Signing WSDL request body

rvcristiand commented 2 years ago

Hi everybody !

I have to consume a WSDL service. I have a username and password to see the wsdl file and a .pem file to consume the service. I can see the wsdl with suds, but I don't know how to config the script to include the pem file in the request.

The WSDL file is hosted in https://my.url/abc/def/xyz?wsdl (I changed the url a little bit). To see the wsdl, I need to use a username and a password (I changed the username and password, too). To test if it works, I created the following script:

from suds.client import Client
from suds.transport.https import HttpAuthenticated

url = 'https://my.url/abc/def/xyz?wsdl'
t = HttpAuthenticated(username='user', password='password')

client = Client(url, transport=t)

print(client)

All goes well, and I got (I edited the output a little bit, but I think I left untouched the important info):

Suds ( https://fedorahosted.org/suds/ )  version: 1.1.2

Service ( ...WSService ) tns="http://abc.def.xyz.com"
   Prefixes (2)
      ns0 = "http://abc.def.ghi.jkl.com"
      ns1 = "http://schemas.xmlsoap.org/soap/encoding/"
   Ports (1):
      (InformacionComercial)
         Methods (4):
            cambioPassword(ns1:string nuevoPassword)
            consultaPlano(ns0:ParametrosConsultaDTO parametrosConsulta)
            consultaXml(ns0:ParametrosConsultaDTO parametrosConsulta)
            consultaXmlConApellido(ns0:ParametrosConsultaDTO parametrosConsulta)
         Types (49):
            ns1:Array
            ...
            ns0:ParametrosConsultaDTO
            ns1:QName
            ...

Then I created a ns0:ParametrosConsultaDTO object with the following code:

parametrosConsutaDTO_type = client.factory.create('ns0:ParametrosConsultaDTO')
print(parametrosConsutaDTO_type)

And I got the following output (I changed the parameters name):

(ParametrosConsultaDTO){
   attr1 = 
      (string){
         value = None
         _id = ""
         _href = ""
      }
   attr2 = 
      (string){
         value = None
         _id = ""
         _href = ""
      }
   att3 = 
      (string){
         value = None
         _id = ""
         _href = ""
      }
   attr4 = 
      (string){
         value = None
         _id = ""
         _href = ""
      }
   attr5 = 
      (string){
         value = None
         _id = ""
         _href = ""
      }
 }

Then, I modified the attributes and called the service I need:

parametrosConsutaDTO_type.attr1 = "1"
parametrosConsutaDTO_type.attr2 = "2"
parametrosConsutaDTO_type.attr3 = "3"
parametrosConsutaDTO_type.attr4 = "4"
parametrosConsutaDTO_type.attr5 = "5"

client.service.consultaXmlConApellido(parametrosConsutaDTO_type)

And I got:

Traceback (most recent call last): File
  "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/transport/http.py",
  line 89, in send fp = self.u2open(u2request,
  timeout=request.timeout) File
  "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/transport/http.py",
  line 140, in u2open return url.open(u2request, timeout=tm) File
  "/usr/lib64/python3.10/urllib/request.py", line 525, in open
  response = meth(req, response) File
  "/usr/lib64/python3.10/urllib/request.py", line 634, in
  http_response response = self.parent.error( File
  "/usr/lib64/python3.10/urllib/request.py", line 557, in error result
  = self._call_chain(*args) File
  "/usr/lib64/python3.10/urllib/request.py", line 496, in _call_chain
  result = func(*args) File "/usr/lib64/python3.10/urllib/request.py",
  line 1056, in http_error_401 response =
  self.http_error_auth_reqed('www-authenticate', File
  "/usr/lib64/python3.10/urllib/request.py", line 1005, in
  http_error_auth_reqed return self.retry_http_basic_auth(host, req,
  realm) File "/usr/lib64/python3.10/urllib/request.py", line 1020, in
  retry_http_basic_auth return self.parent.open(req,
  timeout=req.timeout) File "/usr/lib64/python3.10/urllib/request.py",
  line 525, in open response = meth(req, response) File
  "/usr/lib64/python3.10/urllib/request.py", line 634, in
  http_response response = self.parent.error( File
  "/usr/lib64/python3.10/urllib/request.py", line 563, in error return
  self._call_chain(*args) File
  "/usr/lib64/python3.10/urllib/request.py", line 496, in _call_chain
  result = func(*args) File "/usr/lib64/python3.10/urllib/request.py",
  line 643, in http_error_default raise HTTPError(req.full_url, code,
  msg, hdrs, fp) urllib.error.HTTPError: HTTP Error 500: Internal
  Server Error During handling of the above exception, another
  exception occurred: Traceback (most recent call last): File
  "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/client.py",
  line 771, in send reply = self.options.transport.send(request) File
  "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/transport/https.py",
  line 66, in send return HttpTransport.send(self, request) File
  "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/transport/http.py",
  line 106, in send raise TransportError(e.msg, e.code, e.fp)
  suds.transport.TransportError: Internal Server Error During handling
  of the above exception, another exception occurred: Traceback (most
  recent call last):
  File
    "/home/rvcristiand/Documents/prestanza/with_suds/with_suds/test.py",
    line 89, in <module>
    client.service.consultaXmlConApellido(parametrosConsutaDTO_type)
    File
    "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/client.py",
    line 586, in __call__ return client.invoke(args, kwargs) File
    "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/client.py",
    line 728, in invoke result = self.send(soapenv, timeout=timeout)
    File
    "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/client.py",
    line 776, in send return self.process_reply(content, e.httpcode,
    tostr(e)) File
    "/home/rvcristiand/.cache/pypoetry/virtualenvs/with-suds-Pgwrf_HG-py3.10/lib/python3.10/site-packages/suds/client.py",
    line 840, in process_reply raise WebFault(fault, replyroot)
    suds.WebFault: Server raised fault: 'WSDoAllReceiver: Request does
    not contain required Security header'

I actually, I know the problem is related to WS-Security Configuration. I have a SoapUI manual to consume the service, where they configure the Outgoing WS-Security with a signature (where the private key is related) and a timestamp. Finally, they add an authorization where relate the username, password and the Outgoing WS-Security.

I would like to consume this service with suds, but I don't know how to add the private certificate to my requests.

Any help in this way will be useful to me.

Thank you.

phillbaker commented 2 years ago

In order to investigate this further, we'll need the following:

publicly available url for the wsdl in question

Note: Issues on this repository are for reporting bugs and feature requests for this provider, not providing support for unique environments. In order to investigate this, a reproducible case may needs to be provided, if that can't be provided, we'll have to close this issue to focus on widely impacting issues.

rvcristiand commented 2 years ago

Hi @phillbaker.

Here is the url: https://miportafoliouat.transunion.co/InformacionComercialWS/services/InformacionComercial?wsdl.

@phillbaker there area the credencials:

username: 332970 password: 49Ya*08@qkNW

Actually, I have a repo in github.

I thank you in advance for any help !

phillbaker commented 2 years ago

I think this is a feature request for supporting WSSE signatures (x509). This isn't currently supported natively by this library.

However, searching github does show a few options:

https://github.com/orcasgit/py-wsse a separate library that has an example working with suds (it says the jurko fork, which this is a derivative of): https://py-wsse.readthedocs.io/en/latest/#with-suds
this fork of the original suds has additional WS-Security support: https://github.com/wrapp-archive/suds
this separate plugin https://github.com/GoodRx/SudsSigner

Please try one of these options and let us know how it goes!

rvcristiand commented 1 year ago

Hi @phillbaker.

I tried the first option, py-wsse, but I had problems installing it, because the library support goes until python 2.7 and python 3.4. Those python versions are deprecated and I couldn't installed them in Fedora 35. I tried with Ubuntu 16.04 under wsl2. I could install python 2.7 and python 3.4 but couldn't run pip install py-wsse[suds]. I got the following error:

DEPRECATION: Python 3.4 support has been deprecated. pip 19.1 will be the last one supporting it. Please upgrade your Python as Python 3.4 won't be maintained after March 2019 (cf PEP 429).
Collecting py-wsse[suds]
  Using cached https://files.pythonhosted.org/packages/d7/40/1935e39e31c7720404d26244e9b54580b0a6e1d5d4b1b51130366ee283df/py-wsse-0.1.tar.gz
Collecting xmlsec>=0.3.1.orcas1 (from py-wsse[suds])
  Using cached https://files.pythonhosted.org/packages/35/42/d7cd323c91d4706f3cc32ffe7d5f851ab8ef9898ccb350f6ba593dd8b89a/xmlsec-1.3.3.tar.gz
    ERROR: Complete output from command python setup.py egg_info:
    ERROR: WARNING: The wheel package is not available.
    DEPRECATION: Python 3.4 support has been deprecated. pip 19.1 will be the last one supporting it. Please upgrade your Python as Python 3.4 won't be maintained after March 2019 (cf PEP 429).
        ERROR: Complete output from command python setup.py egg_info:
        ERROR: This lxml version requires Python 2.7, 3.5 or later.
        ----------------------------------------
    ERROR: Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-wheel-udx1qs_j/lxml/
    Traceback (most recent call last):
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/setuptools/installer.py", line 128, in fetch_build_egg
        subprocess.check_call(cmd)
      File "/home/rvc/.pyenv/versions/3.4.10/lib/python3.4/subprocess.py", line 558, in check_call
        raise CalledProcessError(retcode, cmd)
    subprocess.CalledProcessError: Command '['/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/bin/python3.4', '-m', 'pip', '--disable-pip-version-check', 'wheel', '--no-deps', '-w', '/tmp/tmpjqyuuhot', '--quiet', 'lxml>=3.0']' returned non-zero exit status 1

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-install-r1szks9k/xmlsec/setup.py", line 60, in <module>
        'Topic :: Text Processing :: Markup :: XML'
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/setuptools/__init__.py", line 144, in setup
        _install_setup_requires(attrs)
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/setuptools/__init__.py", line 139, in _install_setup_requires
        dist.fetch_build_eggs(dist.setup_requires)
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/setuptools/dist.py", line 721, in fetch_build_eggs
        replace_conflicting=True,
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/pkg_resources/__init__.py", line 782, in resolve
        replace_conflicting=replace_conflicting
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/pkg_resources/__init__.py", line 1065, in best_match
        return self.obtain(req, installer)
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/pkg_resources/__init__.py", line 1077, in obtain
        return installer(requirement)
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/setuptools/dist.py", line 777, in fetch_build_egg
        return fetch_build_egg(self, req)
      File "/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/lib/python3.4/site-packages/setuptools/installer.py", line 130, in fetch_build_egg
        raise DistutilsError(str(e))
    distutils.errors.DistutilsError: Command '['/home/rvc/.pyenv/versions/3.4.10/envs/prestanza/bin/python3.4', '-m', 'pip', '--disable-pip-version-check', 'wheel', '--no-deps', '-w', '/tmp/tmpjqyuuhot', '--quiet', 'lxml>=3.0']' returned non-zero exit status 1
    ----------------------------------------
ERROR: Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-install-r1szks9k/xmlsec/

I will try with the other options to see what happens.

Thank you for help.

See you soon.

rvcristiand commented 1 year ago

Hi @phillbaker.

I checked the other two options but it seem obscure to me, because they are outdated and the last commits were 6 and 7 year ago, respectively. I think I'll fall in same problem again.

phillbaker commented 1 year ago

@rvcristiand you can try forking, updating dependencies and installing from git. Here's one fork that looks semi-recent: https://github.com/jtiri/py-wsse

suds-community / suds

Signing WSDL request body #84