Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implemented optional asynchronous authentication #1002

Merged
merged 1 commit into from May 4, 2018
Merged

Implemented optional asynchronous authentication #1002

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
20 changes: 20 additions & 0 deletions Readme.md
View file
Open in desktop
Expand Up @@ -294,6 +294,26 @@ To change the HTTP statusCode of the response include it on the fault. The stat

If `server.authenticate` is not defined then no authentication will take place.

Asynchronous authentication:
``` javascript
server = soap.listen(...)
server.authenticate = function(security, callback) {
var created, nonce, password, user, token;
token = security.UsernameToken, user = token.Username,
password = token.Password, nonce = token.Nonce, created = token.Created;

myDatabase.getUser(user, function (err, dbUser) {
if (err || !dbUser) {
callback(false);
return;
}

callback(password === soap.passwordDigest(nonce, created, dbUser.password));
});
};
```

Synchronous authentication:
``` javascript
server = soap.listen(...)
server.authenticate = function(security) {
Expand Down
210 changes: 128 additions & 82 deletions lib/server.js
View file
Open in desktop
Expand Up @@ -234,103 +234,149 @@ Server.prototype._process = function (input, req, callback) {
bindings = this.wsdl.definitions.bindings, binding,
method, methodName,
serviceName, portName,
includeTimestamp = obj.Header && obj.Header.Security && obj.Header.Security.Timestamp;
includeTimestamp = obj.Header && obj.Header.Security && obj.Header.Security.Timestamp,
authenticate = self.authenticate || function defaultAuthenticate() { return true; };

if (typeof self.authenticate === 'function') {
if (!obj.Header || !obj.Header.Security) {
throw new Error('No security header');
}
if (!self.authenticate(obj.Header.Security)) {
throw new Error('Invalid username or password');
function process() {

if (typeof self.log === 'function') {
self.log("info", "Attempting to bind to " + pathname);
}
}

if (typeof self.log === 'function') {
self.log("info", "Attempting to bind to " + pathname);
}
//Avoid Cannot convert undefined or null to object due to Object.keys(body)
//and throw more meaningful error
if (!body) {
throw new Error('Failed to parse the SOAP Message body');
}

//Avoid Cannot convert undefined or null to object due to Object.keys(body)
//and throw more meaningful error
if (!body) {
throw new Error('Failed to parse the SOAP Message body');
}
// use port.location and current url to find the right binding
binding = (function () {
var services = self.wsdl.definitions.services;
var firstPort;
var name;
for (name in services) {
serviceName = name;
var service = services[serviceName];
var ports = service.ports;
for (name in ports) {
portName = name;
var port = ports[portName];
var portPathname = url.parse(port.location).pathname.replace(/\/$/, '');

if (typeof self.log === 'function') {
self.log("info", "Trying " + portName + " from path " + portPathname);
}

// use port.location and current url to find the right binding
binding = (function (self) {
var services = self.wsdl.definitions.services;
var firstPort;
var name;
for (name in services) {
serviceName = name;
var service = services[serviceName];
var ports = service.ports;
for (name in ports) {
portName = name;
var port = ports[portName];
var portPathname = url.parse(port.location).pathname.replace(/\/$/, '');
if (portPathname === pathname)
return port.binding;

if (typeof self.log === 'function') {
self.log("info", "Trying " + portName + " from path " + portPathname);
// The port path is almost always wrong for generated WSDLs
if (!firstPort) {
firstPort = port;
}
}
}
return !firstPort ? void 0 : firstPort.binding;
})();

if (portPathname === pathname)
return port.binding;
if (!binding) {
throw new Error('Failed to bind to WSDL');
}

// The port path is almost always wrong for generated WSDLs
if (!firstPort) {
firstPort = port;
}
try {
if (binding.style === 'rpc') {
methodName = Object.keys(body)[0];

self.emit('request', obj, methodName);
if (headers)
self.emit('headers', headers, methodName);

self._executeMethod({
serviceName: serviceName,
portName: portName,
methodName: methodName,
outputName: methodName + 'Response',
args: body[methodName],
headers: headers,
style: 'rpc'
}, req, callback);
} else {
var messageElemName = (Object.keys(body)[0] === 'attributes' ? Object.keys(body)[1] : Object.keys(body)[0]);
var pair = binding.topElements[messageElemName];

self.emit('request', obj, pair.methodName);
if (headers)
self.emit('headers', headers, pair.methodName);

self._executeMethod({
serviceName: serviceName,
portName: portName,
methodName: pair.methodName,
outputName: pair.outputName,
args: body[messageElemName],
headers: headers,
style: 'document'
}, req, callback, includeTimestamp);
}
}
return !firstPort ? void 0 : firstPort.binding;
})(this);

if (!binding) {
throw new Error('Failed to bind to WSDL');
}
catch (error) {
if (error.Fault !== undefined) {
return self._sendError(error.Fault, callback, includeTimestamp);
}

try {
if (binding.style === 'rpc') {
methodName = Object.keys(body)[0];

self.emit('request', obj, methodName);
if (headers)
self.emit('headers', headers, methodName);

self._executeMethod({
serviceName: serviceName,
portName: portName,
methodName: methodName,
outputName: methodName + 'Response',
args: body[methodName],
headers: headers,
style: 'rpc'
}, req, callback);
} else {
var messageElemName = (Object.keys(body)[0] === 'attributes' ? Object.keys(body)[1] : Object.keys(body)[0]);
var pair = binding.topElements[messageElemName];

self.emit('request', obj, pair.methodName);
if (headers)
self.emit('headers', headers, pair.methodName);

self._executeMethod({
serviceName: serviceName,
portName: portName,
methodName: pair.methodName,
outputName: pair.outputName,
args: body[messageElemName],
headers: headers,
style: 'document'
}, req, callback, includeTimestamp);
throw error;
}
}
catch (error) {
if (error.Fault !== undefined) {
return self._sendError(error.Fault, callback, includeTimestamp);
}

throw error;
// Authentication

if (typeof authenticate === 'function') {

var authResultProcessed = false,
processAuthResult = function (authResult) {

if (!authResultProcessed && (authResult || authResult === false)) {

authResultProcessed = true;

if (authResult) {

try {
process();
} catch (error) {

if (error.Fault !== undefined) {
return self._sendError(error.Fault, callback, includeTimestamp);
}

return self._sendError({
Code: {
Value: 'SOAP-ENV:Server',
Subcode: { value: 'InternalServerError' }
},
Reason: { Text: error.toString() },
statusCode: 500
}, callback, includeTimestamp);
}

} else {

return self._sendError({
Code: {
Value: 'SOAP-ENV:Client',
Subcode: { value: 'AuthenticationFailure' }
},
Reason: { Text: 'Invalid username or password' },
statusCode: 401
}, callback, includeTimestamp);
}
}
};

processAuthResult(authenticate(obj.Header && obj.Header.Security, processAuthResult));

} else {
throw new Error('Invalid authenticate function (not a function)');
}
};

Expand Down