Моя задача: перенести проект из. Net Framework в. Net Core. В проекте используется веб-служба, для которой требуется сертификат для подписи.
В старой реализации:
{ var svc = new XService { Url = "Some url" }; var cert = new X509Certificate2("some path", "some password"); var signatureToken = new X509SecurityToken(cert); SoapContext requestContext = svc.RequestSoapContext; requestContext.Security.Elements.Add(new MessageSignature(signatureToken)); // Obsolete, but work fine return svc; }
Когда вызывается какой-либо метод, генерируется запрос:
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soap:Header> // Custom headers // ... <wsa:Action wsu:Id="Id-b6bb139a-38eb-4b01-8adc-dd8f7212dd65">...</wsa:Action> <wsa:MessageID wsu:Id="Id-4601e0cd-aae2-4405-a7ec-8a6002563478">urn:uuid:6eaf15d8-9769-454f-9fc3-9757a7a8c924</wsa:MessageID> <wsa:ReplyTo wsu:Id="Id-c6a68fcf-2b3d-4f02-afcf-e88fa760e7b8"> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address> </wsa:ReplyTo> <wsa:To wsu:Id="Id-1b0b6cf7-a96c-4a09-a57e-c96122fadb0c">https://...</wsa:To> <wsse:Security soap:mustUnderstand="1"> <wsu:Timestamp wsu:Id="Timestamp-3b39f6d5-b8e5-4836-a9f6-94d3cc920f69"> <wsu:Created>2020-01-06T23:54:59Z</wsu:Created> <wsu:Expires>2020-01-06T23:59:59Z</wsu:Expires> </wsu:Timestamp> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" /> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <Reference URI="#Id-b6bb139a-38eb-4b01-8adc-dd8f7212dd65"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>0tpWVRC...294ks=</DigestValue> </Reference> <Reference URI="#Id-4601e0cd-aae2-4405-a7ec-8a6002563478"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>Isp...obbU=</DigestValue> </Reference> <Reference URI="#Id-c6a68fcf-2b3d-4f02-afcf-e88fa760e7b8"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>Jfi...VTQ=</DigestValue> </Reference> <Reference URI="#Id-1b0b6cf7-a96c-4a09-a57e-c96122fadb0c"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>/Q...Wc=</DigestValue> </Reference> <Reference URI="#Timestamp-3b39f6d5-b8e5-4836-a9f6-94d3cc920f69"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>KnJ...+U=</DigestValue> </Reference> <Reference URI="#Id-b32bc628-4704-4db1-949c-1e5ff2cb7dd0"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>Lj...I=</DigestValue> </Reference> </SignedInfo> <SignatureValue>DG...Q==</SignatureValue> <KeyInfo> <wsse:SecurityTokenReference> <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">KT...w=</wsse:KeyIdentifier> </wsse:SecurityTokenReference> </KeyInfo> </Signature> </wsse:Security> </soap:Header> <soap:Body wsu:Id="Id-b32bc628-4704-4db1-949c-1e5ff2cb7dd0"> // Some payloads </soap:Body> </soap:Envelope>
Невозможно использовать старый метод во время миграции, поскольку X509SecurityToken, SoapContext, MessageSignature ( Microsoft.Web.Services3 ) недоступны в. Net Core.
Нет рабочее решение найдено на Inte rnet для. Net Core. Моя последняя реализация:
{ var binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport); binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate; var svc = new XService( binding, new EndpointAddress(_queryNumberPortingServiceUrl) ); svc.ClientCredentials.ClientCertificate.Certificate = GetCertificate(); return svc; }
Метод не работает. Заголовки не создаются в soap: Заголовок, кроме собственного. Спасибо за любую помощь.