Open andreixk opened 7 years ago
If the WSDL file specifies the document parts that need to be signed, as in example below, the signature.py module doesn't sign any of them except for Body and Timestamp (which are hard coded for some reason)
signature.py
<sp:SignedParts xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:ebs="http://ebs.health.ontario.ca/" xmlns:hcv="http://hcv.health.ontario.ca/" xmlns:idp="http://idp.ebs.health.ontario.ca/" xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <sp:Header Name="EBS" Namespace="http://ebs.health.ontario.ca/"/> <sp:Header Name="MSA" Namespace="http://msa.ebs.health.ontario.ca/"/> <sp:Header Name="Timestamp" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/> <sp:Header Name="UsernameToken" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/> <sp:Body/> </sp:SignedParts>
Ah interesting, it is indeed hardcoded currently. Are you able to open a PR to implement this?
What a pity that this feature has not been merged yet. Any chance to have it done soon?
If the WSDL file specifies the document parts that need to be signed, as in example below, the
signature.py
module doesn't sign any of them except for Body and Timestamp (which are hard coded for some reason)