Upgrade dependencies and refactor code to work with the latest xml-cr…

…ypto Refactor WSSecurityCert and WSSecurityCertWithToken to make it work with the latest xml-crypto. Fix invalid test xml strings in WSSecurityCert and WSSecurityCertWithToken tests. Update dependencies: - axios to 1.7.2 - debug to 4.3.5 - formidable to 3.5.1 - sax to 1.4.1 - uuid to 10.0.0 - whatwg-mimetype to 4.0.0 - xml-crypto to 6.0.0 Update dev dependencies: - @types/debug to 4.1.12 - @types/express to 4.17.21 - @types/lodash to 4.17.5 - @types/node to 14.0.0 - @types/request to 2.48.12 - @types/sax to 1.2.7 - @types/uuid to 9.0.8 - @types/whatwg-mimetype to 3.0.2 - body-parser to 1.20.2 - colors to 1.4.0 - diff to 5.2.0 - doctoc to 2.2.1 - duplexer to 0.1.2 - express to 4.19.2 - finalhandler to 1.2.0 - glob to 10.4.1 - jshint to 2.13.6 - mocha to 10.4.0 - nyc to 17.0.0 - semver to 7.6.2 - serve-static to 1.15.0 - sinon to 18.0.0 - source-map-support to 0.5.21
vpulim · Jun 14, 2024 · 592caa6 · 592caa6
1 parent 58e266a
commit 592caa6
Show file tree

Hide file tree

Showing 12 changed files with 5,323 additions and 2,895 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -7,17 +7,17 @@
   },
   "author": "Vinay Pulim <[email protected]>",
   "dependencies": {
-    "axios": "^1.6.8",
+    "axios": "^1.7.2",
     "axios-ntlm": "^1.4.2",
-    "debug": "^4.3.2",
-    "formidable": "^3.2.4",
+    "debug": "^4.3.5",
+    "formidable": "^3.5.1",
     "get-stream": "^6.0.1",
     "lodash": "^4.17.21",
-    "sax": ">=0.6",
+    "sax": "^1.4.1",
     "strip-bom": "^3.0.0",
-    "uuid": "^8.3.2",
-    "whatwg-mimetype": "3.0.0",
-    "xml-crypto": "^3.0.0"
+    "uuid": "^10.0.0",
+    "whatwg-mimetype": "4.0.0",
+    "xml-crypto": "^6.0.0"
   },
   "repository": {
     "type": "git",
@@ -47,33 +47,33 @@
   "license": "MIT",
   "devDependencies": {
     "@types/axios": "^0.14.0",
-    "@types/debug": "^4.1.7",
-    "@types/express": "^4.17.13",
+    "@types/debug": "^4.1.12",
+    "@types/express": "^4.17.21",
     "@types/formidable": "^2.0.4",
-    "@types/lodash": "^4.14.172",
-    "@types/node": "^11.15.54",
-    "@types/request": "^2.48.7",
-    "@types/sax": "^1.2.3",
-    "@types/uuid": "^8.3.1",
-    "@types/whatwg-mimetype": "^2.1.1",
-    "body-parser": "^1.15.2",
-    "colors": "^1.3.3",
+    "@types/lodash": "^4.17.5",
+    "@types/node": "^14.0.0",
+    "@types/request": "^2.48.12",
+    "@types/sax": "^1.2.7",
+    "@types/uuid": "^9.0.8",
+    "@types/whatwg-mimetype": "^3.0.2",
+    "body-parser": "^1.20.2",
+    "colors": "^1.4.0",
     "coveralls": "^3.1.1",
-    "diff": "^4.0.1",
-    "doctoc": "^2.0.1",
-    "duplexer": "~0.1.1",
-    "express": "^4.16.4",
-    "finalhandler": "^1.1.1",
-    "glob": "^7.1.7",
-    "jshint": "^2.13.1",
-    "mocha": "^6.1.4",
-    "nyc": "^14.1.1",
+    "diff": "^5.2.0",
+    "doctoc": "^2.2.1",
+    "duplexer": "~0.1.2",
+    "express": "^4.19.2",
+    "finalhandler": "^1.2.0",
+    "glob": "^10.4.1",
+    "jshint": "^2.13.6",
+    "mocha": "^10.4.0",
+    "nyc": "^17.0.0",
     "readable-stream": "~2.0.2",
-    "semver": "^5.6.0",
-    "serve-static": "^1.14.1",
+    "semver": "^7.6.2",
+    "serve-static": "^1.15.0",
     "should": "^13.2.3",
-    "sinon": "^1.17.7",
-    "source-map-support": "^0.5.10",
+    "sinon": "^18.0.0",
+    "source-map-support": "^0.5.21",
     "timekeeper": "^2.1.2",
     "tslint": "^5.18.0",
     "typedoc": "^0.23.10",

diff --git a/src/client.ts b/src/client.ts
@@ -5,7 +5,7 @@
 
 import * as assert from 'assert';
 import { AxiosResponseHeaders, RawAxiosResponseHeaders } from 'axios';
-import * as debugBuilder from 'debug';
+import debugBuilder from 'debug';
 import { EventEmitter } from 'events';
 import getStream = require('get-stream');
 import * as _ from 'lodash';

diff --git a/src/http.ts b/src/http.ts
@@ -5,7 +5,7 @@
 
 import * as req from 'axios';
 import { NtlmClient } from 'axios-ntlm';
-import * as debugBuilder from 'debug';
+import debugBuilder from 'debug';
 import { ReadStream } from 'fs';
 import * as url from 'url';
 import { v4 as uuidv4 } from 'uuid';

diff --git a/src/security/WSSecurityCert.ts b/src/security/WSSecurityCert.ts
@@ -71,16 +71,23 @@ export class WSSecurityCert implements ISecurity {
       .replace('-----END CERTIFICATE-----', '')
       .replace(/(\r\n|\n|\r)/gm, '');
 
-    this.signer = new SignedXml(options?.signerOptions?.idMode);
+    this.signer = new SignedXml({ idMode: options?.signerOptions?.idMode });
+
     if (options.signatureAlgorithm === 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256') {
       this.signer.signatureAlgorithm = options.signatureAlgorithm;
-      this.signer.addReference(
-        bodyXpathPlaceholder,
-        ['http://www.w3.org/2001/10/xml-exc-c14n#'],
-        'http://www.w3.org/2001/04/xmlenc#sha256',
-      );
+      this.signer.addReference({
+        xpath: bodyXpathPlaceholder,
+        transforms: ['http://www.w3.org/2001/10/xml-exc-c14n#'],
+        digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256',
+      });
+    }
+
+    if (!options.signatureAlgorithm) {
+      this.signer.signatureAlgorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256';
     }
 
+    this.signer.canonicalizationAlgorithm = 'http://www.w3.org/2001/10/xml-exc-c14n#';
+
     if (options.additionalReferences && options.additionalReferences.length > 0) {
       this.additionalReferences = options.additionalReferences;
     }
@@ -98,7 +105,7 @@ export class WSSecurityCert implements ISecurity {
       this.signerOptions = { existingPrefixes: { wsse: `${oasisBaseUri}/oasis-200401-wss-wssecurity-secext-1.0.xsd` } };
     }
 
-    this.signer.signingKey = {
+    this.signer.privateKey = {
       key: privatePEM,
       passphrase: password,
     };
@@ -107,15 +114,14 @@ export class WSSecurityCert implements ISecurity {
     this.signatureTransformations = Array.isArray(options.signatureTransformations) ? options.signatureTransformations
       : ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#'];
 
-    this.signer.keyInfoProvider = {};
-    this.signer.keyInfoProvider.getKeyInfo = (key) => {
+    this.signer.getKeyInfo = (key) => {
       return `<wsse:SecurityTokenReference>` +
         `<wsse:Reference URI="#${this.x509Id}" ValueType="${oasisBaseUri}/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>` +
         `</wsse:SecurityTokenReference>`;
     };
   }
 
-  public postProcess(xml, envelopeKey) {
+  public postProcess(xml: string, envelopeKey: string) {
     this.created = generateCreated();
     this.expires = generateExpires();
 
@@ -134,7 +140,7 @@ export class WSSecurityCert implements ISecurity {
       `wsu:Id="${this.x509Id}">${this.publicP12PEM}</wsse:BinarySecurityToken>` +
       timestampStr;
 
-    let xmlWithSec;
+    let xmlWithSec: string;
     const secExt = `xmlns:wsse="${oasisBaseUri}/oasis-200401-wss-wssecurity-secext-1.0.xsd"`;
     const secUtility = `xmlns:wsu="${oasisBaseUri}/oasis-200401-wss-wssecurity-utility-1.0.xsd"`;
     const endOfSecurityHeader = xml.indexOf('</wsse:Security>');
@@ -171,20 +177,20 @@ export class WSSecurityCert implements ISecurity {
     const bodyXpath = `//*[name(.)='${envelopeKey}:Body']`;
     resolvePlaceholderInReferences(this.signer.references, bodyXpath);
 
-    if (!(this.signer.references.filter((ref) => (ref.xpath === bodyXpath)).length > 0)) {
-      this.signer.addReference(bodyXpath, references);
+    if (!(this.signer.references.filter((ref: { xpath: string; }) => (ref.xpath === bodyXpath)).length > 0)) {
+      this.signer.addReference({ xpath: bodyXpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
     }
 
     for (const name of this.additionalReferences) {
       const xpath = `//*[name(.)='${name}']`;
-      if (!(this.signer.references.filter((ref) => (ref.xpath === xpath)).length > 0)) {
-        this.signer.addReference(xpath, references);
+      if (!(this.signer.references.filter((ref: { xpath: string; }) => (ref.xpath === xpath)).length > 0)) {
+        this.signer.addReference({ xpath: xpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
       }
     }
 
     const timestampXpath = `//*[name(.)='wsse:Security']/*[local-name(.)='Timestamp']`;
-    if (this.hasTimeStamp && !(this.signer.references.filter((ref) => (ref.xpath === timestampXpath)).length > 0)) {
-      this.signer.addReference(timestampXpath, references);
+    if (this.hasTimeStamp && !(this.signer.references.filter((ref: { xpath: string; }) => (ref.xpath === timestampXpath)).length > 0)) {
+      this.signer.addReference({ xpath: timestampXpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
     }
 
     this.signer.computeSignature(xmlWithSec, this.signerOptions);

diff --git a/src/security/WSSecurityCertWithToken.ts b/src/security/WSSecurityCertWithToken.ts
@@ -65,13 +65,19 @@ export class WSSecurityCertWithToken implements ISecurity {
     const opts = props.options || {};
     if (opts.signatureAlgorithm === 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256') {
       this.signer.signatureAlgorithm = opts.signatureAlgorithm;
-      this.signer.addReference(
-        bodyXpathPlaceholder,
-        ['http://www.w3.org/2001/10/xml-exc-c14n#'],
-        'http://www.w3.org/2001/04/xmlenc#sha256',
-      );
+      this.signer.addReference({
+        xpath: bodyXpathPlaceholder,
+        transforms: ['http://www.w3.org/2001/10/xml-exc-c14n#'],
+        digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256',
+      });
     }
 
+    if (!opts.signatureAlgorithm) {
+      this.signer.signatureAlgorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256';
+    }
+
+    this.signer.canonicalizationAlgorithm = 'http://www.w3.org/2001/10/xml-exc-c14n#';
+
     if (opts.additionalReferences && opts.additionalReferences.length > 0) {
       this.additionalReferences = opts.additionalReferences;
     }
@@ -89,17 +95,18 @@ export class WSSecurityCertWithToken implements ISecurity {
       this.signerOptions = { existingPrefixes: { wsse: `${oasisBaseUri}/oasis-200401-wss-wssecurity-secext-1.0.xsd` } };
     }
 
-    this.signer.signingKey = {
+    this.signer.privateKey = {
       key: props.privateKey,
       passphrase: props.keyPassword,
     };
+
     this.x509Id = `x509-${generateId()}`;
     this.hasTimeStamp = typeof opts.hasTimeStamp === 'undefined' ? true : !!opts.hasTimeStamp;
     this.signatureTransformations = Array.isArray(opts.signatureTransformations) ? opts.signatureTransformations
       : ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#'];
 
     this.signer.keyInfoProvider = {};
-    this.signer.keyInfoProvider.getKeyInfo = (key) => {
+    this.signer.getKeyInfo = (key) => {
       return `<wsse:SecurityTokenReference>` +
         `<wsse:Reference URI="#${this.x509Id}" ValueType="${oasisBaseUri}/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>` +
         `</wsse:SecurityTokenReference>`;
@@ -145,19 +152,19 @@ export class WSSecurityCertWithToken implements ISecurity {
     resolvePlaceholderInReferences(this.signer.references, bodyXpath);
 
     if (!(this.signer.references.filter((ref) => (ref.xpath === bodyXpath)).length > 0)) {
-      this.signer.addReference(bodyXpath, references);
+      this.signer.addReference({ xpath: bodyXpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
     }
 
     for (const name of this.additionalReferences) {
       const xpath = `//*[name(.)='${name}']`;
       if (!(this.signer.references.filter((ref) => (ref.xpath === xpath)).length > 0)) {
-        this.signer.addReference(xpath, references);
+        this.signer.addReference({ xpath: xpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
       }
     }
 
     const timestampXpath = `//*[name(.)='wsse:Security']/*[local-name(.)='Timestamp']`;
     if (this.hasTimeStamp && !(this.signer.references.filter((ref) => (ref.xpath === timestampXpath)).length > 0)) {
-      this.signer.addReference(timestampXpath, references);
+      this.signer.addReference({ xpath: timestampXpath, transforms: references, digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256' });
     }
 
     this.signer.computeSignature(xmlWithSec, this.signerOptions);

diff --git a/src/soap.ts b/src/soap.ts
@@ -3,7 +3,7 @@
  * MIT Licensed
  */
 
-import * as debugBuilder from 'debug';
+import debugBuilder from 'debug';
 import { Client } from './client';
 import * as _security from './security';
 import { Server, ServerType } from './server';

diff --git a/src/wsdl/elements.ts b/src/wsdl/elements.ts
@@ -1,6 +1,6 @@
 
 import { ok as assert } from 'assert';
-import * as debugBuilder from 'debug';
+import debugBuilder from 'debug';
 import * as _ from 'lodash';
 import { IWsdlBaseOptions } from '../types';
 import { splitQName, TNS_PREFIX } from '../utils';

diff --git a/src/wsdl/index.ts b/src/wsdl/index.ts
@@ -6,7 +6,7 @@
 /*jshint proto:true*/
 
 import { ok as assert } from 'assert';
-import * as debugBuilder from 'debug';
+import debugBuilder from 'debug';
 import * as fs from 'fs';
 import * as _ from 'lodash';
 import * as path from 'path';

diff --git a/test/client-customHttp-test.js b/test/client-customHttp-test.js
@@ -15,8 +15,7 @@ var fs = require('fs'),
   should = require('should');
 
 it('should allow customization of httpClient and the wsdl file download should pass through it', function(done) {
-
-//Make a custom http agent to use streams instead on net socket
+  //Make a custom http agent to use streams instead on net socket
   function CustomAgent(options, socket){
     var self = this;
     events.EventEmitter.call(this);
@@ -28,39 +27,39 @@ it('should allow customization of httpClient and the wsdl file download should p
   }
 
   util.inherits(CustomAgent, events.EventEmitter);
-    
+
   CustomAgent.prototype.addRequest = function(req, options) {
     req.onSocket(this.proxyStream);
   };
-
+  
   //Create a duplex stream 
 
   var httpReqStream = new stream.PassThrough();
   var httpResStream = new stream.PassThrough();
   var socketStream = duplexer(httpReqStream, httpResStream);
-
+  
   // Node 4.x requires cork/uncork
   socketStream.cork = function() {
   };
-
+  
   socketStream.uncork = function() {
   };
-
+  
   socketStream.destroy = function() {
   };
-
+  
   // axios calls this
   socketStream.setKeepAlive = function() {
   };
-
+  
   //Custom httpClient  
   class MyHttpClient extends httpClient {
     constructor(options, socket) {
       super(options)
       this.agent = new CustomAgent(options, socket);
     }
   }
-    
+
   MyHttpClient.prototype.request = function(rurl, data, callback, exheaders, exoptions) {
     var self = this;
     var options = self.buildRequest(rurl, data, exheaders, exoptions);