как реализовать ws-безопасность, используя php для мыльного объекта

Question

class WSSoapClient extends SoapClient {

    private $username;
    private $password;
    /*Generates de WSSecurity header*/
    private function wssecurity_header() {

        /* The timestamp. The computer must be on time or the server you are
         * connecting may reject the password digest for security.
         */
        $timestamp = gmdate('Y-m-d\TH:i:s\Z');
        /* A random word. The use of rand() may repeat the word if the server is
         * very loaded.
         */
        $nonce = mt_rand();
        /* This is the right way to create the password digest. Using the
         * password directly may work also, but it's not secure to transmit it
         * without encryption. And anyway, at least with axis+wss4j, the nonce
         * and timestamp are mandatory anyway.
         */
        $passdigest = base64_encode(
                pack('H*',
                        sha1(
                                pack('H*', $nonce) . pack('a*',$timestamp).
                                pack('a*',$this->password))));

       $auth='
<wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">
<wsse:UsernameToken wsu:Id=\"UsernameToken-2\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">
    <wsse:Username>'.$username.'</wsse:Username>
      <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">'.$password.'</wsse:Password>
    </wsse:UsernameToken>   
</wsse:Security>
<wsa:Action>http://www.kbb.com/2011/01/25/VehicleInformationService/IVehicleInformationService/GetYears</wsa:Action>
';

        /* XSD_ANYXML (or 147) is the code to add xml directly into a SoapVar.
         * Using other codes such as SOAP_ENC, it's really difficult to set the
         * correct namespace for the variables, so the axis server rejects the
         * xml.
         */
        $authvalues = new SoapVar($auth,XSD_ANYXML);
        $header = new SoapHeader("http://docs.oasis-open.org/wss/2004/01/oasis-".
            "200401-wss-wssecurity-secext-1.0.xsd", "Security", $authvalues,
                true);

        return $header;
    }

    /* It's necessary to call it if you want to set a different user and
     * password
     */
    public function __setUsernameToken($username, $password) {
        $this->username = $username;
        $this->password = $password;
    }


    /* Overwrites the original method adding the security header. As you can
     * see, if you want to add more headers, the method needs to be modifyed
     */
    public function __soapCall($function_name, $arguments, $options=null,
            $input_headers=null, $output_headers=null) {

        $result = parent::__soapCall($function_name, $arguments, $options,
                $this->wssecurity_header());

        return $result;
    }
}

Я пытаюсь использовать это, но получаю следующую ошибку:

Fatal error: Uncaught SoapFault exception: [HTTP] Cannot process the message because the content type 'text/xml; charset=utf-8' was not the expected type 'application/soap+xml; charset=utf-8'

Скажите, пожалуйста, как я могу установить тип содержимого с помощью объекта SOAP.

Answer 1

Если кому-то нужен ответ на тот же вопрос, ответ прост. Вам нужно использовать SOAP версии 1.2 для передачи Content-Type: application/soap+xml

$soapClient = new SoapClient('http://example.com/wsdl.wsdl',array(
    'soap_version' => SOAP_1_2,
));

Но вы должны быть осторожны, потому что это также добавляет action: youraction к Content-Type. Например:

Content-Type: application/soap+xml; charset=utf-8; action="http://example.com/path/to/your/action"