Cadoles
/
BeSimpleSoap
20
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

add BinarySecurityToken resolving to key resolver

This commit is contained in:
Andreas Schamberger 2013-08-20 22:14:27 +02:00
parent 1cde22d8bb
commit 9bc9410172
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/BeSimple/SoapClient/WsSecurityFilter.php
View File

@ -15,6 +15,7 @@ namespace BeSimple\SoapClient;
use ass\XmlSecurity\DSig as XmlSecurityDSig; use ass\XmlSecurity\DSig as XmlSecurityDSig;
use ass\XmlSecurity\Enc as XmlSecurityEnc; use ass\XmlSecurity\Enc as XmlSecurityEnc;
use ass\XmlSecurity\Key as XmlSecurityKey; use ass\XmlSecurity\Key as XmlSecurityKey;
use ass\XmlSecurity\Pem as XmlSecurityPem;
use BeSimple\SoapCommon\FilterHelper; use BeSimple\SoapCommon\FilterHelper;
use BeSimple\SoapCommon\Helper; use BeSimple\SoapCommon\Helper;
@ -390,10 +391,8 @@ class WsSecurityFilter implements SoapRequestFilter, SoapResponseFilter
$security = $dom->getElementsByTagNameNS(Helper::NS_WSS, 'Security')->item(0); $security = $dom->getElementsByTagNameNS(Helper::NS_WSS, 'Security')->item(0);
if (null !== $security) { if (null !== $security) {
// add SecurityTokenReference resolver for KeyInfo // add SecurityTokenReference resolver for KeyInfo
if (null !== $this->serviceSecurityKey) { $keyResolver = array($this, 'keyInfoSecurityTokenReferenceResolver');
$keyResolver = array($this, 'keyInfoSecurityTokenReferenceResolver'); XmlSecurityDSig::addKeyInfoResolver(Helper::NS_WSS, 'SecurityTokenReference', $keyResolver);
XmlSecurityDSig::addKeyInfoResolver(Helper::NS_WSS, 'SecurityTokenReference', $keyResolver);
}
// do we have a reference list in header // do we have a reference list in header
$referenceList = XmlSecurityEnc::locateReferenceList($security); $referenceList = XmlSecurityEnc::locateReferenceList($security);
// get a list of encrypted nodes // get a list of encrypted nodes
@ -420,6 +419,8 @@ class WsSecurityFilter implements SoapRequestFilter, SoapResponseFilter
throw new \SoapFault('wsse:FailedCheck', 'The signature or decryption was invalid'); throw new \SoapFault('wsse:FailedCheck', 'The signature or decryption was invalid');
} }
} }
$security->parentNode->removeChild($security);
} }
} }
@ -567,6 +568,12 @@ class WsSecurityFilter implements SoapRequestFilter, SoapResponseFilter
$key = XmlSecurityEnc::decryptEncryptedKey($referencedNode, $this->userSecurityKey->getPrivateKey()); $key = XmlSecurityEnc::decryptEncryptedKey($referencedNode, $this->userSecurityKey->getPrivateKey());
return XmlSecurityKey::factory($algorithm, $key, false, XmlSecurityKey::TYPE_PRIVATE); return XmlSecurityKey::factory($algorithm, $key, false, XmlSecurityKey::TYPE_PRIVATE);
} elseif (Helper::NS_WSS === $referencedNode->namespaceURI
&& 'BinarySecurityToken' == $referencedNode->localName) {
$key = XmlSecurityPem::formatKeyInPemFormat($referencedNode->textContent);
return XmlSecurityKey::factory(XmlSecurityKey::RSA_SHA1, $key, false, XmlSecurityKey::TYPE_PUBLIC);
} else { } else {
//$valueType = $key->getAttribute('ValueType'); //$valueType = $key->getAttribute('ValueType');