Closed tuanquynh0508 closed 8 years ago
Hi Nguyễn Như Tuấn Quỳnh, thank you for opening the issue! We believe that handling WSSE security easily is something that could be provided in future, but not in this bundle. This bundle has the goal to send requests, nothing else.
What you can actually do is to build your own rest client by using the original one:
namespace YourNameSpace\RestClient;
use Ci\RestClientBundle\Services\RestClient;
use Circle\WsseBundle\WsseGenerator;
class RestClient {
private $restClient;
private $wsseGenerator;
public function __construct(RestClient $restClient, WsseGenerator $wsseGenerator) {
$this->restClient = $restClient;
$this->wsseGenerator = $wsseGenerator;
}
public function get($url, array $options = array(), $username, $password) {
return $this->restClient->get($url, $this->addWsseHeaders($options));
}
private function addWsseHeaders(array $defaultOptions, $username, $password) {
$wsse = $this->wsseGenerator->generate($username, $password);
$httpHeaders = isEmpty($defaultOptions[CURLOPT_HTTPHEADER]) ? [ $wsse ] : array_merge($defaultOptions[CURLOPT_HTTPHEADER], [ $wsse ]);
return array_push($defaultOptions, [ CURLOPT_HTTPHEADER => $httpHeaders ]);
}
}
The WsseString has to look like:
Authorization: WSSE profile="UsernameToken"
X-WSSE: UsernameToken Username="admin", PasswordDigest="mTe5J+wM7tcBsI2Qx7bnajQ+0lQ=", Nonce="OWRmNWEwZWZiMTcyMTRkNQ==", Created="2014-12-09T21:29:18+02:00"
So your WsseGenerator should look like:
<?php
namespace Circle\WsseBundle;
class WsseGenerator {
public function generate($username, $password) {
$createdAt = gmdate('Y-m-d\TH:i:s\Z');
$passwordDigest = $this->generatePasswordDigest($password, $createdAt);
return "Authorization: WSSE profile=\"UsernameToken\"\nX-WSSE: UsernameToken Username=\"$username\", PasswordDigest=\"$passwordDigest\", Nonce=\"OWRmNWEwZWZiMTcyMTRkNQ==\", Created=\"$createdAt\"";
}
private function generatePasswordDigest($password, $createdAt) {
return base64_encode(pack('H*', sha1(pack('H*', mt_rand()) . pack('a*', $createdAt) . pack('a*', $password))));
}
}
Finally define the new service in your services.yml
#services.yml
your.restclient:
class: YourNameSpace\RestClient
arguments: [ "@ci.restclient", "@circle.wsse.generator" ]
circle.wsse.generator:
class: Circle\WsseBundle\WsseGenerator
It would be a pleasure for me if you try this out and give me a feedback :-)
Thanks you TobiasHauck very much. Your comment is very helpful for me. Thanks!.
Does CiRestClientBundle support for call rest service is protectetd by sercurity WSSE?