Closed aeberlin closed 9 months ago
Related issue: https://github.com/savonrb/akami/issues/23
:+1:
Easy monkey patch for anybody that wants it:
require 'akami'
module AkamiWSSEHeaderFix
def to_xml
if signature? and signature.have_document?
Gyoku.xml wsse_signature.merge!(hash)
elsif username_token? && timestamp?
Gyoku.xml wsu_timestamp.merge!(wsse_username_token) {
|key, v1, v2| v1.merge!(v2) {
|key, v1, v2| v1.merge!(v2)
}
}
elsif username_token?
Gyoku.xml wsse_username_token.merge!(hash)
elsif timestamp?
Gyoku.xml wsu_timestamp.merge!(hash)
else
""
end
end
end
Akami::WSSE.send(:prepend, AkamiWSSEHeaderFix)
@rubiii Could we please get a merge, or feedback if it can't be merged? TY!
Hi - thanks for your patience. Doing some cleanup in this codebase and I'm going to default to merge contributions like this one, since it seems better than letting them stagnate.
We encountered a problem when trying to authenticate to a vendor's SOAP API where the timestamp must precede the username token in order for the request to be verified and authenticated. Otherwise, the follow error is thrown:
I feel that reversing the order is unlikely to break other implementations, but I would like some feedback on whether this is a change we can/should make. Another, probably less intrusive, option would be to set up a pathway to pass a configuration option through
savon
client instantiation to enforce an order in the WSSE header thatakami
generates.Thanks, cheers.