savon 2.6.0 → 2.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 23a1918c1f7d0fca14320681a197cabb6205124a
-  data.tar.gz: f13e43f5bfde4dce97dd41d676bdecacc3419ffd
+  metadata.gz: 3c74bd36381fb8c14d72206e9465e7fa41f91dd8
+  data.tar.gz: 1941c3fbe15e58c3f8d4c9a92b057ded090d05e6
 SHA512:
-  metadata.gz: 3c00d74d18d3e0b02b5fc2d4981e869692abeb88e7eda80124a9048d472a733e6f128084d512edb98f91cb2ba2bb49f03c4942aaab69cc0154cec9a938b92ce6
-  data.tar.gz: 8feec6b9dd88fbb4727ae3dce531b75614e1304531df1190b79ba12d129f5d1deb299f81c7d5c6ca275b347062a027bc9ed4e570974334efea796732f3c4e3b8
+  metadata.gz: 0db7bf447424f25266cdb79a814e37f0a0260e79d92baaeff979d044df16f0f5c759457a0fdeec4cc16428f4527e596b579a2b1dccdf446fd01cde900d5003a1
+  data.tar.gz: 64421f06d8ae1482aa283b455b572ac40ca0e37e30a1da4bdd41efc146074af2c473e6538f5fbafbfecd525131fefe432fc2655733019de18af0fb02ac966b4e

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+# 2.7.0 (2014-09-23)
+
+* Feature: Signing requests. Added wsse_signature.
+```ruby
+    client = Savon.client(wsdl: 'http://service.example.com?wsdl') do
+        wsse_signature Akami::WSSE::Signature.new(Akami::WSSE::Certs.new(:cert_file => 'c.pem', :private_key_file => 'p.pem'))
+    end
+```
+
 # 2.5.0 (2014-05-03)
 
 * Feature: [#573](https://github.com/savonrb/savon/pull/573) Add an `all_operations` method to `Savon::Model` that automatically adds all available operations to the model.

data/README.md

@@ -46,6 +46,10 @@ response.body
 For more examples, you should check out the
 [integration tests](https://github.com/savonrb/savon/tree/version2/spec/integration).
 
+## FAQ
+
+* URI::InvalidURIError -- if you see this error, then it is likely that the http client you are using cannot parse the URI for your WSDL. Try `gem install httpclient` or add it to your `Gemfile`.
+  - See https://github.com/savonrb/savon/issues/488 for more info
 
 ## Give back
 

data/lib/savon/builder.rb

@@ -22,9 +22,10 @@ module Savon
     def initialize(operation_name, wsdl, globals, locals)
       @operation_name = operation_name
 
-      @wsdl    = wsdl
-      @globals = globals
-      @locals  = locals
+      @wsdl      = wsdl
+      @globals   = globals
+      @locals    = locals
+      @signature = @locals[:wsse_signature] || @globals[:wsse_signature]
 
       @types = convert_type_definitions_to_hash
       @used_namespaces = convert_type_namespaces_to_hash
@@ -35,7 +36,7 @@ module Savon
     end
 
     def build_document
-      tag(builder, :Envelope, namespaces_with_globals) do |xml|
+      xml = tag(builder, :Envelope, namespaces_with_globals) do |xml|
         tag(xml, :Header, header_attributes) { xml << header.to_s } unless header.empty?
         if @globals[:no_message_tag]
           tag(xml, :Body, body_attributes) { xml << message.to_s }
@@ -43,6 +44,27 @@ module Savon
           tag(xml, :Body, body_attributes) { xml.tag!(*namespaced_message_tag) { xml << message.to_s } }
         end
       end
+
+      # if we have a signature sign the document
+      if @signature
+        @signature.document = xml
+
+        2.times do
+          @header = nil
+          @signature.document = tag(builder, :Envelope, namespaces_with_globals) do |xml|
+            tag(xml, :Header, header_attributes) { xml << header.to_s } unless header.empty?
+            if @globals[:no_message_tag]
+              tag(xml, :Body, body_attributes) { xml << message.to_s }
+            else
+              tag(xml, :Body, body_attributes) { xml.tag!(*namespaced_message_tag) { xml << message.to_s } }
+            end
+          end
+        end
+
+        xml = @signature.document
+      end
+
+      xml
     end
 
     def header_attributes
@@ -50,7 +72,7 @@ module Savon
     end
 
     def body_attributes
-      {}
+      @body_attributes ||= @signature.nil? ? {} : @signature.body_attributes
     end
 
     def to_s

data/lib/savon/header.rb

@@ -10,6 +10,7 @@ module Savon
 
       @wsse_auth      = locals[:wsse_auth].nil? ? globals[:wsse_auth] : locals[:wsse_auth]
       @wsse_timestamp = locals[:wsse_timestamp].nil? ? globals[:wsse_timestamp] : locals[:wsse_timestamp]
+      @wsse_signature = locals[:wsse_signature].nil? ? globals[:wsse_signature] : locals[:wsse_signature]
 
       @global_header  = globals[:soap_header]
       @local_header   = locals[:soap_header]
@@ -21,7 +22,7 @@ module Savon
     end
 
     attr_reader :local_header, :global_header, :gyoku_options,
-                :wsse_auth, :wsse_timestamp
+                :wsse_auth, :wsse_timestamp, :wsse_signature
 
     def empty?
       @header.empty?
@@ -76,6 +77,10 @@ module Savon
       wsse = Akami.wsse
       wsse.credentials(*wsse_auth) if wsse_auth
       wsse.timestamp = wsse_timestamp if wsse_timestamp
+      if wsse_signature && wsse_signature.have_document?
+        wsse.signature = wsse_signature
+      end
+
       wsse
     end
 

data/lib/savon/log_message.rb

@@ -35,8 +35,12 @@ module Savon
     end
 
     def apply_filter!(document, filter)
-      document.xpath("//*[local-name()='#{filter}']").each do |node|
-        node.content = "***FILTERED***"
+      if filter.instance_of? Proc
+        filter.call document
+      else
+        document.xpath("//*[local-name()='#{filter}']").each do |node|
+          node.content = "***FILTERED***"
+        end
       end
     end
 

data/lib/savon/options.rb

@@ -60,6 +60,10 @@ module Savon
     def wsse_timestamp(timestamp = true)
       @options[:wsse_timestamp] = timestamp
     end
+
+    def wsse_signature(signature)
+      @options[:wsse_signature] = signature
+    end
   end
 
   class GlobalOptions < Options

data/lib/savon/qualified_message.rb

@@ -20,6 +20,7 @@ module Savon
           newhash.merge(key => value)
         else
           translated_key = Gyoku.xml_tag(key, :key_converter => @key_converter).to_s
+          translated_key << "!" if key[-1] == "!"
           newpath = path + [translated_key]
 
           if @used_namespaces[newpath]

data/lib/savon/version.rb

@@ -1,3 +1,3 @@
 module Savon
-  VERSION = '2.6.0'
+  VERSION = '2.7.0'
 end

data/spec/savon/builder_spec.rb

@@ -81,6 +81,43 @@ describe Savon::Builder do
 
       expect(builder.to_s).to include("<tns:username>luke</tns:username>")
     end
+
+    describe "#wsse_signature" do
+      let(:private_key) { "spec/fixtures/ssl/client_key.pem" }
+      let(:cert)        { "spec/fixtures/ssl/client_cert.pem" }
+      let(:signature)   { Akami::WSSE::Signature.new(Akami::WSSE::Certs.new(:cert_file => cert, :private_key_file => private_key))}
+      let(:globals)     { Savon::GlobalOptions.new(wsse_signature: signature) }
+
+      subject(:signed_message_nn) {Nokogiri::XML(builder.to_s).remove_namespaces!}
+      subject(:signed_message) {Nokogiri::XML(builder.to_s)}
+
+      it "should contain a header" do
+        expect(signed_message_nn.xpath('/Envelope/Header').size).to eq(1)
+      end
+
+      it "should contain a wsse:Security" do
+        expect(signed_message_nn.xpath('/Envelope/Header/Security').size).to eq(1)
+      end
+
+      it "should have a Body[@wsu:Id]" do
+        #must investigate: acts funny in mri ruby
+        #expect(signed_message.xpath('//soapenv:Body', soapenv: "http://schemas.xmlsoap.org/soap/envelope/").attribute('ws:Id').value).to include('Body-')
+        expect(signed_message_nn.xpath('//Body').attr('Id').value).to include('Body-')
+      end
+
+      it "signature should be valid" do
+        certs = Akami::WSSE::Certs.new(:cert_file => cert, :private_key_file => private_key)
+        signature_value = signed_message_nn.xpath('//SignatureValue').text
+        signed_info_fragment = signed_message.xpath('//default:SignedInfo', default: "http://www.w3.org/2000/09/xmldsig#").to_xml
+        data = Nokogiri::XML(signed_info_fragment){|config| config.options = Nokogiri::XML::ParseOptions::NOBLANKS}
+        data.root.default_namespace='http://www.w3.org/2000/09/xmldsig#'
+
+        signed_info = data.canonicalize Nokogiri::XML::XML_C14N_EXCLUSIVE_1_0
+
+        signature = certs.private_key.sign(OpenSSL::Digest::SHA1.new, signed_info)
+        expect(Base64.encode64(signature).gsub("\n", '')).to eq(signature_value)
+      end
+    end
   end
 
   describe '#body_attributes' do

data/spec/savon/log_message_spec.rb

@@ -26,6 +26,17 @@ describe Savon::LogMessage do
     expect(message).to include("<password>***FILTERED***</password>")
   end
 
+  it "properly applies Proc filter" do
+    filter = Proc.new do |document|
+      document.xpath('//password').each do |node|
+        node.content = "FILTERED"
+      end
+    end
+
+    message = log_message("<root><password>secret</password></root>", [filter], false).to_s
+    expect(message).to include("<password>FILTERED</password>")
+  end
+
   def log_message(*args)
     Savon::LogMessage.new(*args)
   end

data/spec/savon/qualified_message_spec.rb

@@ -0,0 +1,20 @@
+require "spec_helper"
+
+module Savon
+  describe QualifiedMessage, "#to_hash" do
+
+    context "if a key ends with !" do
+      it "restores the ! in a key" do
+        used_namespaces = {}
+        key_converter = :camelcase
+        types = {}
+
+        message = described_class.new(types, used_namespaces, key_converter)
+        resulting_hash = message.to_hash({:Metal! => "<Nice/>"}, ["Rock"])
+
+        expect(resulting_hash).to eq({"Metal!" => "<Nice/>"})
+      end
+    end
+
+  end
+end

metadata

@@ -1,139 +1,139 @@
 --- !ruby/object:Gem::Specification
 name: savon
 version: !ruby/object:Gem::Version
-  version: 2.6.0
+  version: 2.7.0
 platform: ruby
 authors:
 - Daniel Harrington
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-26 00:00:00.000000000 Z
+date: 2014-09-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nori
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.4.0
 - !ruby/object:Gem::Dependency
   name: httpi
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.2.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.2.3
 - !ruby/object:Gem::Dependency
   name: wasabi
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.3.0
 - !ruby/object:Gem::Dependency
   name: akami
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.2.0
 - !ruby/object:Gem::Dependency
   name: gyoku
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.1.0
 - !ruby/object:Gem::Dependency
   name: uuid
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.3.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.3.7
 - !ruby/object:Gem::Dependency
   name: builder
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 2.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 2.1.2
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.4.0
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
@@ -154,56 +154,56 @@ dependencies:
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10.1'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.14'
 - !ruby/object:Gem::Dependency
   name: mocha
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0.14'
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.7'
 description: Heavy metal SOAP client
@@ -212,9 +212,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .travis.yml
-- .yardopts
+- ".gitignore"
+- ".travis.yml"
+- ".yardopts"
 - CHANGELOG.md
 - CONTRIBUTING.md
 - Gemfile
@@ -291,6 +291,7 @@ files:
 - spec/savon/observers_spec.rb
 - spec/savon/operation_spec.rb
 - spec/savon/options_spec.rb
+- spec/savon/qualified_message_spec.rb
 - spec/savon/request_spec.rb
 - spec/savon/response_spec.rb
 - spec/savon/soap_fault_spec.rb
@@ -310,17 +311,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: savon
-rubygems_version: 2.1.11
+rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
 summary: Heavy metal SOAP client