/
ws-security.go
92 lines (78 loc) · 2.88 KB
/
ws-security.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package gosoap
import (
"crypto/sha1"
"encoding/base64"
"encoding/xml"
"time"
"github.com/elgs/gostrgen"
)
/*************************
WS-Security types
*************************/
const (
passwordType = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"
encodingType = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
)
//Security type :XMLName xml.Name `xml:"http://purl.org/rss/1.0/modules/content/ encoded"`
type Security struct {
//XMLName xml.Name `xml:"wsse:Security"`
XMLName xml.Name `xml:"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd Security"`
Auth wsAuth
}
type password struct {
//XMLName xml.Name `xml:"wsse:Password"`
Type string `xml:"Type,attr"`
Password string `xml:",chardata"`
}
type nonce struct {
//XMLName xml.Name `xml:"wsse:Nonce"`
Type string `xml:"EncodingType,attr"`
Nonce string `xml:",chardata"`
}
type wsAuth struct {
XMLName xml.Name `xml:"UsernameToken"`
Username string `xml:"Username"`
Password password `xml:"Password"`
Nonce nonce `xml:"Nonce"`
Created string `xml:"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd Created"`
}
/*
<Security s:mustUnderstand="1" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<UsernameToken>
<Username>admin</Username>
<Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">edBuG+qVavQKLoWuGWQdPab4IBE=</Password>
<Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">S7wO1ZFTh0KXv2CR7bd2ZXkLAAAAAA==</Nonce>
<Created xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2018-04-10T18:04:25.836Z</Created>
</UsernameToken>
</Security>
*/
//NewSecurity get a new security
func NewSecurity(username, passwd string) Security {
/** Generating Nonce sequence **/
charsToGenerate := 32
charSet := gostrgen.Lower | gostrgen.Digit
nonceSeq, _ := gostrgen.RandGen(charsToGenerate, charSet, "", "")
created := time.Now().UTC().Format(time.RFC3339Nano)
auth := Security{
Auth: wsAuth{
Username: username,
Password: password{
Type: passwordType,
Password: generateToken(username, nonceSeq, created, passwd),
},
Nonce: nonce{
Type: encodingType,
Nonce: nonceSeq,
},
Created: created,
},
}
return auth
}
//Digest = B64ENCODE( SHA1( B64DECODE( Nonce ) + Date + Password ) )
func generateToken(Username string, Nonce string, Created string, Password string) string {
sDec, _ := base64.StdEncoding.DecodeString(Nonce)
hasher := sha1.New()
hasher.Write([]byte(string(sDec) + Created + Password))
return base64.StdEncoding.EncodeToString(hasher.Sum(nil))
}