A minimal node SOAP client with x509 signature security based off node-soap from Vinay Pulim v@pulim.com
This module lets you connect to web services using SOAP. It also provides a server that allows you to run your own SOAP services.
Features:
- Very simple API
- Handles both RPC and Document schema types
- Supports multiRef SOAP messages (thanks to @kaven276)
- Support for both synchronous and asynchronous method handlers
- WS-Security (UsernameToken and PasswordText encoding is supported as well as x509 Signatures)
Install
Install with npm:
npm install soap-x509
Module
soap.createClient(url, callback) - create a new SOAP client from a WSDL url. Also supports a local filesystem path.
var soap = ;var url = 'http://example.com/wsdl?wsdl';var args = name: 'value';soap;
soap.listen(server, path, services, wsdl) - create a new SOAP server that listens on path and provides services.
wsdl is an xml string that defines the service.
var myService =MyService:MyPort:{returnname: argsname;}// This is how to define an asynchronous function.{// do some work}var xml =server = http;server;soap;
server logging
If the log method is defined it will be called with 'received' and 'replied' along with data.
server = soapserver {// type is 'received' or 'replied'};
server security example using PasswordDigest
If server.authenticate is not defined no authentation will take place.
server = soapserver {var created nonce password user token;token = securityUsernameToken user = tokenUsernamepassword = tokenPassword nonce = tokenNonce created = tokenCreated;return user === 'user' && password === soap;};
server connection authorization
This is called prior to soap service method If the method is defined and returns false the incoming connection is terminated.
server = soapserver {return true; // or false};
Client
An instance of Client is passed to the soap.createClient callback. It is used to execute methods on the soap service.
Client.describe() - description of services, ports and methods as a JavaScript object
client // returnsMyService:MyPort:MyFunction:input:name: 'string'
Client.setSecurity(security) - use the specified security protocol
node-soap
has several default security protocols. You can easily add your own
as well. The interface is quite simple. Each protocol defines 2 methods:
- addOptions - a method that accepts an options arg that is eventually passed directly to
request
- toXML - a method that reurns a string of XML.
By default there are 3 protocols:
BasicAuthSecurity
client;
ClientSSLSecurity
Note: If you run into issues using this protocol, consider passing these options as default request options to the constructor:
- rejectUnauthorized: false
- strictSSL: false
- secureOptions: constants.SSL_OP_NO_TLSv1_2//this is likely needed for node >= 10.0
client;
WSSecurity
client
Client.method(args, callback) - call method on the SOAP service.
client
Client.service.port.method(args, callback[, options]) - call a method using a specific service and port
clientMyServiceMyPort
+#### Options (optional)
- Accepts any option that the request module accepts, see here.
- For example, you could set a timeout of 5 seconds on the request like this:
clientMyServiceMyPort
Client.addSoapHeader(soapHeader[, name, namespace, xmlns]) - add soapHeader to soap:Header node
Options
soapHeader
Object({rootName: {name: "value"}}) or strict xml-string
Optional parameters when first arg is object :
name
Unknown parameter (it could just a empty string)namespace
prefix of xml namespacexmlns
URI
Client.lastRequest - the property that contains last full soap request for client logging
WSSecurity
WSSecurity implements WS-Security. UsernameToken and PasswordText/PasswordDigest is supported. An instance of WSSecurity is passed to Client.setSecurity.
username password passwordType//'PasswordDigest' or 'PasswordText' default is PasswordText
For x509 signed SOAP requests use WSSecurityCert
privatePEM publicP12PEM password encoding;