search

phax / phase4

phase4 - AS4 client and server for integration into existing systems. Specific support for Peppol and CEF eDelivery built-in.
Apache License 2.0
154 stars 47 forks source link

"Content is not allowed in prolog" if response returned contains headers and stuff #26

Closed AlexandruCiobanu closed 4 years ago

AlexandruCiobanu commented 4 years ago

I sent a message and got back a response like:

--_=9506296633188159IBM9506296633188159MOKO
Content-Transfer-Encoding: 8bit
Content-ID: 1a2c317d-2e74-4eb3-9067-146e40ec91c7
Content-Type: application/soap+xml; charset=UTF-8

<?xml version="1.0" encoding="utf-8"?><soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"><soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"><ns2:Messaging xmlns:ns2="http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soapenv:mustUnderstand="true" wsu:Id="soapheader-1"><ns2:SignalMessage><ns2:MessageInfo><ns2:Timestamp>2019-12-11T13:24:36.267Z</ns2:Timestamp><ns2:MessageId>5d5aa198-43ef-4edc-bf5f-43c3e834af87@1576070676267</ns2:MessageId><ns2:RefToMessageId>0ebedbc8-0cbf-434e-b316-783180bf9571@phase4</ns2:RefToMessageId></ns2:MessageInfo><ns2:Receipt><ns3:NonRepudiationInformation xmlns:ns3="http://docs.oasis-open.org/ebxml-bp/ebbp-signals-2.0"><ns3:MessagePartNRInformation><ns5:Reference xmlns:ns5="http://www.w3.org/2000/09/xmldsig#" URI="cid:phase4-att-4aff8294-68ee-430b-936c-ce1c9472a5b5"><ns5:Transforms><ns5:Transform Algorithm="http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform"></ns5:Transform></ns5:Transforms><ns5:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ns5:DigestMethod><ns5:DigestValue>oFOIvmFARmKLYGvAJnEBhth3iPzhWDCwL7pa+Njk6SY=</ns5:DigestValue></ns5:Reference></ns3:MessagePartNRInformation><ns3:MessagePartNRInformation><ns5:Reference xmlns:ns5="http://www.w3.org/2000/09/xmldsig#" URI="#id-81954218-5f14-4bb6-ba08-07c3eb1277c0"><ns5:Transforms><ns5:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ns5:Transform></ns5:Transforms><ns5:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ns5:DigestMethod><ns5:DigestValue>8l3vKa8HMlu3IczLPKK+gaZ+h/8vLLZFnZH5MamVN+I=</ns5:DigestValue></ns5:Reference></ns3:MessagePartNRInformation><ns3:MessagePartNRInformation><ns5:Reference xmlns:ns5="http://www.w3.org/2000/09/xmldsig#" URI="#phase4-msg-f6d66172-c40d-40a8-b30a-69a3f6f77e63"><ns5:Transforms><ns5:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ns5:Transform></ns5:Transforms><ns5:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ns5:DigestMethod><ns5:DigestValue>oFBG/szdavlrwwE4K5/GjGkhVRULsySLSWhrIfLlScc=</ns5:DigestValue></ns5:Reference></ns3:MessagePartNRInformation></ns3:NonRepudiationInformation></ns2:Receipt></ns2:SignalMessage></ns2:Messaging><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true"><wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="signingCert">MIIF1DCCA7ygAwIBAgIQGr0pf7rjKjMwCPx6u9+4jjANBgkqhkiG9w0BAQsFADBrMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQT3BlblBFUFBPTCBBSVNCTDEWMBQGA1UECxMNRk9SIFRFU1QgT05MWTEpMCcGA1UEAxMgUEVQUE9MIEFDQ0VTUyBQT0lOVCBURVNUIENBIC0gRzIwHhcNMTkxMTEyMDAwMDAwWhcNMjExMTAxMjM1OTU5WjBhMRIwEAYDVQQDDAlQQVUwMDAzNDUxFzAVBgNVBAsMDlBFUFBPTCBURVNUIEFQMSUwIwYDVQQKDBxEZXBhcnRtZW50IG9mIEh1bWFuIFNlcnZpY2VzMQswCQYDVQQGEwJBVTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL147LZwNHIoMQFAz5vU3o7tdvF4N9UHMjc+IQ3/CMtrlChXs2ludh6uPnPKubcXMd9KAPB1bJX5vwTqwmFyJFUKkrPw408caLiDu1FEFk71R6oPhrJXM97aqqRI/sh66fPcNCHjCKJ8WIfs9eZ+5X26dzkrwWPKBAeeQL2sb+VIXjuPE5XSIVU7BPgPNGUafBjgxPN8It0R10fxCddS3pEB6v3GOTLcEFlDKz8K6WO3zy4qyX4KcxXPCiM08C1yeinmWXLtxDeX7GXVewNBS7PY2w8iuRd6GxAAXqogFXo5L+QttGX15Q83Waz+RwOFkYvA5meTklAtyxV06soHth0CAwEAAaOCAXwwggF4MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMCMB0GA1UdDgQWBBSZcke8t1jZaQFhBJ2aRQ9NaPUpSTBdBgNVHR8EVjBUMFKgUKBOhkxodHRwOi8vcGtpLWNybC5zeW1hdXRoLmNvbS9jYV82YTkzNzczNGEzOTNhMDgwNWJmMzNjZGE4YjMzMTA5My9MYXRlc3RDUkwuY3JsMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL3BraS1vY3NwLnN5bWF1dGguY29tMB8GA1UdIwQYMBaAFGtvS7bxN7orPH8Yzborsrl8KjfrMC0GCmCGSAGG+EUBEAMEHzAdBhNghkgBhvhFARABAgMBAYGpkOEDFgY5NTc2MDgwOQYKYIZIAYb4RQEQBQQrMCkCAQAWJGFIUjBjSE02THk5d2Eya3RjbUV1YzNsdFlYVjBhQzVqYjIwPTANBgkqhkiG9w0BAQsFAAOCAgEAe/82yLK6ialu+laNP9T9XuXs2bZ7RpWs3xprC8t+8kUV5UDd5f+8Ti+txO8cvsm7l+MKRNGGIQV8OUwDFoydrADXM7VLfWmtw7q+BtolIVwlDnCYkkPkpIdAGsWeaP7jnw57zJ0qMhLF9kaCc0seFL9fFjioF5MC2R8TGPMgy4pUl5cetNx4lJbN6dGUq8dUgZebKhUrI+JTqxARhIlImmI86fuxOa8gkxD90Z0ND0nO+a1yFCol2sA6fB3WiwsnkESZlK0YfkMHjy1WEpB26INC1IIL8WJ0ifyK8iuERjoyQ64/u/26ngaQX3XoDBugH5U2FQfKDeIAMDYq3xeUyioTT5WfWu0ueBDQsBqg2/ostayiusrcGKUtOPOpUYLJKX7BdGR2qvWnhbFQVPPUFlFSZeQEumOUskx5+tjIxEVbM1Ocfrs/8p4pW1q2EHT92knqGTpG14mSn0NVntBQumdPhIUTtjMiY55GAcL7cdq+oRY+D+mAdxJnFmH7uLc61ES95lXtcdw6XGvZOcNV+dsTuwRJR3t2JPLXdiUjDbp++ZWY9AIcfG7r9rZ0EzUdrKxGuq65Hk9eev6883FBUEeuPFAq3oWStyjtI1yuWRTHVNaBU+n9dHD8BlfoEJaymC2pQO/ec8NKwyCrUf5AXX6xaJhQQ77cmn5Ge2blXyg=</wsse:BinarySecurityToken><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></ds:SignatureMethod><ds:Reference URI="#soapheader-1"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod><ds:DigestValue>YWewkJXepXl8Tt+RVKh+6LOMnquy+iv41IL2V2RA+hQ=</ds:DigestValue></ds:Reference><ds:Reference URI="#soapbody"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod><ds:DigestValue>MuXTb3M4BFAClqp28AnKQQJPuH1XxCZZle+49qRiZVk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>AWwXxbtSIVhuxP+RaLsg/LY2RCoEDSt/oe/H8MNgNSSQr88/paw80FbULfzrzyQu82ga1PEM7syaDrt1w+UWrfkf+FjiXb+mj2vH+9IvnUBBvQ/is6DeWRdYtuyrhg3a4Rehb5tJqbpVB4DW2TnTGccWCq3Al8QT/MotrA3MuJqWVqChyfiBrk9KqDGPa9rX9/kxYY/xM78lIrtHFrFlj+Fyf9Ng8O1qAstX3ALbvAdHMAuu5Ot6OxXabm6hNLFU2XQz59cHKjXNAXzGiKuSrwQwmJWm+C/l+XNXoPjBV/HDjOzg8D5uqIOyKFhQrx7wDMjt0kp07Q9uRXkZOwPYrw==</ds:SignatureValue><ds:KeyInfo Id="KeyId-urn:uuid:38689DB9DD7E992F181576070676664"><wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-urn:uuid:38689DB9DD7E992F181576070676665"><wsse:Reference URI="#signingCert" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature></wsse:Security></soapenv:Header><soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="soapbody"></soapenv:Body></soapenv:Envelope>
--_=9506296633188159IBM9506296633188159MOKO--

In log I see this error when processing the signal:

2019-12-11T15:24:35,099 INFO  com.helger.phase4.peppol.Phase4PeppolSender._sendHttp(Phase4PeppolSender.java:205) - Successfully transmitted AS4 document with message ID '0ebedbc8-0cbf-434e-b316-783180bf9571@phase4' to 'https://test.ap.ebmsb.humanservices.gov.au/pbus/as4'
2019-12-11T15:27:28,251 ERROR com.helger.commons.log.LogHelper.log(LogHelper.java:323) - [fatal_error] @ (1:1) [SAX] Content is not allowed in prolog. (org.xml.sax.SAXParseException: Content is not allowed in prolog.)
2019-12-11T15:27:28,254 ERROR com.helger.commons.log.LogHelper.log(LogHelper.java:323) - [error] @ (1:1) [SAX] Content is not allowed in prolog. (org.xml.sax.SAXParseException: Content is not allowed in prolog.)
org.xml.sax.SAXParseException: Content is not allowed in prolog.
    at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:257) ~[?:1.8.0_161]
    at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:339) ~[?:1.8.0_161]
    at com.helger.xml.serialize.read.DOMReader.readXMLDOM(DOMReader.java:334) [ph-xml-9.3.8.jar:9.3.8]
    at com.helger.xml.serialize.read.DOMReader.readXMLDOM(DOMReader.java:237) [ph-xml-9.3.8.jar:9.3.8]
    at com.helger.xml.serialize.read.DOMReader.readXMLDOM(DOMReader.java:231) [ph-xml-9.3.8.jar:9.3.8]
    at com.helger.phase4.peppol.Phase4PeppolSender.parseSignalMessage(Phase4PeppolSender.java:123) [classes/:?]
    at com.helger.phase4.peppol.Phase4PeppolSender._sendHttp(Phase4PeppolSender.java:220) [classes/:?]
    at com.helger.phase4.peppol.Phase4PeppolSender._sendAS4Message(Phase4PeppolSender.java:515) [classes/:?]
    at com.helger.phase4.peppol.Phase4PeppolSender.access$100(Phase4PeppolSender.java:106) [classes/:?]
    at com.helger.phase4.peppol.Phase4PeppolSender$Builder.sendMessage(Phase4PeppolSender.java:1056) [classes/:?]
    at com.as4.sender.AS4PEPPOLSender.send(AS4PEPPOLSender.java:262) [classes/:?]
    at com.as4.sender.AS4PEPPOLSender.main(AS4PEPPOLSender.java:180) [classes/:?]
2019-12-11T15:27:55,467 ERROR com.helger.phase4.peppol.Phase4PeppolSender._sendHttp(Phase4PeppolSender.java:233) - Internal error sending AS4 message to 'https://test.ap.ebmsb.humanservices.gov.au/pbus/as4'
com.helger.phase4.peppol.Phase4PeppolException: Failed to parse as XML
    at com.helger.phase4.peppol.Phase4PeppolSender.parseSignalMessage(Phase4PeppolSender.java:125) ~[classes/:?]
    at com.helger.phase4.peppol.Phase4PeppolSender._sendHttp(Phase4PeppolSender.java:220) [classes/:?]
    at com.helger.phase4.peppol.Phase4PeppolSender._sendAS4Message(Phase4PeppolSender.java:515) [classes/:?]
    at com.helger.phase4.peppol.Phase4PeppolSender.access$100(Phase4PeppolSender.java:106) [classes/:?]
    at com.helger.phase4.peppol.Phase4PeppolSender$Builder.sendMessage(Phase4PeppolSender.java:1056) [classes/:?]
    at com.as4.sender.AS4PEPPOLSender.send(AS4PEPPOLSender.java:262) [classes/:?]
    at com.as4.sender.AS4PEPPOLSender.main(AS4PEPPOLSender.java:180) [classes/:?]

It seems we need some sort of mime handling in teh MDN?

phax commented 4 years ago

Okay, so you found the setSignalMsgConsumer method in the builder. This is clearly a bug...

AlexandruCiobanu commented 4 years ago

In this case is there anythig I could do? Also any way to process the response message, meaning decrypt and verify the actual inside payload?

AlexandruCiobanu commented 4 years ago

As a temporary fix I did the following:

@Nullable
  public static Ebms3SignalMessage parseSignalMessage (@Nonnull @WillNotClose final AS4ResourceHelper aResHelper,
                                                       @Nonnull final byte [] aBytes) throws Phase4PeppolException
  {
    // Read response as XML
    Document aSoapDoc = DOMReader.readXMLDOM (aBytes);
    if (aSoapDoc == null || aSoapDoc.getDocumentElement () == null) {
      Session newSession = Session.getDefaultInstance(new Properties());
      InputStream inputStreamObj = new ByteArrayInputStream(aBytes);
      try {
        MimeMessage mimeMessageObj = new MimeMessage(newSession, inputStreamObj);
        String contentType = mimeMessageObj.getContentType();
        part = (String) mimeMessageObj.getContent();
        part = part.replaceAll("\\<\\?xml(.+?)\\?\\>", "").trim();
        part = part.substring(0, part.lastIndexOf('>')+1);
        aSoapDoc = DOMReader.readXMLDOM (part);
        if (aSoapDoc == null || aSoapDoc.getDocumentElement () == null) {
            throw new Phase4PeppolException("Failed to parse as XML");
        }
      } catch (MessagingException e) {
        throw new Phase4PeppolException("Failed to parse as XML", e);
      } catch (IOException e) {
        throw new Phase4PeppolException("Failed to parse as XML", e);
      }
    } else {
      part = new String(aBytes);
    }
....
phax commented 4 years ago

Thanks for the taking the time to post this here. Let me see what I can do....

phax commented 4 years ago

In the meantime I verified, that it is okay, to always use MIME encoding. I need to implement this accordingly

phax commented 4 years ago

@AlexandruCiobanu do you have a test endpoint for me, where the SignalMessage comes as a MIME message? Thx

phax commented 4 years ago

It should be fixed in the v0.9.7 release