Add a way to protect a service by WS-Security Authentication

composer.json

@@ -24,8 +24,8 @@
         "ext-soap": "*",
         "ext-curl": "*",
         "ass/xmlsecurity": "~1.0",
-        "symfony/framework-bundle": "~2.6",
-        "symfony/twig-bundle": "~2.6",
+        "symfony/framework-bundle": "^3.0 || ^4.0",
+        "symfony/twig-bundle": "^3.0 || ^4.0",
         "zendframework/zend-mime": "2.1.*"
     },
     "replace": {

src/BeSimple/SoapBundle/Controller/SoapWebServiceController.php

@@ -16,19 +16,20 @@
 use BeSimple\SoapBundle\Soap\SoapRequest;
 use BeSimple\SoapBundle\Soap\SoapResponse;
 use BeSimple\SoapServer\SoapServerBuilder;
-use Symfony\Component\DependencyInjection\ContainerAware;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\ErrorHandler\Exception\FlattenException;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpKernel\Exception\FlattenException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
 use Symfony\Component\HttpKernel\Log\DebugLoggerInterface;
+use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 
 /**
  * @author Christian Kerl <[email protected]>
  * @author Francis Besset <[email protected]>
  */
-class SoapWebServiceController extends ContainerAware
+class SoapWebServiceController extends AbstractController
 {
     /**
      * @var \SoapServer
@@ -58,13 +59,14 @@ class SoapWebServiceController extends ContainerAware
     /**
      * @return \BeSimple\SoapBundle\Soap\SoapResponse
      */
-    public function callAction($webservice)
+    public function callAction(Request $request, $webservice)
     {
         $webServiceContext   = $this->getWebServiceContext($webservice);
 
         $this->serviceBinder = $webServiceContext->getServiceBinder();
 
-        $this->soapRequest = SoapRequest::createFromHttpRequest($this->container->get('request'));
+        $this->soapRequest = SoapRequest::createFromHttpRequest($request);
+
         $this->soapServer  = $webServiceContext
             ->getServerBuilder()
             ->withSoapVersion11()
@@ -85,17 +87,16 @@ public function callAction($webservice)
     /**
      * @return Symfony\Component\HttpFoundation\Response
      */
-    public function definitionAction($webservice)
+    public function definitionAction(Request $request, $webservice)
     {
         $response = new Response($this->getWebServiceContext($webservice)->getWsdlFileContent(
             $this->container->get('router')->generate(
                 '_webservice_call',
                 array('webservice' => $webservice),
-                true
+                UrlGeneratorInterface::ABSOLUTE_URL
             )
         ));
 
-        $request = $this->container->get('request');
         $query = $request->query;
         if ($query->has('wsdl') || $query->has('WSDL')) {
             $request->setRequestFormat('wsdl');
@@ -121,9 +122,9 @@ public function exceptionAction(Request $request, FlattenException $exception, D
             throw new \LogicException(sprintf('The parameter "%s" is required in Request::$query parameter bag to generate the SoapFault.', '_besimple_soap_webservice'), null, $e);
         }
 
-        $view = 'TwigBundle:Exception:'.($this->container->get('kernel')->isDebug() ? 'exception' : 'error').'.txt.twig';
+        $view = '@Twig/Exception/'.($this->container->get('kernel')->isDebug() ? 'exception' : 'error').'.txt.twig';
         $code = $exception->getStatusCode();
-        $details = $this->container->get('templating')->render($view, array(
+        $details = $this->container->get('twig')->render($view, array(
             'status_code' => $code,
             'status_text' => isset(Response::$statusTexts[$code]) ? Response::$statusTexts[$code] : '',
             'exception'   => $exception,

src/BeSimple/SoapBundle/Converter/TypeRepository.php

@@ -10,7 +10,6 @@
 
 namespace BeSimple\SoapBundle\Converter;
 
-use BeSimple\SoapBundle\ServiceDefinition\ServiceDefinition;
 use BeSimple\SoapBundle\Util\Assert;
 
 /**
@@ -45,22 +44,4 @@ public function getXmlTypeMapping($phpType)
     {
         return isset($this->defaultTypeMap[$phpType]) ? $this->defaultTypeMap[$phpType] : null;
     }
-
-    public function fixTypeInformation(ServiceDefinition $definition)
-    {
-        foreach($definition->getAllTypes() as $type) {
-            $phpType = $type->getPhpType();
-            $xmlType = $type->getXmlType();
-
-            if (null === $phpType) {
-                throw new \InvalidArgumentException();
-            }
-
-            if (null === $xmlType) {
-                $xmlType = $this->getXmlTypeMapping($phpType);
-            }
-
-            $type->setXmlType($xmlType);
-        }
-    }
 }

src/BeSimple/SoapBundle/DependencyInjection/BeSimpleSoapExtension.php

@@ -17,10 +17,12 @@
 use Symfony\Component\Config\Definition\Processor;
 use Symfony\Component\Config\FileLocator;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
-use Symfony\Component\DependencyInjection\DefinitionDecorator;
+use Symfony\Component\DependencyInjection\ChildDefinition;
 use Symfony\Component\DependencyInjection\Reference;
 use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
 use Symfony\Component\HttpKernel\DependencyInjection\Extension;
+use BeSimple\SoapCommon\WsSecurityFilterClientServer;
+use BeSimple\SoapBundle\Controller\SoapWebServiceController;
 
 /**
  * BeSimpleSoapExtension.
@@ -46,10 +48,9 @@ public function load(array $configs, ContainerBuilder $container)
         $loader->load('converters.xml');
         $loader->load('webservice.xml');
 
-        $processor     = new Processor();
         $configuration = new Configuration();
 
-        $config = $processor->process($configuration->getConfigTree(), $configs);
+        $config = $this->processConfiguration($configuration, $configs);
 
         $this->registerCacheConfiguration($config['cache'], $container, $loader);
 
@@ -83,7 +84,7 @@ private function registerClientConfiguration(array $config, ContainerBuilder $co
         $loader->load('client.xml');
 
         foreach ($config as $client => $options) {
-            $definition = new DefinitionDecorator('besimple.soap.client.builder');
+            $definition = new ChildDefinition('besimple.soap.client.builder');
             $container->setDefinition(sprintf('besimple.soap.client.builder.%s', $client), $definition);
 
             $definition->replaceArgument(0, $options['wsdl']);
@@ -130,7 +131,7 @@ private function registerClientConfiguration(array $config, ContainerBuilder $co
 
     private function createClientClassmap($client, array $classmap, ContainerBuilder $container)
     {
-        $definition = new DefinitionDecorator('besimple.soap.classmap');
+        $definition = new ChildDefinition('besimple.soap.classmap');
         $container->setDefinition(sprintf('besimple.soap.classmap.%s', $client), $definition);
 
         if (!empty($classmap)) {
@@ -144,7 +145,7 @@ private function createClientClassmap($client, array $classmap, ContainerBuilder
 
     private function createClient($client, ContainerBuilder $container)
     {
-        $definition = new DefinitionDecorator('besimple.soap.client');
+        $definition = new ChildDefinition('besimple.soap.client');
         $container->setDefinition(sprintf('besimple.soap.client.%s', $client), $definition);
 
         $definition->setFactory(array(
@@ -159,13 +160,19 @@ private function createWebServiceContext(array $config, ContainerBuilder $contai
         unset($config['binding']);
 
         $contextId  = 'besimple.soap.context.'.$config['name'];
-        $definition = new DefinitionDecorator('besimple.soap.context.'.$bindingSuffix);
+        $definition = new ChildDefinition('besimple.soap.context.'.$bindingSuffix);
+        $definition->setPublic(true);
+
         $container->setDefinition($contextId, $definition);
 
         if (isset($config['cache_type'])) {
             $config['cache_type'] = $this->getCacheType($config['cache_type']);
         }
 
+        if (isset($config['wsse'])) {
+            $config['wsse']['password_type'] = $this->getPasswordType($config['wsse']['password_type']);
+        }
+
         $options = $container
             ->getDefinition('besimple.soap.context.'.$bindingSuffix)
             ->getArgument(2);
@@ -189,4 +196,15 @@ private function getCacheType($type)
                 return Cache::TYPE_DISK_MEMORY;
         }
     }
+
+    private function getPasswordType($type)
+    {
+        switch ($type) {
+            case 'PasswordText':
+                return WsSecurityFilterClientServer::PASSWORD_TYPE_TEXT;
+
+            case 'PasswordDigest':
+                return WsSecurityFilterClientServer::PASSWORD_TYPE_DIGEST;
+        }
+    }
 }

src/BeSimple/SoapBundle/DependencyInjection/Configuration.php

@@ -12,6 +12,7 @@
 
 namespace BeSimple\SoapBundle\DependencyInjection;
 
+use Symfony\Component\Config\Definition\ConfigurationInterface;
 use Symfony\Component\Config\Definition\Builder\ArrayNodeDefinition;
 use Symfony\Component\Config\Definition\Builder\TreeBuilder;
 
@@ -21,20 +22,27 @@
  * @author Christian Kerl <[email protected]>
  * @author Francis Besset <[email protected]>
  */
-class Configuration
+class Configuration implements ConfigurationInterface
 {
     private $cacheTypes = array('none', 'disk', 'memory', 'disk_memory');
     private $proxyAuth = array('basic', 'ntlm');
+    private $passwordTypes = array('PasswordText', 'PasswordDigest');
 
     /**
      * Generates the configuration tree.
      *
      * @return \Symfony\Component\Config\Definition\ArrayNode The config tree
      */
-    public function getConfigTree()
+    public function getConfigTreeBuilder()
     {
-        $treeBuilder = new TreeBuilder();
-        $rootNode = $treeBuilder->root('be_simple_soap');
+        $treeBuilder = new TreeBuilder('be_simple_soap');
+
+        if (method_exists($treeBuilder, 'getRootNode')) {
+            $rootNode = $treeBuilder->getRootNode();
+        } else {
+            // BC layer for symfony/config 4.1 and older
+            $rootNode = $treeBuilder->root('be_simple_soap');
+        }
 
         $this->addCacheSection($rootNode);
         $this->addClientSection($rootNode);
@@ -43,11 +51,11 @@ public function getConfigTree()
 
         $rootNode
             ->children()
-                ->scalarNode('exception_controller')->defaultValue('BeSimpleSoapBundle:SoapWebService:exception')->end()
+                ->scalarNode('exception_controller')->defaultValue('BeSimple\SoapBundle\Controller\SoapWebServiceController::exceptionAction')->end()
             ->end()
         ;
 
-        return $treeBuilder->buildTree();
+        return $treeBuilder;
     }
 
     private function addCacheSection(ArrayNodeDefinition $rootNode)
@@ -145,6 +153,19 @@ private function addServicesSection(ArrayNodeDefinition $rootNode)
                                     ->thenInvalid(sprintf('The cache type has to be either %s', implode(', ', $this->cacheTypes)))
                                 ->end()
                             ->end()
+                            ->arrayNode('wsse')
+                                ->children()
+                                    ->scalarNode('password_type')
+                                        ->defaultValue($this->passwordTypes[0])
+                                        ->validate()
+                                            ->ifNotInArray($this->passwordTypes)
+                                            ->thenInvalid(sprintf('The password type has to be either: %s', implode(', ', $this->passwordTypes)))
+                                        ->end()
+                                    ->end()
+                                    ->scalarNode('username')->defaultNull()->end()
+                                    ->scalarNode('password')->defaultNull()->end()
+                                ->end()
+                            ->end()
                         ->end()
                     ->end()
                 ->end()

src/BeSimple/SoapBundle/EventListener/SoapExceptionListener.php

@@ -13,15 +13,15 @@
 namespace BeSimple\SoapBundle\EventListener;
 
 use Symfony\Component\DependencyInjection\ContainerInterface;
-use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
-use Symfony\Component\HttpKernel\EventListener\ExceptionListener;
+use Symfony\Component\HttpKernel\Event\ExceptionEvent;
+use Symfony\Component\HttpKernel\EventListener\ErrorListener;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
 use Symfony\Component\HttpKernel\KernelEvents;
 
 /**
  * @author Francis Besset <[email protected]>
  */
-class SoapExceptionListener extends ExceptionListener
+class SoapExceptionListener extends ErrorListener
 {
     /**
      * @var ContainerInterface
@@ -44,7 +44,7 @@ public function __construct(ContainerInterface $container, $controller, $logger)
         $this->container = $container;
     }
 
-    public function onKernelException(GetResponseForExceptionEvent $event)
+    public function onSoapKernelException(ExceptionEvent $event)
     {
         if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) {
             return;
@@ -69,19 +69,20 @@ public function onKernelException(GetResponseForExceptionEvent $event)
         // hack to retrieve the current WebService name in the controller
         $request->query->set('_besimple_soap_webservice', $webservice);
 
-        $exception = $event->getException();
+        $exception = $event->getThrowable();
         if ($exception instanceof \SoapFault) {
             $request->query->set('_besimple_soap_fault', $exception);
         }
 
         parent::onKernelException($event);
     }
 
-    public static function getSubscribedEvents()
+    public static function getSubscribedEvents(): array
     {
-        return array(
-            // Must be called before ExceptionListener of HttpKernel component
-            KernelEvents::EXCEPTION => array('onKernelException', -64),
-        );
+        return [
+            KernelEvents::EXCEPTION => [
+                ['onSoapKernelException', -64],
+            ],
+        ];
     }
 }

src/BeSimple/SoapBundle/Handler/ExceptionHandler.php

@@ -14,7 +14,7 @@
 
 use BeSimple\SoapServer\Exception\ReceiverSoapFault;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpKernel\Exception\FlattenException;
+use Symfony\Component\ErrorHandler\Exception\FlattenException;
 
 /**
  * @author Francis Besset <[email protected]>

src/BeSimple/SoapBundle/Resources/config/converters.xml

@@ -8,6 +8,7 @@
         <parameter key="besimple.soap.converter.collection.class">BeSimple\SoapCommon\Converter\TypeConverterCollection</parameter>
         <parameter key="besimple.soap.converter.date_time.class">BeSimple\SoapCommon\Converter\DateTimeTypeConverter</parameter>
         <parameter key="besimple.soap.converter.date.class">BeSimple\SoapCommon\Converter\DateTypeConverter</parameter>
+        <parameter key="besimple.soap.converter.time.class">BeSimple\SoapCommon\Converter\TimeTypeConverter</parameter>
     </parameters>
 
     <services>
@@ -20,5 +21,9 @@
         <service id="besimple.soap.converter.date" class="%besimple.soap.converter.date.class%" public="false">
             <tag name="besimple.soap.converter" />
         </service>
+
+        <service id="besimple.soap.converter.time" class="%besimple.soap.converter.time.class%" public="false">
+            <tag name="besimple.soap.converter" />
+        </service>
     </services>
 </container>

src/BeSimple/SoapBundle/Resources/config/routing/webservicecontroller.xml

@@ -4,15 +4,13 @@
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://symfony.com/schema/routing http://symfony.com/schema/routing/routing-1.0.xsd">
 
-    <route id="_webservice_call" pattern="/{webservice}">
-        <default key="_controller">BeSimpleSoapBundle:SoapWebService:Call</default>
+    <route id="_webservice_call" path="/{webservice}" methods="POST">
+        <default key="_controller">BeSimple\SoapBundle\Controller\SoapWebServiceController::CallAction</default>
         <default key="_format">xml</default>
-        <requirement key="_method">POST</requirement>
     </route>
 
-    <route id="_webservice_definition" pattern="/{webservice}">
-        <default key="_controller">BeSimpleSoapBundle:SoapWebService:Definition</default>
+    <route id="_webservice_definition" path="/{webservice}" methods="GET">
+        <default key="_controller">BeSimple\SoapBundle\Controller\SoapWebServiceController::DefinitionAction</default>
         <default key="_format">xml</default>
-        <requirement key="_method">GET</requirement>
     </route>
 </routes>