|
1
|
|
|
<?php |
|
2
|
|
|
namespace GoetasWebservices\SoapServices\SoapClient\WssWsSecurity; |
|
3
|
|
|
|
|
4
|
|
|
use GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Secext\AttributedStringType; |
|
5
|
|
|
use GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Secext\Nonce; |
|
6
|
|
|
use GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Secext\Password; |
|
7
|
|
|
use GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Secext\Security as SecextSecurity; |
|
8
|
|
|
use GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Secext\UsernameToken; |
|
9
|
|
|
use GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Utility\Created; |
|
10
|
|
|
use GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Utility\Expires; |
|
11
|
|
|
use GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Utility\Timestamp; |
|
12
|
|
|
use JMS\Serializer\GraphNavigator; |
|
13
|
|
|
use JMS\Serializer\Handler\SubscribingHandlerInterface; |
|
14
|
|
|
use JMS\Serializer\SerializationContext; |
|
15
|
|
|
use JMS\Serializer\XmlSerializationVisitor; |
|
16
|
|
|
|
|
17
|
|
|
class WssSecurityHeaderHandler implements SubscribingHandlerInterface |
|
18
|
|
|
{ |
|
19
|
|
|
const WSS_UTP = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0'; |
|
20
|
|
|
const DATETIME_FORMAT = 'Y-m-d\TH:i:s.000\Z'; |
|
21
|
|
|
|
|
22
|
|
|
protected $nonce; |
|
23
|
|
|
|
|
24
|
|
|
public static function getSubscribingMethods() |
|
25
|
|
|
{ |
|
26
|
|
|
return array( |
|
27
|
|
|
array( |
|
28
|
|
|
'direction' => GraphNavigator::DIRECTION_SERIALIZATION, |
|
29
|
|
|
'format' => 'xml', |
|
30
|
|
|
'type' => Security::class, |
|
31
|
|
|
'method' => 'serializeHeader' |
|
32
|
|
|
) |
|
33
|
|
|
); |
|
34
|
|
|
} |
|
35
|
|
|
|
|
36
|
|
|
public function setNonce($nonce) |
|
37
|
|
|
{ |
|
38
|
|
|
$this->nonce = $nonce; |
|
39
|
|
|
} |
|
40
|
|
|
|
|
41
|
|
|
public function serializeHeader(XmlSerializationVisitor $visitor, Security $data, array $type, SerializationContext $context) |
|
|
|
|
|
|
42
|
|
|
{ |
|
43
|
|
|
$dt = $data->getTimestamp() ?: new \DateTime('now', new \DateTimeZone('UTC')); |
|
44
|
|
|
$security = new SecextSecurity(); |
|
45
|
|
|
|
|
46
|
|
|
if ($data->isAddTimestamp() || $data->getExpires() > 0) { |
|
47
|
|
|
$security->addToAnyElement($this->handleTimestamp($data, $dt)); |
|
48
|
|
|
} |
|
49
|
|
|
if (null !== $data->getUsername()) { |
|
50
|
|
|
$security->addToAnyElement($this->handleUsername($data, $dt)); |
|
51
|
|
|
} |
|
52
|
|
|
$context->getNavigator()->accept($security, null, $context); |
|
53
|
|
|
} |
|
54
|
|
|
|
|
55
|
|
|
/** |
|
56
|
|
|
* @param \GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Security $data |
|
57
|
|
|
* @param \DateTime $dt |
|
58
|
|
|
* @return UsernameToken |
|
59
|
|
|
*/ |
|
60
|
|
|
private function handleUsername(Security $data, \DateTime $dt) |
|
61
|
|
|
{ |
|
62
|
|
|
$usernameToken = new UsernameToken(); |
|
63
|
|
|
$usernameToken->setUsername(new AttributedStringType($data->getUsername())); |
|
64
|
|
|
|
|
65
|
|
|
if (null !== $data->getPassword()) { |
|
66
|
|
|
|
|
67
|
|
|
if (Security::PASSWORD_TYPE_DIGEST === $data->getPasswordType()) { |
|
68
|
|
|
$nonce = $this->nonce ?: mt_rand(); |
|
69
|
|
|
$password = base64_encode(sha1($nonce . $dt->format(self::DATETIME_FORMAT) . $data->getPassword(), true)); |
|
70
|
|
|
$passwordType = self::WSS_UTP . '#PasswordDigest'; |
|
71
|
|
|
|
|
72
|
|
|
$usernameToken->addToAnyElement(new Nonce(base64_encode($nonce))); |
|
73
|
|
|
$usernameToken->addToAnyElement(new Created($dt->format(self::DATETIME_FORMAT))); |
|
74
|
|
|
|
|
75
|
|
|
} else { |
|
76
|
|
|
$password = $data->getPassword(); |
|
77
|
|
|
$passwordType = self::WSS_UTP . '#PasswordText'; |
|
78
|
|
|
} |
|
79
|
|
|
|
|
80
|
|
|
$passwordItem = new Password($password); |
|
81
|
|
|
$passwordItem->setType($passwordType); |
|
82
|
|
|
|
|
83
|
|
|
$usernameToken->addToAnyElement($passwordItem); |
|
84
|
|
|
} |
|
85
|
|
|
return $usernameToken; |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
/** |
|
89
|
|
|
* @param \GoetasWebservices\SoapServices\SoapClient\WssWsSecurity\Security $data |
|
90
|
|
|
* @param \DateTime $dt |
|
91
|
|
|
* @return Timestamp |
|
92
|
|
|
*/ |
|
93
|
|
|
private function handleTimestamp(Security $data, \DateTime $dt) |
|
94
|
|
|
{ |
|
95
|
|
|
$timestamp = new Timestamp(); |
|
96
|
|
|
|
|
97
|
|
|
$timestamp->setCreated(new Created($dt->format(self::DATETIME_FORMAT))); |
|
98
|
|
|
|
|
99
|
|
|
if ($data->getExpires() > 0) { |
|
100
|
|
|
$expireDate = clone $dt; |
|
101
|
|
|
$expireDate->modify('+' . $data->getExpires() . ' seconds'); |
|
102
|
|
|
|
|
103
|
|
|
$timestamp->setExpires(new Expires($expireDate->format(self::DATETIME_FORMAT))); |
|
104
|
|
|
} |
|
105
|
|
|
return $timestamp; |
|
106
|
|
|
} |
|
107
|
|
|
} |
|
108
|
|
|
|
goetas-webservices /
soap-client
Loading history...
This check looks from parameters that have been defined for a function or method, but which are not used in the method body.