akami icon indicating copy to clipboard operation
akami copied to clipboard
verified publisher icon savonrb

cert and timestamp can't be together?

Open rderoldan1 opened this issue 11 years ago • 5 comments

@tjarratt I just found something that I consider an issue, if signature and timestamp are true, just signature header is returned

  # Returns the XML for a WSSE header.
    def to_xml
      if signature? and signature.have_document?
         Gyoku.xml wsse_signature1.merge!(hash)
      elsif username_token? && timestamp?
          Gyoku.xml wsse_username_token.merge!(wsu_timestamp) {
          |key, v1, v2| v1.merge!(v2) {
            |key, v1, v2| v1.merge!(v2)
          }
        }
      elsif username_token?
        Gyoku.xml wsse_username_token.merge!(hash)
      elsif timestamp?
        Gyoku.xml wsu_timestamp.merge!(hash)
      else
        ""
      end
    end

The if clause is not considering the case of have signed? and timestamp?, I fix it (in a really ugly way) but for testing purposes it works, I don't know if is not really comment to have timestamps and the cert headers together, but what do you think?

# Returns the XML for a WSSE header.
    def to_xml
      if signature? and signature.have_document?
        if timestamp?
          wsse_signature1 = {}
          wsse_signature1["wsse:Security"] = wsse_signature["wsse:Security"].merge!(wsu_timestamp["wsse:Security"])
          wsse_signature1["wsse:Security"][:order!] << "wsu:Timestamp"
          Gyoku.xml wsse_signature1
        else
          Gyoku.xml wsse_signature.merge!(hash)
        end
      elsif username_token? && timestamp?
          Gyoku.xml wsse_username_token.merge!(wsu_timestamp) {
          |key, v1, v2| v1.merge!(v2) {
            |key, v1, v2| v1.merge!(v2)
          }
        }
      elsif username_token?
        Gyoku.xml wsse_username_token.merge!(hash)
      elsif timestamp?
        Gyoku.xml wsu_timestamp.merge!(hash)
      else
        ""
      end
    end

rderoldan1 avatar Sep 12 '14 14:09 rderoldan1

Oh gosh, that if elsif block. The horror!

All joking aside, this is a rather annoying issue that you discovered @rderoldan1. I would have expected this to work, but since support for these various parts of Akami have come about piece by piece I suppose it's natural that this would have been left out.

For now, would you mind issuing this as a pull request along with a spec for this behavior? Once we have some tests, it should be easy to go and refactor this to clean up the implementation.

tjarratt avatar Sep 23 '14 08:09 tjarratt

The patch worked for me. Thanks.

eiapopeia avatar Nov 10 '15 09:11 eiapopeia

I added a new pull request #25 With this you can have timestamps and signatures at the same time and also have them signed. See the all new specs for usage examples!

eiapopeia avatar Nov 16 '15 10:11 eiapopeia

Is this pull request going to get accepted? I'm having the same issue, monkey patching for now.

jim0020 avatar Aug 13 '16 16:08 jim0020

Also hoping for this to be accepted.

brent-clintel avatar Nov 01 '16 03:11 brent-clintel