strong-soap
This module provides a Node.js SOAP client for invoking web services and a mock-up SOAP server capability to create and test your web service. This module is based on node-soap
module.
Overview
Features:
- Full SOAP Client capability and mock-up SOAP server capability
- Handles both RPC and Document styles
- Handles both SOAP 1.1 and SOAP 1.2 Fault
- APIs to parse XML into JSON and JSON into XML
- API to describe WSDL document
- Support for both synchronous and asynchronous method handlers
- WS-Security (currently only UsernameToken and PasswordText encoding is supported)
Install
Node.js version 10, 12, and 14 are officially supported. We dropped version 8
support in 3.0.0.
Install with npm:
npm install strong-soap
Client
Start with the WSDL for the web service you want to invoke. For example, the stock quote service http://www.webservicex.net/stockquote.asmx and the WSDL is http://www.webservicex.net/stockquote.asmx?WSDL
Create a new SOAP client from WSDL URL using soap.createClient(url[, options], callback)
. Also supports a local file system path. An instance of Client
is passed to the soap.createClient
callback. It is used to execute methods on the soap service.
"use strict";
var soap = require('strong-soap').soap;
var url = 'http://www.webservicex.net/stockquote.asmx?WSDL';
var requestArgs = {
symbol: 'IBM'
};
var options = {};
soap.createClient(url, options, function(err, client) {
var method = client['StockQuote']['StockQuoteSoap']['GetQuote'];
method(requestArgs, function(err, result, envelope, soapHeader) {
console.log('Response Envelope: \n' + envelope);
console.log('Result: \n' + JSON.stringify(result));
});
});
As well as creating a client via a url
, an existing WSDL object can be passed in via options.WSDL_CACHE
.
var soap = require('strong-soap').soap;
var WSDL = soap.WSDL;
var url = 'http://www.webservicex.net/stockquote.asmx?WSDL';
var options = {};
WSDL.open(url,options,
function(err, wsdl) {
var clientOptions = {
WSDL_CACHE : {
stockquotewsdl: wsdl
}
};
soap.createClient('stockquotewsdl', clientOptions, function(err, client) {
var method = client['StockQuote']['StockQuoteSoap']['GetQuote'];
method(requestArgs, function(err, result, envelope, soapHeader) {
console.log('Response Envelope: \n' + envelope);
console.log('Result: \n' + JSON.stringify(result));
});
});
});
The Request envelope created by above service invocation:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header/>
<soap:Body>
<ns1:GetQuote xmlns:ns1="http://www.webserviceX.NET/">
<ns1:symbol>IBM</ns1:symbol>
</ns1:GetQuote>
</soap:Body>
</soap:Envelope>
This WSDL operation is defined as document/literal-wrapped style. Hence the request in soap is wrapped in operation name. Refer to test cases server-client-document-test and server-client-rpc-test to understand document and rpc styles and their
Request, Response and Fault samples.
The options
argument allows you to customize the client with the following properties:
endpoint
: to override the SOAP service's host specified in the .wsdl
file.request
: to override the request module.httpClient
: to provide your own http client that implements request(rurl, data, callback, exheaders, exoptions)
.envelopeKey
: to set specific key instead of <soap:Body></soap:Body>
wsdl_options
: custom options for the request module on WSDL requests.wsdl_headers
: custom HTTP headers to be sent on WSDL requests.
Note: for versions of node >0.10.X, you may need to specify {connection: 'keep-alive'}
in SOAP headers to avoid truncation of longer chunked responses.
User can define extra HTTP headers to be sent on the request.
var clientOptions = {};
soap.createClient(url, clientOptions, function(err, client) {
var customRequestHeader = {customheader1: 'test1'};
client.GetQuote(requestArgs, function(err, result, envelope) {
console.log(JSON.stringify(result));
}, null, customRequestHeader);
});
Client.describe()
Describes services, ports and methods as a JavaScript object.
var description = client.describe();
console.log(JSON.stringify(description.StockQuote.StockQuoteSoap.GetQuote));
Client.setSecurity(security)
Use the specified security protocol.
Refer to test case ssl-test for an example of using this API.
Client.method(args, callback)
Call method on the SOAP service.
client.MyFunction({name: 'value'}, function(err, result, envelope, soapHeader) {
})
A method can also be called as a promise.
client.MyFunction({name: 'value'}).then(function({result, envelope, soapHeader}){
}, function(err) {
});
try {
const {result, envelope, soapHeader} = await client.MyFunction({name: 'value'});
} catch(err) {
}
Call a method using a specific service and port.
client.MyService.MyPort.MyFunction({name: 'value'}, function(err, result) {
})
Options (optional)
Accepts any option that the request module accepts, see request module.
For example, you could set a timeout of 5 seconds on the request like this:
client.MyService.MyPort.MyFunction({name: 'value'}, function(err, result) {
}, {timeout: 5000})
You can measure the elapsed time on the request by passing the time option:
client.MyService.MyPort.MyFunction({name: 'value'}, function(err, result) {
}, {time: true})
Alternative method call using callback-last pattern
To align method call signature with Node's standard callback-last pattern and eventually allow promisification of method calls, the following method signatures are also supported:
client.MyService.MyPort.MyFunction({name: 'value'}, options, function (err, result) {
})
client.MyService.MyPort.MyFunction({name: 'value'}, options, extraHeaders, function (err, result) {
})
Client.lastRequest
The property that contains last full soap request for client logging.
Client.setEndpoint(url)
Overwrites the SOAP service endpoint address.
Client events
Client instances emit the following events:
- request - Emitted before a request is sent. The event handler receives the
entire Soap request (Envelope) including headers.
- message - Emitted before a request is sent. The event handler receives the
Soap body contents. Useful if you don't want to log /store Soap headers.
- soapError - Emitted when an erroneous response is received.
Useful if you want to globally log errors.
- response - Emitted after a response is received. The event handler receives
the SOAP response body as well as the entire
IncomingMessage
response object.
This is emitted for all responses (both success and errors).
For an example of using this API, see ssl-test.
Here is an example of 'soapError' event
soap.createClient(__dirname + '/wsdl/default_namespace.wsdl', function (err, client) {
var didEmitEvent = false;
client.on('soapError', function(err) {
didEmitEvent = true;
assert.ok(err.root.Envelope.Body.Fault);
});
client.MyOperation({}, function(err, result) {
assert.ok(didEmitEvent);
done();
});
}, baseUrl);
Security
strong-soap
has several default security protocols. You can easily add your own
as well. The interface is quite simple. Each protocol defines two methods:
addOptions
- Method that accepts an options arg that is eventually passed directly to request
toXML
- Method that returns a string of XML.
BasicAuthSecurity
client.setSecurity(new soap.BasicAuthSecurity('username', 'password'));
BearerSecurity
client.setSecurity(new soap.BearerSecurity('token'));
ClientSSLSecurity
Note: If you run into issues using this protocol, consider passing these options
as default request options to the constructor:
rejectUnauthorized: false
strictSSL: false
secureOptions: constants.SSL_OP_NO_TLSv1_2
(this is likely needed for node >= 10.0)
client.setSecurity(new soap.ClientSSLSecurity(
'/path/to/key'
, '/path/to/cert'
, {}
));
WSSecurity
WSSecurity
implements WS-Security. UsernameToken and PasswordText/PasswordDigest is supported.
var wsSecurity = new WSSecurity(username, password, options)
client.setSecurity(wsSecurity);
WSSecurityCert
WS-Security X509 Certificate support.
var privateKey = fs.readFileSync(privateKeyPath);
var publicKey = fs.readFileSync(publicKeyPath);
var password = '';
var wsSecurity = new soap.WSSecurityCert(privateKey, publicKey, password, 'utf8');
client.setSecurity(wsSecurity);
Note: Optional dependency 'ursa' is required to be installed successfully when WSSecurityCert is used.
XML attributes
Handling XML attributes, value, and XML (wsdlOptions)
To override the default behavior of strong-soap
, use the wsdlOptions
object, passed in the
createClient()
method. The wsdlOptions
has the following properties:
var wsdlOptions = {
attributesKey: 'theAttrs',
valueKey: 'theVal',
xmlKey: 'theXml'
}
If you call createClient()
with no options (or an empty Object {}
), strong-soap
defaults
to the following:
attributesKey
: '$attributes'
valueKey
: '$value'
xmlKey
: '$xml'
Overriding the value key
By default, strong-soap
uses $value
as key for any parsed XML value which may interfere with your other code as it
could be some reserved word, or the $
in general cannot be used for a key to start with.
You can define your own valueKey
by passing it in the wsdl_options
to the createClient call like so:
var wsdlOptions = {
valueKey: 'theVal'
};
soap.createClient(__dirname + '/wsdl/default_namespace.wsdl', wsdlOptions, function (err, client) {
});
Overriding the xml key
As valueKey
, strong-soap
uses $xml
as key. The xml key is used to pass XML Object without adding namespace or parsing the string.
Example :
dom = {
$xml: '<parentnode type="type"><childnode></childnode></parentnode>'
};
<tns:dom>
<parentnode type="type">
<childnode></childnode>
</parentnode>
</tns:dom>
You can define your own xmlKey
by passing it in the wsdl_options
to the createClient call like this:
var wsdlOptions = {
xmlKey: 'theXml'
};
soap.createClient(__dirname + '/wsdl/default_namespace.wsdl', wsdlOptions, function (err, client) {
});
Overriding the attributes key
You can achieve attributes like:
<parentnode>
<childnode name="childsname">
</childnode>
</parentnode>
By attaching an attributes object to a node.
{
parentnode: {
childnode: {
$attributes: {
name: 'childsname'
}
}
}
}
However, "attributes" may be a reserved key for some systems that actually want a node:
<attributes>
</attributes>
In this case you can configure the attributes key in the wsdlOptions
like this:
var wsdlOptions = {
attributesKey: '$attributes'
};
Adding xsiType
soap.createClient(__dirname + '/wsdl/default_namespace.wsdl', wsdlOptions, function (err, client) {
client.*method*({
parentnode: {
childnode: {
$attributes: {
$xsiType: "{xmlnsTy}Ty"
}
}
}
});
});
Removing the xsiType. The resulting Request shouldn't have the attribute xsiType
soap.createClient(__dirname + '/wsdl/default_namespace.wsdl', wsdlOptions, function (err, client) {
client.*method*({
parentnode: {
childnode: {
$attributes: {
}
}
}
});
});
To see it in practice, consider the sample in: test/request-response-samples/addPets__force_namespaces
XMLHandler
XMLHandler enables you to to convert a JSON object to XML and XML to a JSON object. It can also parse an XML string or stream into the XMLBuilder tree.
API to convert JSON object to XML and XML to JSON object:
var soap = require('..').soap;
var XMLHandler = soap.XMLHandler;
var xmlHandler = new XMLHandler();
var util = require('util');
var url = 'http://www.webservicex.net/stockquote.asmx?WSDL';
var requestArgs = {
symbol: 'IBM'
};
var options = {};
var clientOptions = {};
soap.createClient(url, clientOptions, function(err, client) {
var customRequestHeader = {customheader1: 'test1'};
client.GetQuote(requestArgs, function(err, result, envelope, soapHeader) {
var node = xmlHandler.jsonToXml(null, null,
XMLHandler.createSOAPEnvelopeDescriptor('soap'), result);
var xml = node.end({pretty: true});
console.log(xml);
var root = xmlHandler.xmlToJson(null, xml, null);
console.log('%s', util.inspect(root, {depth: null}));
}, options, customRequestHeader);
});
Parse XML string or stream into the XMLBuilder tree:
var root = XMLHandler.parseXml(null, xmlString);
WSDL
wsdl.open(wsdlURL, options, callback(err, wsdl))
Loads WSDL into a tree form. Traverse through WSDL tree to get to bindings, services, ports, operations, and so on.
Parameters:
wsdlURL
WSDL url to load.options
WSDL optionscallback
Error and WSDL loaded into object tree.
var soap = require('..').soap;
var WSDL = soap.WSDL;
var path = require('path');
var options = {};
WSDL.open('./wsdls/stockquote.wsdl',options,
function(err, wsdl) {
var getQuoteOp = wsdl.definitions.bindings.StockQuoteSoap.operations.GetQuote;
console.log(getQuoteOp.$name);
var service = wsdl.definitions.services['StockQuote'];
console.log(service.$name);
});
wsdl.openSync(wsdlURL, options)
Loads WSDL into a tree form directly from memory. It traverses through WSDL tree to get to bindings, services, ports, operations, and so on as long as you have your dependent WSDLs and schemas are loaded and available in the options.WSDL_CACHE
. If any I/O is required to retrieve any dependencies this call will throw an error.
Parameters:
wsdlURL
WSDL url to load as named in the cache.options
WSDL options
An example of loading WSDLs into your options.WSDL_CACHE
and calling wsdl.loadSync()
can be found in the test test/wsdl-load-from-memory-test
Server
soap.listen(server, path, services, wsdl)
Creates a new SOAP server that listens on path and provides services.
wsdl is an xml string that defines the service.
var myService = {
MyService: {
MyPort: {
MyFunction: function(args) {
return {
name: args.name
};
},
MyAsyncFunction: function(args, callback) {
callback({
name: args.name
});
},
HeadersAwareFunction: function(args, cb, headers) {
return {
name: headers.Token
};
},
reallyDeatailedFunction: function(args, cb, headers, req) {
console.log('SOAP `reallyDeatailedFunction` request from ' + req.connection.remoteAddress);
return {
name: headers.Token
};
}
}
}
};
var xml = require('fs').readFileSync('myservice.wsdl', 'utf8'),
server = http.createServer(function(request,response) {
response.end("404: Not Found: " + request.url);
});
server.listen(8000);
soap.listen(server, '/wsdl', myService, xml);
An example of using the SOAP server is in test/server-client-document-test
Options
You can pass in server and WSDL Options
using an options hash.
var xml = require('fs').readFileSync('myservice.wsdl', 'utf8');
soap.listen(server, {
path: '/wsdl',
services: myService,
xml: xml,
attributesKey: 'theAttrs',
valueKey: 'theVal',
xmlKey: 'theXml'
});
Server logging
If the log
method is defined it will be called with 'received' and 'replied'
along with data.
server = soap.listen(...)
server.log = function(type, data) {
};
Server events
Server instances emit the following events:
- request - Emitted for every received messages.
The signature of the callback is
function(request, methodName)
. - headers - Emitted when the SOAP Headers are not empty.
The signature of the callback is
function(headers, methodName)
.
The sequence order of the calls is request
, headers
and then the dedicated
service method.
test.soapServer.on('request', function requestManager(request, methodName) {
assert.equal(methodName, 'GetLastTradePrice');
done();
});
An example of using the SOAP server is in test/server-test
SOAP Fault
A service method can reply with a SOAP Fault to a client by throw
ing an
object with a Fault
property.
Example SOAP 1.1 Fault:
test.service = {
DocLiteralWrappedService: {
DocLiteralWrappedPort: {
myMethod: function (args, cb, soapHeader) {
throw {
Fault: {
faultcode: "sampleFaultCode",
faultstring: "sampleFaultString",
detail:
{ myMethodFault:
{errorMessage: 'MyMethod Business Exception message', value: 10}
}
}
}
}
}
}
}
SOAP 1.2 Fault:
test.service = {
DocLiteralWrappedService: {
DocLiteralWrappedPort: {
myMethod: function (args, cb, soapHeader) {
throw {
Fault: {
Code: {
Value: "soap:Sender",
Subcode: { Value: "rpc:BadArguments" }
},
Reason: { Text: "Processing Error" },
Detail:
{myMethodFault2:
{errorMessage2: 'MyMethod Business Exception message', value2: 10}
}
}
}
}
}
}
}
Examples of SOAP 1.1/SOAP 1.2 Fault response can be found in test test/server-client-document-test
Server security example using PasswordDigest
If server.authenticate
is not defined then no authentication will take place.
server = soap.listen(...)
server.authenticate = function(security) {
var created, nonce, password, user, token;
token = security.UsernameToken, user = token.Username,
password = token.Password, nonce = token.Nonce, created = token.Created;
return user === 'user' && password === soap.passwordDigest(nonce, created, 'password');
};
Server connection authorization
The server.authorizeConnection
method is called prior to the soap service method.
If the method is defined and returns false
then the incoming connection is
terminated.
server = soap.listen(...)
server.authorizeConnection = function(req) {
return true;
};
A service method can look at the SOAP headers by providing a third arguments.
{
HeadersAwareFunction: function(args, cb, headers) {
return {
name: headers.Token
};
}
}
It is also possible to subscribe to the 'headers' event.
The event is triggered before the service method is called, and only when the
SOAP Headers are not empty.
server = soap.listen(...)
server.on('headers', function(headers, methodName) {
});
First parameter is the Headers object;
second parameter is the name of the SOAP method that will called
(in case you need to handle the headers differently based on the method).
Both client and server can define SOAP headers that will be added to what they send.
They provide the following methods to manage the headers.
Adds soapHeader to soap:Header node.
Parameters:
value
JSON object representing {headerName: headerValue} or XML string.qname
qname used for the header
addSoapHeader(value, qname, options);
Returns the index where the header is inserted.
Changes an existing soapHeader.
Parameters:
index
index of the header to replace with provided new valuevalue
JSON object representing {headerName: headerValue} or XML string.qname
qname used for the header
Returns all defined headers.
Removes all defined headers.
Examples of using SOAP header API are in: test/server-test and test/server-test
soap-stub
Unit testing services that use SOAP clients can be very cumbersome. To get
around this you can use soap-stub
in conjunction with sinon
to stub soap with
your clients.
Example
var sinon = require('sinon');
var soapStub = require('strong-soap/soap-stub');
var urlMyApplicationWillUseWithCreateClient = './example/stockquote.wsdl';
var clientStub = {
SomeOperation: sinon.stub()
};
clientStub.SomeOperation.respondWithError = soapStub.createRespondingStub({error: 'error'});
clientStub.SomeOperation.respondWithSuccess = soapStub.createRespondingStub({success: 'success'});
clientStub.SomeOperation.respondWithError = soapStub.createRespondingStubAsync({error: 'error'});
clientStub.SomeOperation.respondWithSuccess = soapStub.createRespondingStubAsync({success: 'success'});
soapStub.registerClient('my client alias', urlMyApplicationWillUseWithCreateClient, clientStub);
var fs = require('fs'),
assert = require('assert'),
request = require('request'),
http = require('http'),
lastReqAddress;
describe('myService', function() {
var clientStub;
var myService;
beforeEach(function() {
clientStub = soapStub.getStub('my client alias');
soapStub.reset();
myService = clientStub;
});
describe('failures', function() {
beforeEach(function() {
clientStub.SomeOperation.respondWithError();
});
it('should handle error responses', function() {
myService.SomeOperation(function(err, response) {
});
});
});
});
Contributors