@techspokes/typescript-wsdl-client 0.2.0 → 0.2.2

package/README.md

@@ -23,7 +23,7 @@ Reads WSDL/XSD (with imports) and emits a small, typed client you can compile in
 * Deterministic metadata (`ATTR_SPEC`, `PROP_META`) for clean JSON ⇄ SOAP mapping
 * ESM **and** CommonJS friendly output
 
-Vendor: **[TechSpokes](https://www.techspokes.com)** · Contact: **[contact page](https://www.techspokes.com/contact/)"**
+Vendor: **[TechSpokes](https://www.techspokes.com)** · Contact: **[contact page](https://www.techspokes.com/contact/)**
 Maintainer: **Serge Liatko** ([@sergeliatko](https://github.com/sergeliatko)) · GitHub org: [@techspokes](https://github.com/techspokes)
 
 ---
@@ -33,7 +33,7 @@ Maintainer: **Serge Liatko** ([@sergeliatko](https://github.com/sergeliatko)) ·
 Install the generator (dev-time) in your project:
 
 ```bash
-npm i -D typescript-wsdl-client
+npm i -D @techspokes/typescript-wsdl-client
 # your app will use node-soap at runtime:
 npm i soap
 ```
@@ -49,17 +49,28 @@ Use the generated client:
 ```ts
 // ESM / NodeNext app
 import { createSoapClient } from "./generated/my/runtime.js";
-import { GeneratedSoapClient } from "./generated/my/client.js";
+// class name defaults to <ServiceName>SoapClient (from WSDL), e.g., MyServiceSoapClient
+import { MyServiceSoapClient } from "./generated/my/client.js";
 
-const soap = await createSoapClient({ wsdlUrl: "https://example.com/MyService?wsdl" });
-const client = new GeneratedSoapClient(soap, "$attributes"); // attributes key optional
+// optional: pass security straight into createSoapClient (node-soap security instance)
+import soap from "soap";
+const security = new soap.WSSecurity("user", "pass");
 
+const soapClient = await createSoapClient({
+  wsdlUrl: "https://example.com/MyService?wsdl",
+  security, // or configure after creation: (await createSoapClient(...)).setSecurity(security)
+});
+
+const client = new MyServiceSoapClient(soapClient, "$attributes"); // attributes key optional
+
+// Example: To set literal text content for an XML element, use the reserved `$value` key.
+// Other keys in the object represent XML attributes (e.g. `MyAttribute`) and child elements (e.g. `MyElement`).
+// This lets you build mixed-content XML: `$value` for text, attribute keys for XML attributes, and element keys for nested elements.
 const rs = await client.MyOperation({
   MyOperationRQ: {
     MyAttribute: "passed as attribute",
     MyElement: "passed as child element",
-    // ...other fields
-    // attributes appear as top-level props; child elements as nested objects
+    $value: "passed text content here",
   }
 });
 
@@ -70,6 +81,17 @@ console.log(rs);
 
 ---
 
+## Security and WS-Policy hints
+
+- node-soap leaves security up to you. Create a security instance (e.g., `new soap.BasicAuthSecurity(...)`, `new soap.WSSecurity(...)`, `new soap.ClientSSLSecurity(...)`) and set it on the client via `client.setSecurity(...)`.
+- The runtime factory `createSoapClient({ wsdlUrl, endpoint?, wsdlOptions?, security? })` accepts an optional `security` and will call `client.setSecurity(security)` for you.
+- The generated client includes minimal WS-Policy hints if your WSDL embeds inline `wsp:Policy` under `wsdl:binding` or `wsdl:binding/wsdl:operation`.
+  - Hints are surfaced in method JSDoc as “Security (WSDL policy hint): …” and in `operations.json`/`operations.ts` as a `security: string[]` field (e.g., `usernameToken`, `https`, `x509`, `messageSecurity`).
+  - These hints are best-effort and not authoritative (no `wsp:PolicyReference` dereferencing yet). They’re intended to nudge you to configure the right security.
+  - At runtime, if an operation has hints and your client has no `security` configured, a console warning is emitted.
+
+---
+
 ## CLI
 
 ```
@@ -107,11 +129,19 @@ wsdl-tsc --wsdl <path-or-url> --out <dir> [options]
 | `--imports`         | string    | js, ts, bare                   | js           | Intra-generated import specifiers: '.js', '.ts', or bare         |
 | `--ops-ts`          | boolean   | true, false                    | true         | Emit `operations.ts` instead of JSON                             |
 | `--attributes-key`  | string    | any                            | $attributes  | Key used by runtime marshaller for XML attributes                |
+| `--client-name`     | string    | any                            | —            | Override the exported client class name (exact)                  |
 | `--int64-as`        | string    | string, number, bigint         | string       | How to map xs:long/xs:unsignedLong                               |
 | `--bigint-as`       | string    | string, number                 | string       | How to map xs:integer family (positive/nonNegative/etc.)         |
 | `--decimal-as`      | string    | string, number                 | string       | How to map xs:decimal (money/precision)                          |
 | `--date-as`         | string    | string, Date                   | string       | How to map date/time/duration types                              |
 
+### Client naming
+
+- By default, the generated client class is named after the WSDL service: `<ServiceName>SoapClient`.
+- If the service name can’t be determined, we fall back to the WSDL filename: `<WsdlFileBaseName>SoapClient`.
+- If neither is available, we fall back to `GeneratedSoapClient`.
+- You can override the name entirely with `--client-name MyCustomClient` (the exact export name will be used).
+
 **Primitive mapping (safe defaults)**
 
 Defaults are **string-first** to avoid precision & timezone surprises:
@@ -195,8 +225,8 @@ TypeScript will compile to `require("./runtime")` cleanly.
 ## Programmatic API (optional)
 
 ```ts
-import { compileCatalog, xsdToTsPrimitive, type CompilerOptions } from "typescript-wsdl-client";
-import { loadWsdlCatalog } from "typescript-wsdl-client/internal-or-your-loader"; // if you expose it
+import { compileCatalog, xsdToTsPrimitive, type CompilerOptions } from "@techspokes/typescript-wsdl-client";
+import { loadWsdlCatalog } from "@techspokes/typescript-wsdl-client/internal-or-your-loader"; // if you expose it
 
 const catalog = await loadWsdlCatalog("./spec/wsdl/MyService.wsdl");
 const compiled = compileCatalog(catalog, {
@@ -237,6 +267,7 @@ npx tsc --noEmit --module NodeNext --moduleResolution NodeNext --target ES2022 .
 * **“Cannot find './runtime.js'”** — Your app must be `module: "NodeNext"` when using `--imports js`.
   Use `--imports bare` for CommonJS apps.
 * **“node-soap not found”** — Install it in your **app**: `npm i soap`.
+* **“Security required?”** — If your generated client warns or JSDoc shows a security hint, configure node-soap security: `client.setSecurity(new soap.WSSecurity(...))` or pass `security` to `createSoapClient`.
 
 ---
 

package/dist/cli.js

@@ -37,6 +37,10 @@ const argv = await yargs(hideBin(process.argv))
     type: "string",
     default: "$attributes",
     desc: "Key used by runtime marshaller for XML attributes",
+})
+    .option("client-name", {
+    type: "string",
+    desc: "Override the generated client class name (exact export name)",
 })
     // Primitive mapping knobs (safe defaults)
     .option("int64-as", {
@@ -94,5 +98,6 @@ emitClient(path.join(outDir, "client.ts"), compiled, {
     // @ts-ignore runtime-only options for emitter
     importExt,
     attributesKey: String(argv["attributes-key"]),
+    clientName: argv["client-name"],
 });
 console.log(`✅ Generated TypeScript client in ${outDir}`);

package/dist/compiler/schemaCompiler.d.ts

@@ -43,8 +43,11 @@ export type CompiledCatalog = {
         soapAction: string;
         inputElement?: QName;
         outputElement?: QName;
+        security?: string[];
     }>;
     wsdlTargetNS: string;
+    serviceName?: string;
+    wsdlUri: string;
 };
 /**
  * Compile a WSDL catalog into an internal representation (CompiledCatalog).

package/dist/compiler/schemaCompiler.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schemaCompiler.d.ts","sourceRoot":"","sources":["../../src/compiler/schemaCompiler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAU3D,MAAM,MAAM,KAAK,GAAG;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAElD,MAAM,MAAM,YAAY,GAAG;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,KAAK,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,CAAC,EAAE,UAAU,GAAG,UAAU,CAAC;QAC9B,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC,CAAC;IACH,KAAK,EAAE,KAAK,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,GAAG,WAAW,CAAC;QAC1B,QAAQ,CAAC,EAAE,OAAO,CAAC;QACnB,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC,CAAC;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,YAAY,EAAE,CAAC;IACtB,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;QACnC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;QAClD,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;KAC/C,CAAC;IACF,UAAU,EAAE,KAAK,CAAC;QAChB,IAAI,EAAE,MAAM,CAAC;QACb,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,CAAC,EAAE,KAAK,CAAC;QACrB,aAAa,CAAC,EAAE,KAAK,CAAC;KACvB,CAAC,CAAC;IACH,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAsBF;;;;;;;;;GASG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,eAAe,GAAG,eAAe,CA+exF"}
+{"version":3,"file":"schemaCompiler.d.ts","sourceRoot":"","sources":["../../src/compiler/schemaCompiler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAU3D,MAAM,MAAM,KAAK,GAAG;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAElD,MAAM,MAAM,YAAY,GAAG;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,KAAK,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,CAAC,EAAE,UAAU,GAAG,UAAU,CAAC;QAC9B,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC,CAAC;IACH,KAAK,EAAE,KAAK,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,GAAG,WAAW,CAAC;QAC1B,QAAQ,CAAC,EAAE,OAAO,CAAC;QACnB,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC,CAAC;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,YAAY,EAAE,CAAC;IACtB,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;QACnC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;QAClD,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;KAC/C,CAAC;IACF,UAAU,EAAE,KAAK,CAAC;QAChB,IAAI,EAAE,MAAM,CAAC;QACb,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,CAAC,EAAE,KAAK,CAAC;QACrB,aAAa,CAAC,EAAE,KAAK,CAAC;QACtB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;KACrB,CAAC,CAAC;IACH,YAAY,EAAE,MAAM,CAAC;IAErB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AA6DF;;;;;;;;;GASG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,eAAe,GAAG,eAAe,CA2gBxF"}

package/dist/compiler/schemaCompiler.js

@@ -13,6 +13,56 @@ function makeInlineTypeName(parentTypeName, propName, _max) {
     }
     return `${base}Anon`;
 }
+// --- Minimal WS-Policy scanning (inline policies only; PolicyReference not resolved) ---
+function collectSecurityFromPolicyNodes(policyNodes) {
+    const found = new Set();
+    const targets = new Set([
+        "UsernameToken",
+        "TransportBinding",
+        "HttpsToken",
+        "TransportToken",
+        "AsymmetricBinding",
+        "SymmetricBinding",
+        "SignedSupportingTokens",
+        "X509Token",
+    ]);
+    const visit = (n) => {
+        if (n == null || typeof n !== "object")
+            return;
+        for (const [k, v] of Object.entries(n)) {
+            if (k.startsWith("@_"))
+                continue; // attribute
+            // localName match (prefix-agnostic) by checking tail after ':' or whole key if no ':'
+            const ln = k.includes(":") ? k.split(":").pop() : k;
+            if (targets.has(ln)) {
+                switch (ln) {
+                    case "UsernameToken":
+                        found.add("usernameToken");
+                        break;
+                    case "HttpsToken":
+                    case "TransportBinding":
+                    case "TransportToken":
+                        found.add("https");
+                        break;
+                    case "X509Token":
+                        found.add("x509");
+                        break;
+                    case "AsymmetricBinding":
+                    case "SymmetricBinding":
+                    case "SignedSupportingTokens":
+                        found.add("messageSecurity");
+                        break;
+                }
+            }
+            // recurse
+            if (v && typeof v === "object")
+                visit(v);
+        }
+    };
+    for (const p of policyNodes)
+        visit(p);
+    return Array.from(found);
+}
 /**
  * Compile a WSDL catalog into an internal representation (CompiledCatalog).
  * Steps:
@@ -469,11 +519,38 @@ export function compileCatalog(cat, _opts) {
         return { name, soapAction: bOps.get(name) || "", inputElement, outputElement };
     })
         .filter((x) => x != null));
+    // --- WS-Policy: scan for security requirements (inline policies only) ---
+    const bindingPolicies = getChildrenWithLocalName(soapBinding || {}, "Policy");
+    const bindingSec = collectSecurityFromPolicyNodes(bindingPolicies);
+    for (const op of ops) {
+        const bo = opsNodes.find(o => o?.["@_name"] === op.name) || {};
+        const opPolicies = getChildrenWithLocalName(bo, "Policy");
+        const opSec = collectSecurityFromPolicyNodes(opPolicies);
+        const secSet = new Set([...bindingSec, ...opSec]);
+        op.security = Array.from(secSet);
+    }
+    // --- Service discovery (for client naming) ---
+    let serviceName;
+    const soapBindingName = soapBinding?.["@_name"];
+    const serviceDefs = normalizeArray(defs?.["wsdl:service"] || defs?.["service"]);
+    const serviceUsingBinding = serviceDefs.find(s => {
+        const ports = getChildrenWithLocalName(s, "port");
+        return ports.some(p => {
+            const bq = p?.["@_binding"];
+            if (!bq || !soapBindingName)
+                return false;
+            const q = resolveQName(bq, tns, cat.prefixMap);
+            return q.local === soapBindingName; // match by local name
+        });
+    });
+    serviceName = serviceUsingBinding?.["@_name"] || serviceDefs[0]?.["@_name"];
     return {
         types: typesList,
         aliases: aliasList,
         meta: { attrSpec, childType, propMeta },
         operations: ops,
         wsdlTargetNS: defs?.["@_targetNamespace"] || "",
+        serviceName,
+        wsdlUri: cat.wsdlUri,
     };
 }

package/dist/config.d.ts

@@ -23,6 +23,11 @@ export type CompilerOptions = {
      * Attribute bag key for the runtime mapper (node-soap).
      */
     attributesKey?: string;
+    /**
+     * Optional override for the generated client class name.
+     * If provided, the emitter will export this exact class name.
+     */
+    clientName?: string;
     /**
      * Controls low-level mapping of XSD primitives to TypeScript types. Safe defaults are provided.
      */

package/dist/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAE5D;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG;IAC1B;;OAEG;IACH,MAAM,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC;IAClC;;OAEG;IACH,MAAM,CAAC,EAAE,QAAQ,GAAG,MAAM,CAAC;IAC3B;;OAEG;IACH,KAAK,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAAC;IAC5B;;OAEG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB;;OAEG;IACH,SAAS,CAAC,EAAE,gBAAgB,CAAC;CAChC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,cAAc,EAAE,eAM5B,CAAC"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAE5D;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG;IAC1B;;OAEG;IACH,MAAM,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC;IAClC;;OAEG;IACH,MAAM,CAAC,EAAE,QAAQ,GAAG,MAAM,CAAC;IAC3B;;OAEG;IACH,KAAK,CAAC,EAAE,QAAQ,GAAG,QAAQ,CAAC;IAC5B;;OAEG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,SAAS,CAAC,EAAE,gBAAgB,CAAC;CAChC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,cAAc,EAAE,eAM5B,CAAC"}

package/dist/emit/clientEmitter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"clientEmitter.d.ts","sourceRoot":"","sources":["../../src/emit/clientEmitter.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAGpD,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,EAAE,eAAe,GAAG;IAAE,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,QAmCpH"}
+{"version":3,"file":"clientEmitter.d.ts","sourceRoot":"","sources":["../../src/emit/clientEmitter.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAGpD,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,EAAE,eAAe,GAAG;IAAE,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,QAkDpH"}

package/dist/emit/clientEmitter.js

@@ -7,7 +7,18 @@ export function emitClient(outFile, compiled, opts) {
     lines.push(`import { ATTR_SPEC, CHILD_TYPE, PROP_META } from "./meta${ext}";`);
     lines.push(`import type * as T from "./types${ext}";`);
     lines.push("");
-    lines.push(`export class GeneratedSoapClient {`);
+    // Derive class name: prefer explicit override, else WSDL service name, else base filename, else default
+    const overrideName = (opts.clientName || "").trim();
+    const svcName = compiled.serviceName && pascal(compiled.serviceName);
+    const fileBase = (() => {
+        const uri = compiled.wsdlUri || "";
+        // extract last path segment and strip extension for both URL and file path
+        const seg = uri.split(/[\\/]/).pop() || "";
+        const noExt = seg.replace(/\.[^.]+$/, "");
+        return noExt ? pascal(noExt) : "";
+    })();
+    const className = overrideName || ((svcName || fileBase) ? `${svcName || fileBase}SoapClient` : "GeneratedSoapClient");
+    lines.push(`export class ${className} {`);
     lines.push(`  constructor(private source: string | any, private attributesKey: string = "${opts.attributesKey || "$attributes"}") {}`);
     lines.push(`  async _client() {`);
     lines.push(`    if (typeof this.source === 'string') return createSoapClient({ wsdlUrl: this.source });`);
@@ -21,9 +32,13 @@ export function emitClient(outFile, compiled, opts) {
         const outTs = outTypeName ? `T.${outTypeName}` : `any`;
         const inMetaKey = inTypeName ?? m;
         const outMetaKey = outTypeName ?? m;
-        lines.push(`  /** SOAPAction: ${op.soapAction} */`);
+        const secHints = Array.isArray(op.security) && op.security.length ? op.security : [];
+        lines.push(`  /** SOAPAction: ${op.soapAction}${secHints.length ? `\n   * Security (WSDL policy hint): ${secHints.join(", ")}` : ""} */`);
         lines.push(`  async ${m}(args: ${inTs}): Promise<${outTs}> {`);
         lines.push(`    const c: any = await this._client();`);
+        if (secHints.length) {
+            lines.push(`    if (!c || !c.security) { console.warn("[wsdl-client] Operation '${m}' may require security: ${secHints.join(", ")}. Configure client.setSecurity(...) or pass { security } to createSoapClient()."); }`);
+        }
         lines.push(`    const meta = { ATTR_SPEC, CHILD_TYPE, PROP_META } as const;`);
         lines.push(`    const soapArgs = toSoapArgs(args as any, "${inMetaKey}", meta, this.attributesKey);`);
         lines.push(`    return new Promise((resolve, reject) => {`);

package/dist/emit/runtimeEmitter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"runtimeEmitter.d.ts","sourceRoot":"","sources":["../../src/emit/runtimeEmitter.ts"],"names":[],"mappings":"AAGA,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,QAuF1C"}
+{"version":3,"file":"runtimeEmitter.d.ts","sourceRoot":"","sources":["../../src/emit/runtimeEmitter.ts"],"names":[],"mappings":"AAGA,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,QAoF1C"}

package/dist/emit/runtimeEmitter.js

@@ -9,6 +9,7 @@ export type CreateSoapClientOptions = {
   endpoint?: string;
   wsdlOptions?: Record<string, any>;
   requestOptions?: Record<string, any>;
+  security?: any; // pass an instance of a node-soap security class, e.g., new soap.WSSecurity("user","pass")
 }
 export type AttrSpec = Record<string, readonly string[]>;
 export type ChildType = Record<string, Readonly<Record<string, string>>>;
@@ -17,12 +18,8 @@ export type PropMeta = Record<string, Readonly<Record<string, any>>>;
 export async function createSoapClient(opts: CreateSoapClientOptions): Promise<any> {
   const client = await soap.createClientAsync(opts.wsdlUrl, opts.wsdlOptions || {});
   if (opts.endpoint) client.setEndpoint(opts.endpoint);
-  if (opts.requestOptions) {
-    const { wsdlUrl, endpoint, wsdlOptions, ...req } = opts as any;
-    if (client.setSecurity && req) {
-      // security is caller's responsibility (if needed)
-    }
-  }
+  if (opts.security) client.setSecurity(opts.security);
+  // security and any request-specific configuration are the caller's responsibility
   return client;
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@techspokes/typescript-wsdl-client",
-  "version": "0.2.0",
+  "version": "0.2.2",
   "description": "TypeScript WSDL → SOAP client generator with full xs:attribute support, complex types, sequences, inheritance, and namespace-collision merging.",
   "keywords": [
     "wsdl",