使用PHP和SOAP生成Web服务令牌头

时间:2017-07-20 22:35:05

标签: php web-services soap

我试图从要求身份验证的Web服务中使用服务,但我无法生成Timestamp和UsernameToken。 

<wsu:Timestamp wsu:Id="TS-1C1ABE5282FC96252314981531909334">
<wsse:UsernameToken wsu:Id="UsernameToken-1C1ABE5282FC96252314981531792593">

发送Corret:

<soapenv:Header>
  <wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"

xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
     <wsu:Timestamp wsu:Id="TS-1C1ABE5282FC96252314981531909334">
        <wsu:Created>2017-07-20T22:07:01.999Z</wsu:Created>
        <wsu:Expires>2017-07-20T22:10:01.999Z</wsu:Expires>
     </wsu:Timestamp>
     <wsse:UsernameToken wsu:Id="UsernameToken-1C1ABE5282FC96252314981531792593">
        <wsse:Username>xxxxxxxxxxxxx</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">nrg2241zhN8HMAn1bg7OLCL/6eM=</wsse:Password>
        <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">ODgwODIzNDMz</wsse:Nonce>
        <wsu:Created>2017-07-20T22:07:01.999Z</wsu:Created>
     </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>

我使用以下功能:

/**
 * This function implements a WS-Security authentication for PHP.
 *
 * @access private
 * @param string $user
 * @param string $password
 * @return SoapHeader
 */
function soapClientWSSecurityHeader($user, $password)
{
// Creating date using yyyy-mm-ddThh:mm:ssZ format
$tm_created = gmdate('Y-m-d\TH:i:s\Z');
$tm_expires = gmdate('Y-m-d\TH:i:s\Z', gmdate('U') + 180); //only necessary if using the timestamp element

// Generating and encoding a random number
$simple_nonce = mt_rand();
$encoded_nonce = base64_encode($simple_nonce);

// Compiling WSS string
$passdigest = base64_encode(sha1($simple_nonce . $tm_created . $password, true));

// Initializing namespaces
$ns_wsse = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
$ns_wsu = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
$password_type = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText';
$encoding_type = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary';

// Creating WSS identification header using SimpleXML
$root = new SimpleXMLElement('<root/>');

$security = $root->addChild('wsse:Security', null, $ns_wsse);

//the timestamp element is not required by all servers
$timestamp = $security->addChild('wsu:Timestamp', null, $ns_wsu);
$timestamp->addAttribute('wsu:Id', 'Timestamp-28');
$timestamp->addChild('wsu:Created', $tm_created, $ns_wsu);
$timestamp->addChild('wsu:Expires', $tm_expires, $ns_wsu);

$usernameToken = $security->addChild('wsse:UsernameToken', null, $ns_wsse);
$usernameToken->addChild('wsse:Username', $user, $ns_wsse);
$usernameToken->addChild('wsse:Password', $password, $ns_wsse)->addAttribute('Type', $password_type);
$usernameToken->addChild('wsse:Nonce', $encoded_nonce, $ns_wsse)->addAttribute('EncodingType', $encoding_type);
$usernameToken->addChild('wsu:Created', $tm_created, $ns_wsu);

// Recovering XML value from that object
$root->registerXPathNamespace('wsse', $ns_wsse);
$full = $root->xpath('/root/wsse:Security');
$auth = $full[0]->asXML();

return new SoapHeader($ns_wsse, 'Security', new SoapVar($auth, XSD_ANYXML), true);
}

使用上述功能返回:

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
               Id="Timestamp-28">
    <wsu:Created>2017-07-20T22:18:53Z</wsu:Created>
    <wsu:Expires>2017-07-20T22:21:53Z</wsu:Expires>
</wsu:Timestamp>
 <wsse:UsernameToken>
    <wsse:Username>XXXXXXXXXXXXXXXXXXX</wsse:Username>
    <wsse:Password
            Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
        XXXXXXXXXXXXXXXXXX
    </wsse:Password>
    <wsse:Nonce
            EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
        OTUxOTA4NDYz
    </wsse:Nonce>
    <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        2017-07-20T22:18:53Z
    </wsu:Created>
</wsse:UsernameToken>
</wsse:Security>

需要生成这两个令牌,但是使用此功能它们不是。

1 个答案:

答案 0 :(得分:0)

您应该尝试从Github使用WsSecurity项目来处理这类事情,方法是促进肥皂头构造并将其包含在您的肥皂请求中

相关问题
最新问题