Skip to content

Commit

Permalink
Upgrade dependencies and refactor code to work with the latest xml-cr…
Browse files Browse the repository at this point in the history
…ypto (#1242)

* Upgrade dependencies and refactor code to work with the latest xml-crypto

 Refactor WSSecurityCert and WSSecurityCertWithToken to make it
 work with the latest xml-crypto.

 Fix invalid test xml strings in WSSecurityCert and
 WSSecurityCertWithToken tests.

Remove @types/request, use randomUUID() and cleanup unused imports

 Update dependencies:
 - axios to 1.7.2
 - debug to 4.3.5
 - formidable to 3.5.1
 - sax to 1.4.1
 - uuid to 10.0.0
 - whatwg-mimetype to 4.0.0
 - xml-crypto to 6.0.0

 Update dev dependencies:
 - @types/debug to 4.1.12
 - @types/express to 4.17.21
 - @types/lodash to 4.17.5
 - @types/node to 14.0.0
 - @types/request to 2.48.12
 - @types/sax to 1.2.7
 - @types/uuid to 9.0.8
 - @types/whatwg-mimetype to 3.0.2
 - body-parser to 1.20.2
 - colors to 1.4.0
 - diff to 5.2.0
 - doctoc to 2.2.1
 - duplexer to 0.1.2
 - express to 4.19.2
 - finalhandler to 1.2.0
 - glob to 10.4.1
 - jshint to 2.13.6
 - mocha to 10.4.0
 - nyc to 17.0.0
 - semver to 7.6.2
 - serve-static to 1.15.0
 - sinon to 18.0.0
 - source-map-support to 0.5.21
  • Loading branch information
w666 authored Jul 16, 2024
1 parent 1584636 commit 3c20595
Show file tree
Hide file tree
Showing 15 changed files with 4,553 additions and 7,213 deletions.
11,471 changes: 4,397 additions & 7,074 deletions package-lock.json

Large diffs are not rendered by default.

58 changes: 28 additions & 30 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -7,17 +7,16 @@
},
"author": "Vinay Pulim <[email protected]>",
"dependencies": {
"axios": "^1.6.8",
"axios": "^1.7.2",
"axios-ntlm": "^1.4.2",
"debug": "^4.3.2",
"formidable": "^3.2.4",
"debug": "^4.3.5",
"formidable": "^3.5.1",
"get-stream": "^6.0.1",
"lodash": "^4.17.21",
"sax": ">=0.6",
"sax": "^1.4.1",
"strip-bom": "^3.0.0",
"uuid": "^8.3.2",
"whatwg-mimetype": "3.0.0",
"xml-crypto": "^3.0.0"
"whatwg-mimetype": "4.0.0",
"xml-crypto": "^6.0.0"
},
"repository": {
"type": "git",
Expand Down Expand Up @@ -47,33 +46,32 @@
"license": "MIT",
"devDependencies": {
"@types/axios": "^0.14.0",
"@types/debug": "^4.1.7",
"@types/express": "^4.17.13",
"@types/debug": "^4.1.12",
"@types/express": "^4.17.21",
"@types/formidable": "^2.0.4",
"@types/lodash": "^4.14.172",
"@types/node": "^11.15.54",
"@types/request": "^2.48.7",
"@types/sax": "^1.2.3",
"@types/uuid": "^8.3.1",
"@types/whatwg-mimetype": "^2.1.1",
"body-parser": "^1.15.2",
"colors": "^1.3.3",
"@types/lodash": "^4.17.5",
"@types/node": "^14.0.0",
"@types/sax": "^1.2.7",
"@types/uuid": "^9.0.8",
"@types/whatwg-mimetype": "^3.0.2",
"body-parser": "^1.20.2",
"colors": "^1.4.0",
"coveralls": "^3.1.1",
"diff": "^4.0.1",
"doctoc": "^2.0.1",
"duplexer": "~0.1.1",
"express": "^4.16.4",
"finalhandler": "^1.1.1",
"glob": "^7.1.7",
"jshint": "^2.13.1",
"mocha": "^6.1.4",
"nyc": "^14.1.1",
"diff": "^5.2.0",
"doctoc": "^2.2.1",
"duplexer": "~0.1.2",
"express": "^4.19.2",
"finalhandler": "^1.2.0",
"glob": "^10.4.1",
"jshint": "^2.13.6",
"mocha": "^10.4.0",
"nyc": "^17.0.0",
"readable-stream": "~2.0.2",
"semver": "^5.6.0",
"serve-static": "^1.14.1",
"semver": "^7.6.2",
"serve-static": "^1.15.0",
"should": "^13.2.3",
"sinon": "^1.17.7",
"source-map-support": "^0.5.10",
"sinon": "^18.0.0",
"source-map-support": "^0.5.21",
"timekeeper": "^2.1.2",
"tslint": "^5.18.0",
"typedoc": "^0.23.10",
Expand Down
6 changes: 3 additions & 3 deletions src/client.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@

import * as assert from 'assert';
import { AxiosResponseHeaders, RawAxiosResponseHeaders } from 'axios';
import * as debugBuilder from 'debug';
import { randomUUID } from 'crypto';
import debugBuilder from 'debug';
import { EventEmitter } from 'events';
import getStream = require('get-stream');
import * as _ from 'lodash';
import { v4 as uuidv4 } from 'uuid';
import { HttpClient } from './http';
import { IHeaders, IHttpClient, IMTOMAttachments, IOptions, ISecurity, SoapMethod, SoapMethodAsync } from './types';
import { findPrefix } from './utils';
Expand Down Expand Up @@ -462,7 +462,7 @@ export class Client extends EventEmitter {
this.lastRequest = xml;
this.lastEndpoint = location;

const eid: string = options.exchangeId || uuidv4();
const eid: string = options.exchangeId || randomUUID();

this.emit('message', message, eid);
this.emit('request', xml, eid);
Expand Down
8 changes: 4 additions & 4 deletions src/http.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@

import * as req from 'axios';
import { NtlmClient } from 'axios-ntlm';
import * as debugBuilder from 'debug';
import { randomUUID } from 'crypto';
import debugBuilder from 'debug';
import { ReadStream } from 'fs';
import * as url from 'url';
import { v4 as uuidv4 } from 'uuid';
import MIMEType = require('whatwg-mimetype');
import { gzipSync } from 'zlib';
import { IExOptions, IHeaders, IHttpClient, IOptions } from './types';
Expand Down Expand Up @@ -89,7 +89,7 @@ export class HttpClient implements IHttpClient {
options.validateStatus = null;
}
if (exoptions.forceMTOM || attachments.length > 0) {
const start = uuidv4();
const start = randomUUID();
let action = null;
if (headers['Content-Type'].indexOf('action') > -1) {
for (const ct of headers['Content-Type'].split('; ')) {
Expand All @@ -98,7 +98,7 @@ export class HttpClient implements IHttpClient {
}
}
}
const boundary = uuidv4();
const boundary = randomUUID();
headers['Content-Type'] = 'multipart/related; type="application/xop+xml"; start="<' + start + '>"; start-info="text/xml"; boundary=' + boundary;
if (action) {
headers['Content-Type'] = headers['Content-Type'] + '; ' + action;
Expand Down
44 changes: 25 additions & 19 deletions src/security/WSSecurityCert.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { v4 as uuidv4 } from 'uuid';
import { randomUUID } from 'crypto';
import { SignedXml } from 'xml-crypto';
import { ISecurity } from '../types';

Expand All @@ -25,7 +25,7 @@ function insertStr(src: string, dst: string, pos: number): string {
}

function generateId(): string {
return uuidv4().replace(/-/gm, '');
return randomUUID().replace(/-/gm, '');
}

function resolvePlaceholderInReferences(references: any[], bodyXpath: string) {
Expand Down Expand Up @@ -71,16 +71,23 @@ export class WSSecurityCert implements ISecurity {
.replace('-----END CERTIFICATE-----', '')
.replace(/(\r\n|\n|\r)/gm, '');

this.signer = new SignedXml(options?.signerOptions?.idMode);
this.signer = new SignedXml({ idMode: options?.signerOptions?.idMode });

if (options.signatureAlgorithm === 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256') {
this.signer.signatureAlgorithm = options.signatureAlgorithm;
this.signer.addReference(
bodyXpathPlaceholder,
['http://www.w3.org/2001/10/xml-exc-c14n#'],
'http://www.w3.org/2001/04/xmlenc#sha256',
);
this.signer.addReference({
xpath: bodyXpathPlaceholder,
transforms: ['http://www.w3.org/2001/10/xml-exc-c14n#'],
digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256',
});
}

if (!options.signatureAlgorithm) {
this.signer.signatureAlgorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256';
}

this.signer.canonicalizationAlgorithm = 'http://www.w3.org/2001/10/xml-exc-c14n#';

if (options.additionalReferences && options.additionalReferences.length > 0) {
this.additionalReferences = options.additionalReferences;
}
Expand All @@ -98,7 +105,7 @@ export class WSSecurityCert implements ISecurity {
this.signerOptions = { existingPrefixes: { wsse: `${oasisBaseUri}/oasis-200401-wss-wssecurity-secext-1.0.xsd` } };
}

this.signer.signingKey = {
this.signer.privateKey = {
key: privatePEM,
passphrase: password,
};
Expand All @@ -107,15 +114,14 @@ export class WSSecurityCert implements ISecurity {
this.signatureTransformations = Array.isArray(options.signatureTransformations) ? options.signatureTransformations
: ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#'];

this.signer.keyInfoProvider = {};
this.signer.keyInfoProvider.getKeyInfo = (key) => {
this.signer.getKeyInfo = (key) => {
return `<wsse:SecurityTokenReference>` +
`<wsse:Reference URI="#${this.x509Id}" ValueType="${oasisBaseUri}/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>` +
`</wsse:SecurityTokenReference>`;
};
}

public postProcess(xml, envelopeKey) {
public postProcess(xml: string, envelopeKey: string) {
this.created = generateCreated();
this.expires = generateExpires();

Expand All @@ -134,7 +140,7 @@ export class WSSecurityCert implements ISecurity {
`wsu:Id="${this.x509Id}">${this.publicP12PEM}</wsse:BinarySecurityToken>` +
timestampStr;

let xmlWithSec;
let xmlWithSec: string;
const secExt = `xmlns:wsse="${oasisBaseUri}/oasis-200401-wss-wssecurity-secext-1.0.xsd"`;
const secUtility = `xmlns:wsu="${oasisBaseUri}/oasis-200401-wss-wssecurity-utility-1.0.xsd"`;
const endOfSecurityHeader = xml.indexOf('</wsse:Security>');
Expand Down Expand Up @@ -171,20 +177,20 @@ export class WSSecurityCert implements ISecurity {
const bodyXpath = `//*[name(.)='${envelopeKey}:Body']`;
resolvePlaceholderInReferences(this.signer.references, bodyXpath);

if (!(this.signer.references.filter((ref) => (ref.xpath === bodyXpath)).length > 0)) {
this.signer.addReference(bodyXpath, references);
if (!(this.signer.references.filter((ref: { xpath: string; }) => (ref.xpath === bodyXpath)).length > 0)) {
this.signer.addReference({ xpath: bodyXpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
}

for (const name of this.additionalReferences) {
const xpath = `//*[name(.)='${name}']`;
if (!(this.signer.references.filter((ref) => (ref.xpath === xpath)).length > 0)) {
this.signer.addReference(xpath, references);
if (!(this.signer.references.filter((ref: { xpath: string; }) => (ref.xpath === xpath)).length > 0)) {
this.signer.addReference({ xpath: xpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
}
}

const timestampXpath = `//*[name(.)='wsse:Security']/*[local-name(.)='Timestamp']`;
if (this.hasTimeStamp && !(this.signer.references.filter((ref) => (ref.xpath === timestampXpath)).length > 0)) {
this.signer.addReference(timestampXpath, references);
if (this.hasTimeStamp && !(this.signer.references.filter((ref: { xpath: string; }) => (ref.xpath === timestampXpath)).length > 0)) {
this.signer.addReference({ xpath: timestampXpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
}

this.signer.computeSignature(xmlWithSec, this.signerOptions);
Expand Down
31 changes: 19 additions & 12 deletions src/security/WSSecurityCertWithToken.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { v4 as uuidv4 } from 'uuid';
import { randomUUID } from 'crypto';
import { SignedXml } from 'xml-crypto';
import { ISecurity } from '../types';
import { IWSSecurityCertOptions, IXmlSignerOptions } from './WSSecurityCert';
Expand Down Expand Up @@ -26,7 +26,7 @@ function insertStr(src: string, dst: string, pos: number): string {
}

function generateId(): string {
return uuidv4().replace(/-/gm, '');
return randomUUID().replace(/-/gm, '');
}

function resolvePlaceholderInReferences(references: any[], bodyXpath: string) {
Expand Down Expand Up @@ -65,13 +65,19 @@ export class WSSecurityCertWithToken implements ISecurity {
const opts = props.options || {};
if (opts.signatureAlgorithm === 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256') {
this.signer.signatureAlgorithm = opts.signatureAlgorithm;
this.signer.addReference(
bodyXpathPlaceholder,
['http://www.w3.org/2001/10/xml-exc-c14n#'],
'http://www.w3.org/2001/04/xmlenc#sha256',
);
this.signer.addReference({
xpath: bodyXpathPlaceholder,
transforms: ['http://www.w3.org/2001/10/xml-exc-c14n#'],
digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256',
});
}

if (!opts.signatureAlgorithm) {
this.signer.signatureAlgorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256';
}

this.signer.canonicalizationAlgorithm = 'http://www.w3.org/2001/10/xml-exc-c14n#';

if (opts.additionalReferences && opts.additionalReferences.length > 0) {
this.additionalReferences = opts.additionalReferences;
}
Expand All @@ -89,17 +95,18 @@ export class WSSecurityCertWithToken implements ISecurity {
this.signerOptions = { existingPrefixes: { wsse: `${oasisBaseUri}/oasis-200401-wss-wssecurity-secext-1.0.xsd` } };
}

this.signer.signingKey = {
this.signer.privateKey = {
key: props.privateKey,
passphrase: props.keyPassword,
};

this.x509Id = `x509-${generateId()}`;
this.hasTimeStamp = typeof opts.hasTimeStamp === 'undefined' ? true : !!opts.hasTimeStamp;
this.signatureTransformations = Array.isArray(opts.signatureTransformations) ? opts.signatureTransformations
: ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#'];

this.signer.keyInfoProvider = {};
this.signer.keyInfoProvider.getKeyInfo = (key) => {
this.signer.getKeyInfo = (key) => {
return `<wsse:SecurityTokenReference>` +
`<wsse:Reference URI="#${this.x509Id}" ValueType="${oasisBaseUri}/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>` +
`</wsse:SecurityTokenReference>`;
Expand Down Expand Up @@ -145,19 +152,19 @@ export class WSSecurityCertWithToken implements ISecurity {
resolvePlaceholderInReferences(this.signer.references, bodyXpath);

if (!(this.signer.references.filter((ref) => (ref.xpath === bodyXpath)).length > 0)) {
this.signer.addReference(bodyXpath, references);
this.signer.addReference({ xpath: bodyXpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
}

for (const name of this.additionalReferences) {
const xpath = `//*[name(.)='${name}']`;
if (!(this.signer.references.filter((ref) => (ref.xpath === xpath)).length > 0)) {
this.signer.addReference(xpath, references);
this.signer.addReference({ xpath: xpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
}
}

const timestampXpath = `//*[name(.)='wsse:Security']/*[local-name(.)='Timestamp']`;
if (this.hasTimeStamp && !(this.signer.references.filter((ref) => (ref.xpath === timestampXpath)).length > 0)) {
this.signer.addReference(timestampXpath, references);
this.signer.addReference({ xpath: timestampXpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
}

this.signer.computeSignature(xmlWithSec, this.signerOptions);
Expand Down
2 changes: 1 addition & 1 deletion src/soap.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
* MIT Licensed
*/

import * as debugBuilder from 'debug';
import debugBuilder from 'debug';
import { Client } from './client';
import * as _security from './security';
import { Server, ServerType } from './server';
Expand Down
2 changes: 1 addition & 1 deletion src/wsdl/elements.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@

import { ok as assert } from 'assert';
import * as debugBuilder from 'debug';
import debugBuilder from 'debug';
import * as _ from 'lodash';
import { IWsdlBaseOptions } from '../types';
import { splitQName, TNS_PREFIX } from '../utils';
Expand Down
2 changes: 1 addition & 1 deletion src/wsdl/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
/*jshint proto:true*/

import { ok as assert } from 'assert';
import * as debugBuilder from 'debug';
import debugBuilder from 'debug';
import * as fs from 'fs';
import * as _ from 'lodash';
import * as path from 'path';
Expand Down
Loading

0 comments on commit 3c20595

Please sign in to comment.