comment implémenter ws-security 1.1 en php5

Question

J'essaye d'appeler un webservice avec Soap en PHP5, pour cela, j'ai besoin d'utiliser WS-Security 1.1.

(en Java et .NET Tout cela est généré automatiquement.)

Existe-t-il des cadres disponibles pour générer les en-têtes de sécurité facilement en PHP? Ou dois-je ajouter l'en-tête entier moi-même?

Spécifications de WS-Security 1.1: http://oasis-open.org/committees/download.php/16790/wss-1.1-spec-os-SOAPMessageSecurity.pdf

Answer 1

Sur PHP Classes, Roger Veciana i Rovira a soumis ce (je viens de reformater le code):

class WSSoapClient extends SoapClient { 

    private $username; 
    private $password; 
    /*Generates de WSSecurity header*/ 
    private function wssecurity_header() { 

     /* The timestamp. The computer must be on time or the server you are 
     * connecting may reject the password digest for security. 
     */ 
     $timestamp = gmdate('Y-m-d\TH:i:s\Z'); 
     /* A random word. The use of rand() may repeat the word if the server is 
     * very loaded. 
     */ 
     $nonce = mt_rand(); 
     /* This is the right way to create the password digest. Using the 
     * password directly may work also, but it's not secure to transmit it 
     * without encryption. And anyway, at least with axis+wss4j, the nonce 
     * and timestamp are mandatory anyway. 
     */ 
     $passdigest = base64_encode(
       pack('H*', 
         sha1(
           pack('H*', $nonce) . pack('a*',$timestamp). 
           pack('a*',$this->password)))); 

     $auth = ' 
<wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.'. 
'org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> 
<wsse:UsernameToken> 
    <wsse:Username>'.$this->username.'</wsse:Username> 
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-'. 
'wss-username-token-profile-1.0#PasswordDigest">'.$passdigest.'</wsse:Password> 
    <wsse:Nonce>'.base64_encode(pack('H*', $nonce)).'</wsse:Nonce> 
    <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-'. 
'200401-wss-wssecurity-utility-1.0.xsd">'.$timestamp.'</wsu:Created> 
    </wsse:UsernameToken> 
</wsse:Security> 
'; 

     /* XSD_ANYXML (or 147) is the code to add xml directly into a SoapVar. 
     * Using other codes such as SOAP_ENC, it's really difficult to set the 
     * correct namespace for the variables, so the axis server rejects the 
     * xml. 
     */ 
     $authvalues = new SoapVar($auth,XSD_ANYXML); 
     $header = new SoapHeader("http://docs.oasis-open.org/wss/2004/01/oasis-". 
      "200401-wss-wssecurity-secext-1.0.xsd", "Security", $authvalues, 
       true); 

     return $header; 
    } 

    /* It's necessary to call it if you want to set a different user and 
    * password 
    */ 
    public function __setUsernameToken($username, $password) { 
     $this->username = $username; 
     $this->password = $password; 
    } 


    /* Overwrites the original method adding the security header. As you can 
    * see, if you want to add more headers, the method needs to be modifyed 
    */ 
    public function __soapCall($function_name, $arguments, $options=null, 
      $input_headers=null, $output_headers=null) { 

     $result = parent::__soapCall($function_name, $arguments, $options, 
       $this->wssecurity_header()); 

     return $result; 
    } 
}