CODEWITHSUNDEEP
xmlsoapxml-signaturexmlsec
Redhat
Redhat

Reputation: 41

How to sign soap message in Python and generate wss security header?

I would like to sign below soap message in python....and resultant message should have security headers as mentioned later.How can I achieve this?

<SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
   <ns1:RequestSecurityTokenCollection>
    <ns1:RequestSecurityToken>
      <wsp:AppliesTo>
        <wsa:EndpointReference>
          <wsa:Address>https://abcd</wsa:Address>
        </wsa:EndpointReference>
      </wsp:AppliesTo>
      <wst:Issuer>
        <wsa:Address>https://xyz</wsa:Address>
      </wst:Issuer>
      <wst:TokenType>urn:ietf:params:oauth:token-type:jwt</wst:TokenType>
      <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate</wst:RequestType>
      <wst:Base>
        <stsuuser:STSUniversalUser xmlns:stsuuser="urn:ibm:names:ITFIM:1.0:stsuuser">
          <stsuuser:Principal>
            <stsuuser:Attribute name="name">
              <stsuuser:Value>john</stsuuser:Value>
            </stsuuser:Attribute>
          </stsuuser:Principal>
          <stsuuser:AttributeList/>
        </stsuuser:STSUniversalUser>
      </wst:Base>
    </ns1:RequestSecurityToken>
   </ns1:RequestSecurityTokenCollection>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

also the signed output should have below security headers

<SOAP-ENV:Header>
        <wss:Security xmlns:wss="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
            <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="NEWID">
                <wsu:Created/>
            </wsu:Timestamp>
            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="">
                <ds:SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                    <ds:Reference URI="">
                        <ds:Transforms>
                            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transforms>
                        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                        <ds:DigestValue>96njoA0fzM8X6G5PWjOp+R4/Gi4=</ds:DigestValue>
                    </ds:Reference>
                    <ds:Reference URI="">
                        <ds:Transforms>
                            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </ds:Transforms>
                        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                        <ds:DigestValue>EXY1Zah4kwz4Dlhc0G3oHIy7HJU=</ds:DigestValue>
                    </ds:Reference>
                </ds:SignedInfo>
                <ds:SignatureValue>Jdkt8TaBmtJGDnsSIdoOibfGAXbqXkKxS4TkQwEfUTWLHyMPe2RqQ1E0ziK1bLU5
CKAcAQ+eRgymP68Zlu3ahW56dTYSBA1DxFFFfD8CtCPikEuQSwMPBWZK5yzlMRm4
ZHv+/XOXYtZRBTT3C+34AAYNn77bE+AAjpcp4VP+xLqv4efTYz/fHVzVkxIh1WpA
tOw0e0WcNrBls1tMe191pAXOJgUXgNChTnGnpr4IVSHinv+HtS54oe0bZwlL3yBp
Gqsq/sIM9pbaTykGW4i6jV9G3vkDiFN2xd/3A45+TQCNu8YXQD9enc96wzVY8LGT
aeYdEXMT9bgNqe1ayqM0NA==</ds:SignatureValue>
            </ds:Signature>
        </wss:Security>
</SOAP-ENV:Header>

I tried using the xmlsectool-3.0.0 tool but it did not add the required headers with namespaces.

Upvotes: 0

Views: 364

Answers (0)

Related Questions