Heavy metal Ruby SOAP client
Guide | Rubydoc | Google Group | Wishlist | Bugs
About the eyestreet/savon fork:
This fork is very specific to connecting to the IPAWS OPEN 2.0 server. All I did was take the carnesmedia/savon fork and modify it to fit my needs.
If you need to do WS-Security, more than likely you will not want to use this fork. I recommend using the carnesmedia/savon fork and modifying that to fit your needs.
This branch includes a working, but possibly app specific, implementation of WSSESecurity.
To enable the feature, do something like this:
Savon::Client.new do |wsdl, http, wsse|
certs = Savon::WSSE::Certs.new :cert_file => "certs/cert_key.pem", :private_key_file => "certs/cert_key.pem", :private_key_password => "a super secret password"
wsse.sign_with = Savon::WSSE::Signature.new certs
...
end
You'll also need to edit lib/savon/wsse/canonicalizer.rb and add any namespace your documents will have to the attributes.
Here's an enumeration of the changes:
- Process Savon::WSSE::Signature when needed.
- Changed default env_namespace to soapenv (specific to my application)
- Use WSSE#signature? configuration
- Ability to regenerate (bypassing cached xml)
- Include Savon::WSSE::Signature#body_attributes when signing (through Savon::WSSE)
- Add #sign_with=/#signature? configuration
- Generate signature xml header when signing
- Include other header attributes even when generating a signature, timestamp, or user_token
- Very hacky proxy for xml canonicalization.
- Uses XMLStarlet (http://xmlstar.sourceforge.net/) via the command line, which must be installed seperately.
- Other XMLStarlet alternatives:
- XMLCanonicalizer (http://rubygems.org/gems/XMLCanonicalizer): DID NOT WORK FOR ME!
- Nokogiri: For status of c14n support see discussion at https://github.com/tenderlove/nokogiri/issues#issue/226
- Unofficial fork of libxml-ruby (http://rubygems.org/gems/coupa-libxml-ruby): I haven't tried it yet...
WARNING: This implementation has a bunch of hard-coded xml namespaces, you'll have to add your own. Please read the many other comments in lib/savon/wsse/canonicalization.rb.
- A class for managing certificates for signing with Savon::WSSE::Signature
- Signs soap requests by:
- adding a wsu:Timestamp
- digesting the timestamp and the body
- digitally signing said digests with an X509 certificate
- Requires three passes in order to canonicalize and digest generated sections. (see Savon::SOAP::XML#setup)
- Reads a signed soap request/response and attempts to verify the signature
- This class can be used to verify incomming responses, as well as to verify requests generated by Savon::WSSE::Signature for testing.
Savon is available through Rubygems and can be installed via:
$ gem install savon
# Setting up a Savon::Client representing a SOAP service.
client = Savon::Client.new do
wsdl.document = "http://service.example.com?wsdl"
end
client.wsdl.soap_actions
# => [:create_user, :get_user, :get_all_users]
# Executing a SOAP request to call a "getUser" action.
response = client.request :get_user do
soap.body = { :id => 1 }
end
response.to_hash
# => { :get_user_response => { :first_name => "The", :last_name => "Hoff" } }
Then you might want to go ahead and read the Savon Guide.