I am currently developing a WS client that needs to sign its requests before sending them to the server. I have a private key and a certificate for this purpose but I am struggling with the security header. The expected structure of the output XML should be something like this:
<soapenv:Envelope xmlns:soapenv="http://ift.tt/sVJIaE">
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://ift.tt/OhUJ5D
1.0.xsd"><wsse:BinarySecurityToken EncodingType="http://ift.tt/14yUvuM"
ValueType="http://ift.tt/11idNQV" wsu:Id="CertId-45..."
xmlns:wsu="http://ift.tt/1tfFusn
1.0.xsd"> ... </wsse:BinarySecurityToken><ds:Signature Id="Signature-13"
xmlns:ds="http://ift.tt/uq6naF">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://ift.tt/11kTCUR"/>
<ds:SignatureMethod Algorithm="http://ift.tt/zf1Wx4"/>
<ds:Reference URI="#id-14">
<ds:Transforms>
<ds:Transform Algorithm="http://ift.tt/11kTCUR"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://ift.tt/yuvO4a"/>
<ds:DigestValue>62...</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
...
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-...">
<wsse:SecurityTokenReference wsu:Id="STRId-..." xmlns:wsu="http://ift.tt/1kprABq
wss-wssecurity-utility-1.0.xsd"><wsse:Reference URI="#CertId-..." ValueType="http://docs.oasis-
http://ift.tt/13HtI3n"/></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security></soapenv:Header>
<soapenv:Body wsu:Id="id-14" xmlns:wsu="http://ift.tt/Hm2joJ">
I tried using xmlseclibs but I can't figure out how to include all the required information since the examples are rather basic.
I suppose I could go the DIY way and manually build the headers but I would like to keep it as simple as possible.
Any clues?
No comments:
Post a Comment