed in asynchronously
// This is a hack to wait for the methods to be injected
ds.once('connected', function () {

  // Create the model
  // var WeatherService = ds.createModel('WeatherService', {});
  var RedirectPaymentService = ds.createModel('RedirectPaymentService', {});

  // Refine the methods
  RedirectPaymentService.payments = function (api,safekey,transactiontype,additionalInfo,customer,basket,cb) {

    RedirectPaymentService.setTransaction({Api: api,Safekey: safekey,TransactionType: transactiontype,AdditionalInformation: additionalInfo,Customer: customer,Basket: basket}, function (err, response) {
      console.log('SetTransaction: %j', response);
      var result = (!err && response.return.successful.localCompare("true") == 0) ?        
        response.return.payuReference : response.return.resultMessage;
      cb(err, result);
    });
  };

响应：

SetTransaction: {"statusCode":500,"body":"<soap:Envelope xmlns:soap=\"http://sch
emas.xmlsoap.org/soap/envelope/\"><soap:Body><soap:Fault><faultcode xmlns:ns1=\"
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xs
d\">ns1:InvalidSecurityToken</faultcode><faultstring>An invalid security token w
as provided (An error happened processing a Username Token)</faultstring></soap:
Fault></soap:Body></soap:Envelope>","headers":{"date":"Tue, 17 Nov 2015 12:15:17
 GMT","server":"Apache/2.4.12 (Win64) OpenSSL/1.0.2a mod_jk/1.2.40","x-distribut
ed-by":"AHC","content-length":"388","connection":"close","content-type":"text/xm
l;charset=UTF-8"},"request":{"uri":{"protocol":"https:","slashes":true,"auth":nu
ll,"host":"staging.payu.co.za","port":443,"hostname":"staging.payu.co.za","hash"
:null,"search":null,"query":null,"pathname":"/service/PayUAPI","path":"/service/
PayUAPI","href":"https://staging.payu.co.za/service/PayUAPI"},"method":"POST","h
eaders":{"User-Agent":"loopback-connector-soap/2.3.0","Accept":"text/html,applic
ation/xhtml+xml,application/xml,text/xml;q=0.9,*/*;q=0.8","Accept-Encoding":"non
e","Accept-Charset":"utf-8","Connection":"close","Host":"staging.payu.co.za","Co
ntent-Length":1128,"Content-Type":"text/xml; charset=utf-8","SOAPAction":"\"\""}
}}
events.js:141

由于

Answer 1

在datasources.json中设置安全性有效，但您可能不想在那里保存用户名和密码。 有几种选择： 1）你可以使用add a vairable，它可以从config.json中提取并嵌入到datasources.json中  像这样：＆＃34;安全＆＃34;：$ {security}。 变量安全性在config.env.json中定义。

2）在模型中，例如，如果您有产品型号，那么您可以使用以下内容： Product.datasources.settings.security = {＆＃39; scheme＆＃39;：＆＃39; WS＆＃39;，＆＃39;用户名＆＃39;：＆＃39; abc＆＃39; ....} < / p>

Answer 2

我设法通过使用连接器的安全选项解决了这个问题，该选项创建了相关的SOAP Security标头，前提是提供了相关数据。

＆＃13;

＆＃13;

    security: {
    scheme: 'WS',
    username: "Staging Integration Store 3",
    password: "WSAUFbw6",
    passwordType: 'PasswordText'
    
    },

＆＃13;

＆＃13;

＆＃13;

XML转换

<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsu:Timestamp wsu:Id="Timestamp-2015-11-20T08:00:46Z">
        <wsu:Created>2015-11-20T08:00:46Z</wsu:Created>
        <wsu:Expires>2015-11-20T08:10:46Z</wsu:Expires>
    </wsu:Timestamp>
    <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-2015-11-20T08:00:46Z">
        <wsse:Username>Staging Integration Store 3</wsse:Username>
        <wsse:Password>WSAUFbw6</wsse:Password>
        <wsu:Created>2015-11-20T08:00:46Z</wsu:Created>
    </wsse:UsernameToken>
</wsse:Security>