我需要签署外发肥皂请求

时间:2016-07-12 15:37:40

标签: php soap ws-security wsse

我正在尝试发送签名的肥皂请求,但似乎遗漏了一些东西。

我尝试了wso2库,但是在使用php7.0的ubuntu 14.04上无法工作

然后我尝试了这个:https://github.com/LinioIT/wse-php但是一直在努力 ERR_025: Verification failure: No signature in the WS-Security message for the configured soap actor/role ""! in SoapClient->__call()

我在soapUI中对此进行了测试并使其正常工作,但无法将其转换为PHP

这是我的代码:

<?php
$wsdl = "/***/GeefOnderneming.wsdl";
$cafile = "/var/www/src/cert/CA_cat_inv.pem";
$location = "https://***.be/GeefOndernemingDienst-02.00";
$uri = "http://***.be";
$local_cert = "/var/www/src/cert/cert_priv_pub.pem";
$soap = new SoapWsController($wsdl, [
  'local_cert' => $local_cert,
  'cafile' => $cafile,
  'location' => $location,
  'uri' => $uri,
  'connection_timeout' => 10,
]);
$theResponse = $soap->geefOnderneming(
  $payload
);

SoapWsController从默认的SoapClient扩展: 我不确定定义是否正确,我已经尝试了很多选择     

namespace Drupal\vlaio_dossiers\Controller;

use DOMDocument;
use SoapClient;
use XMLSecurity\WSSESoap;
use XMLSecurity\XMLSecurityKey;

define('PRIVATE_KEY', '/***/key_ecc_private.pem');
define('SERVICE_CERT', '/***/cert_priv_pub.pem'); 
define('CERT_FILE', '/***/certificate.pem');

class SoapWsController extends SoapClient {
  public function __doRequest($request, $location, $saction, $version,$one_way = NULL)
  {
  $doc = new DOMDocument('1.0');
  $doc->loadXML($request);

  $objWSSE = new WSSESoap($doc);

  /* add Timestamp with no expiration timestamp */
  $objWSSE->addTimestamp();

  /* create new XMLSec Key using AES256_CBC and type is private key */
  $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));

  /* load the private key from file - last arg is bool if key in file (true) or is string (false) */
  $objKey->loadKey(PRIVATE_KEY, true);

  /* Sign the message - also signs appropiate WS-Security items */
  $options = array("insertBefore" => false);
  $objWSSE->signSoapDoc($objKey, $options);

  /* Add certificate (BinarySecurityToken) to the message */
  $token = $objWSSE->addBinaryToken(file_get_contents(CERT_FILE));

  /* Attach pointer to Signature */
  $objWSSE->attachTokentoSig($token);

  $objKey = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
  $objKey->generateSessionKey();

  $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type' => 'public'));
  $siteKey->loadKey(SERVICE_CERT, true, true);

  $options = array("KeyInfo" => array("X509SubjectKeyIdentifier" => true));
  $objWSSE->encryptSoapDoc($siteKey, $objKey, $options);

  $retVal = parent::__doRequest($objWSSE->saveXML(), $location, $saction, $version);

  $doc = new DOMDocument();
  $doc->loadXML($retVal);

  $options = array("keys" => array("private" => array("key" => PRIVATE_KEY, "isFile" => true, "isCert" => false)));
  $objWSSE->decryptSoapDoc($doc, $options);

  return $doc->saveXML();
  }
}

1 个答案:

答案 0 :(得分:0)

我和你的问题类似。 我最后使用https://github.com/robrichards/xmlseclibs来解决它。 请确保您使用的是最新版本的xmlseclibs。