soap - npm Package Compare versions

Comparing version 0.29.0 to 0.30.0

History.md

		@@ -0,1 +1,11 @@
		0.30.0 / 2019-10-16
		===================

		* [ENHANCEMENT] Allow a fixed file path for local includes (#1089)
		* [ENHANCEMENT] New XML Signing Options, extra tags to sign and small bug fix (#1091)
		* [ENHANCEMENT] added forceMTOM option and updated the Readme (#1086)
		* [FIX] Added undefined check in WSDL.processAttributes (#1090)
		* [FIX] Fixes bug where methodName would not be included in the response event (#1087)
		* [FIX] fixed MTOM removing soap12header (#1084)

		0.29.0 / 2019-07-26
		@@ -2,0 +12,0 @@ ===================

lib/client.js

		@@ -344,3 +344,3 @@ "use strict";
		}
		}).join('\n');
		}).join(' ');
		}
		@@ -347,0 +347,0 @@ xml = '<?xml version="1.0" encoding="utf-8"?>' +

lib/http.js

		@@ -53,3 +53,3 @@ "use strict";
		var attachments = exoptions.attachments \|\| [];
		if (typeof data === 'string' && attachments.length === 0) {
		if (typeof data === 'string' && attachments.length === 0 && !exoptions.forceMTOM) {
		headers['Content-Length'] = Buffer.byteLength(data, 'utf8');
		@@ -68,6 +68,18 @@ headers['Content-Type'] = 'application/x-www-form-urlencoded';
		};
		if (attachments.length > 0) {
		if (exoptions.forceMTOM \|\| attachments.length > 0) {
		var start = uuid();
		var action = null;
		if (headers['Content-Type'].indexOf('action') > -1) {
		for (var _i = 0, _a = headers['Content-Type'].split('; '); _i < _a.length; _i++) {
		var ct = _a[_i];
		if (ct.indexOf('action') > -1) {
		action = ct;
		}
		}
		}
		headers['Content-Type'] =
		'multipart/related; type="application/xop+xml"; start="<' + start + '>"; start-info="text/xml"; boundary=' + uuid();
		if (action) {
		headers['Content-Type'] = headers['Content-Type'] + '; ' + action;
		}
		var multipart_1 = [{
		@@ -74,0 +86,0 @@ 'Content-Type': 'application/xop+xml; charset=UTF-8; type="text/xml"',

lib/security/WSSecurityCert.d.ts

		@@ -6,5 +6,10 @@ import { ISecurity } from '../types';
		signatureAlgorithm?: string;
		additionalReferences?: string[];
		signerOptions?: IXmlSignerOptions;
		}
		export interface IXmlSignerOptions {
		prefix?: string;
		attrs?: {
		[key: string]: string;
		};
		existingPrefixes?: {
		@@ -23,4 +28,5 @@ [key: string]: string;
		private expires;
		private additionalReferences;
		constructor(privatePEM: any, publicP12PEM: any, password: any, options?: IWSSecurityCertOptions);
		postProcess(xml: any, envelopeKey: any): string;
		}

lib/security/WSSecurityCert.js

		@@ -31,2 +31,3 @@ "use strict";
		this.signerOptions = {};
		this.additionalReferences = [];
		this.publicP12PEM = publicP12PEM.toString()
		@@ -41,4 +42,18 @@ .replace('-----BEGIN CERTIFICATE-----', '')
		}
		this.signerOptions = (options.signerOptions) ? this.signerOptions = options.signerOptions
		: this.signerOptions = { existingPrefixes: { wsse: oasisBaseUri + "/oasis-200401-wss-wssecurity-secext-1.0.xsd" } };
		if (options.additionalReferences && options.additionalReferences.length > 0) {
		this.additionalReferences = options.additionalReferences;
		}
		if (options.signerOptions) {
		var signerOptions = options.signerOptions;
		this.signerOptions = signerOptions;
		if (!this.signerOptions.existingPrefixes) {
		this.signerOptions.existingPrefixes = {};
		}
		if (this.signerOptions.existingPrefixes && !this.signerOptions.existingPrefixes.wsse) {
		this.signerOptions.existingPrefixes.wsse = oasisBaseUri + "/oasis-200401-wss-wssecurity-secext-1.0.xsd";
		}
		}
		else {
		this.signerOptions = { existingPrefixes: { wsse: oasisBaseUri + "/oasis-200401-wss-wssecurity-secext-1.0.xsd" } };
		}
		this.signer.signingKey = {
		@@ -85,2 +100,13 @@ key: privatePEM,
		}
		var _loop_1 = function (name_1) {
		var xpath = "//*[name(.)='" + name_1 + "']";
		if (!(this_1.signer.references.filter(function (ref) { return (ref.xpath === xpath); }).length > 0)) {
		this_1.signer.addReference(xpath, references);
		}
		};
		var this_1 = this;
		for (var _i = 0, _a = this.additionalReferences; _i < _a.length; _i++) {
		var name_1 = _a[_i];
		_loop_1(name_1);
		}
		var timestampXpath = "//[name(.)='wsse:Security']/[local-name(.)='Timestamp']";
		@@ -87,0 +113,0 @@ if (this.hasTimeStamp && !(this.signer.references.filter(function (ref) { return (ref.xpath === timestampXpath); }).length > 0)) {

lib/server.js

		@@ -317,2 +317,3 @@ "use strict";
		}
		methodName = pair.methodName;
		_this_1._executeMethod({
		@@ -319,0 +320,0 @@ serviceName: serviceName,

lib/wsdl/index.js

		@@ -863,3 +863,3 @@ "use strict";
		var attr = '';
		if (child === null) {
		if (child === null \|\| child === undefined) {
		child = [];
		@@ -1062,3 +1062,9 @@ }
		if (!/^https?:/i.test(this.uri) && !/^https?:/i.test(include.location)) {
		includePath = path.resolve(path.dirname(this.uri), include.location);
		var isFixed = (this.options.wsdl_options !== undefined && this.options.wsdl_options.hasOwnProperty('fixedPath')) ? this.options.wsdl_options.fixedPath : false;
		if (isFixed) {
		includePath = path.resolve(path.dirname(this.uri), path.parse(include.location).base);
		}
		else {
		includePath = path.resolve(path.dirname(this.uri), include.location);
		}
		}
		@@ -1065,0 +1071,0 @@ else {

package.json

		{
		"name": "soap",
		"version": "0.29.0",
		"version": "0.30.0",
		"description": "A minimal node SOAP client",
		@@ -5,0 +5,0 @@ "engines": {

184

Readme.md

		@@ -503,2 +503,15 @@ # Soap [![NPM version][npm-image]][npm-url] [![Downloads][downloads-image]][npm-url] [![Build Status][travis-image]][travis-url] [![Coveralls Status][coveralls-image]][coveralls-url] [![Gitter chat][gitter-image]][gitter-url]
		* `forever`: Enables keep-alive connections and pools them
		* `attachments`: array of attachment objects. This converts the request into MTOM: _headers['Content-Type']='multipart/related; type="application/xop+xml"; start= ... '_
		```
		[{
		mimetype: content mimetype,
		contentId: part id,
		name: file name,
		body: binary data
		},
		...
		]
		```
		* `forceMTOM`: set to True if you want to send the request as MTOM even if you don't have attachments


		@@ -855,2 +868,16 @@ ### Client.methodAsync(args) - call method on the SOAP service.
		var password = ''; // optional password
		var options = {
		hasTimeStamp: true,
		additionalReferences: [
		'wsa:Action',
		'wsa:ReplyTo',
		'wsa:To',
		],
		signerOptions: {
		prefix: 'ds',
		attrs: { Id: 'Signature' },
		existingPrefixes: {
		wsse: 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd',
		}
		}
		var wsSecurity = new soap.WSSecurityCert(privateKey, publicKey, password, options);
		@@ -860,9 +887,141 @@ client.setSecurity(wsSecurity);

		the `options` object is optional and can contain the following properties:
		* `hasTimeStamp`: adds Timestamp element (default: `true`)
		The `options` object is optional and can contain the following properties:
		* `hasTimeStamp`: Includes Timestamp tags (default: `true`)
		* `signatureTransformations`: sets the Reference Transforms Algorithm (default ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#']). Type is a string array
		* `signatureAlgorithm`: set to `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` to use sha256
		* `signerOptions`: passed options to the XML Signer package - from (https://github.com/yaronn/xml-crypto)
		* `existingPrefixes`: A hash of prefixes and namespaces prefix: namespace that shouldn't be in the signature because they already exist in the xml (default: `{ 'wsse': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' }`)
		* `additionalReferences` : (optional) Array of Soap headers that need to be signed. This need to be added using `client.addSoapHeader('header')`
		* `signerOptions`: (optional) passes options to the XML Signer package - from (https://github.com/yaronn/xml-crypto)
		* `existingPrefixes`: (optional) A hash of prefixes and namespaces prefix: namespace that shouldn't be in the signature because they already exist in the xml (default: `{ 'wsse': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' }`)
		* `prefix`: (optional) Adds this value as a prefix for the generated signature tags.
		* `attrs`: (optional) A hash of attributes and values attrName: value to add to the signature root node

		#### Option examples

		`hasTimeStamp:true`

		``` xml
		<soap:Header>
		<wsse:Security soap:mustUnderstand="1">
		<wsse:BinarySecurityToken>XXX</wsse:BinarySecurityToken>
		<!-- The Timestamp group of tags are added and signed -->
		<Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Id="Timestamp">
		<Created>2019-10-01T08:17:50Z</Created>
		<Expires>2019-10-01T08:27:50Z</Expires>
		</Timestamp>
		<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
		<SignedInfo>
		...
		<Reference URI="#Timestamp">
		<Transforms>
		<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
		<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
		</Transforms>
		<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
		<DigestValue>XyZ=</DigestValue>
		</Reference>
		</SignedInfo>
		</Signature>
		</wsse:Security>
		</soap:Header>
		```

		`additionalReferences: ['To']`
		``` XML
		<soap:Header>
		<To Id="To">localhost.com</To>
		<wsse:Security soap:mustUnderstand="1">
		<wsse:BinarySecurityToken>XXX</wsse:BinarySecurityToken>
		<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
		<SignedInfo>
		<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
		<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
		<!-- The "To" tag is signed and added as a reference -->
		<Reference URI="#To">
		<Transforms>
		<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
		<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
		</Transforms>
		<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
		<DigestValue>XYZ</DigestValue>
		</Reference>
		</SignedInfo>
		<SignatureValue>
		Rf6M4F4puQuQHJIPtJz1CZIVvF3qOdpEEcuAiooWkX5ecnAHSf3RW3sOIzFUWW7VOOncJcts/3xr8DuN4+8Wm9hx1MoOcWJ6kyRIdVNbQWLseIcAhxYCntRY57T2TBXzpb0UPA56pry1+TEcnIQXhdIzG5YT+tTVTp+SZHHcnlP5Y+yqnIOH9wzgRvAovbydTYPCODF7Ana9K/7CSGDe7vpVT85CUYUcJE4DfTxaRa9gKkKrBdPN9vFVi0WfxtMF4kv23cZRCZzS5+CoLfPlx3mq65gVXsqH01RLbktNJq9VaQKcZUgapmUCMzrYhqyzUQJ8HrSHqe+ya2GsjlB0VQ==
		</SignatureValue>
		<KeyInfo>
		<wsse:SecurityTokenReference
		xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
		<wsse:Reference URI="#x509-c5c0d213676f4a6ba5e6fa58074eb57a"
		ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
		</wsse:SecurityTokenReference>
		</KeyInfo>
		</Signature>
		</wsse:Security>
		</soap:Header>
		```

		`signerOptions.prefix:'ds'`

		``` XML
		<soap:Header>
		<To Id="To">localhost.com</To>
		<wsse:Security soap:mustUnderstand="1">
		<wsse:BinarySecurityToken>XXX</wsse:BinarySecurityToken>
		<!-- Signature and children tags are given the prefix defined. -->
		<ds:Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
		<ds:SignedInfo>
		<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
		<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
		<ds:Reference URI="#To">
		<ds:Transforms>
		<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
		<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
		</ds:Transforms>
		<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
		<ds:DigestValue>XYZ</DigestValue>
		</ds:Reference>
		</ds:SignedInfo>
		<ds:SignatureValue>
		Rf6M4F4puQuQHJIPtJz1CZIVvF3qOdpEEcuAiooWkX5ecnAHSf3RW3sOIzFUWW7VOOncJcts/3xr8DuN4+8Wm9hx1MoOcWJ6kyRIdVNbQWLseIcAhxYCntRY57T2TBXzpb0UPA56pry1+TEcnIQXhdIzG5YT+tTVTp+SZHHcnlP5Y+yqnIOH9wzgRvAovbydTYPCODF7Ana9K/7CSGDe7vpVT85CUYUcJE4DfTxaRa9gKkKrBdPN9vFVi0WfxtMF4kv23cZRCZzS5+CoLfPlx3mq65gVXsqH01RLbktNJq9VaQKcZUgapmUCMzrYhqyzUQJ8HrSHqe+ya2GsjlB0VQ==
		</ds:SignatureValue>
		<ds:KeyInfo>
		<wsse:SecurityTokenReference
		xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
		<wsse:Reference URI="#x509-c5c0d213676f4a6ba5e6fa58074eb57a"
		ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
		</wsse:SecurityTokenReference>
		</ds:KeyInfo>
		</ds:Signature>
		</wsse:Security>
		</soap:Header>
		```

		`signerOptions.attrs:{ Id: 'signature-100', foo:'bar'}`

		``` xml
		<soap:Header>
		<wsse:Security soap:mustUnderstand="1">
		<wsse:BinarySecurityToken>XXX</wsse:BinarySecurityToken>
		<!-- The Timestamp group of tags are added and signed -->
		<Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Id="Timestamp">
		<Created>2019-10-01T08:17:50Z</Created>
		<Expires>2019-10-01T08:27:50Z</Expires>
		</Timestamp>
		<Signature Id="signature-100" foo="bar" xmlns="http://www.w3.org/2000/09/xmldsig#">
		<SignedInfo>
		...
		<Reference URI="#Timestamp">
		<Transforms>
		<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
		<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
		</Transforms>
		<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
		<DigestValue>XyZ=</DigestValue>
		</Reference>
		</SignedInfo>
		</Signature>
		</wsse:Security>
		</soap:Header>
		```

		### NTLMSecurity
		@@ -1004,2 +1163,19 @@
		```

		### Overriding imports relative paths

		By default, WSDL and schema files import other schemas and types using relative paths.

		However in some systems (i.e. NetSuite) when the wsdl is downloaded for offline caching, all files are flattened under a single directory and all the imports fail.
		Passing this option allows `node-soap` to correctly load all files.

		```javascript
		var options ={
		wsdl_options = { fixedPath: true }
		};
		soap.createClient(__dirname+'/wsdl/fixedPath/netsuite.wsdl', options, function(err, client) {
		// your code
		});
		```

		### Specifying the exact namespace definition of the root element
		@@ -1006,0 +1182,0 @@ In rare cases, you may want to precisely control the namespace definition that is included in the root element.

lib/client.js.map