Attributes on Timestamp

[agmattzarb]

The vendor specs I'm writing to are looking for a security header in the format

<wsse:Security>
	<wsu:Timestamp wsu:Id="Timestamp-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX">
		<wsu:Created>YYYY-MM-DDTHH:MM:SSZ</wsu:Created>
	</wsu:Timestamp>
	<wsse:UsernameToken
		xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken- XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX">
		<wsse:Username>########</wsse:Username>
		<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile- 1.0#PasswordText">XXXXXXXXXX</wsse:Password>
		<wsse:Nonce>XXXXXXXXXXXXXXXX</wsse:Nonce>
		<wsu:Created>YYYY-MM-DDTHH:MM:SSZ</wsu:Created>
	</wsse:UsernameToken>
</wsse:Security>

Note the timestamp includes wsu:Id="Timestamp-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

I can't seem to find a way to include this in my output

My code:

$timestamp = time();
$security_token = 'SecurityToken- '.$this->guid;
$this->security_header = WsSecurity::createWsSecuritySoapHeader($this->credentials['ID'], $this->credentials['PASSWORD'], false, $timestamp, 600, true, false, null, $security_token, true);

results in

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken- 12ab4664-e0d4-4a12-91af-d19806966d87">
    <wsse:Username>########</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXXXXXXXX</wsse:Password>
    <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2024-09-03T20:31:38Z</wsu:Created>
    <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">FoBSlAc=</wsse:Nonce>
  </wsse:UsernameToken>
  <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsu:Created>2024-09-03T20:31:38Z</wsu:Created>
    <wsu:Expires>2024-09-03T20:41:38Z</wsu:Expires>
  </wsu:Timestamp>
</wsse:Security>

How do I go about adding the wsu:Id="Timestamp-" to the Timestamp?

I also haven't figured out a way to get rid of the Expires. If I set the $addExpires param to 0, it removes the entire Timestamp.

[mikaelcom]

Let me know of the proposed fix in #20

[agmattzarb]

Excellent, worked as needed.

New code was

$wsSecurity = new WsSecurity($this->credentials['ID'], $this->credentials['PASSWORD'], false, time());
$wsSecurity->getSecurity()->getTimestamp()->setAttribute('wsu:Id', 'Timestamp-'.$this->guid);
$wsSecurity->getSecurity()->setAttribute('wsu:Id', 'Timestamp-'.$this->guid);
$wsSecurity->getSecurity()->getUsernameToken()->setAttribute('wsu:Id', 'SecurityToken- '.$this->guid);
$this->security_header = $wsSecurity->getSoapHeader(true, false, null);

One note - I'm not getting any runtime errors or warnings, but my IDE (PhpStorm) is flagging the first line with

Call to 'protected WsSecurity::__construct()' from invalid context

Many thanks for the quick response!

[agmattzarb]

I spoke too soon. On closer inspection of my output, I just noticed that the above code is putting the new Timestamp attribute not just on the Timestamp node but also the parent Security node:

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-4ebcebd6-ea54-4be4-a4a7-b4f5040f2dc3">
  <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken- 4ebcebd6-ea54-4be4-a4a7-b4f5040f2dc3">
    <wsse:Username>########</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXXXXXXXX</wsse:Password>
    <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2024-09-04T13:48:21Z</wsu:Created>
    <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">dHRTQ2A=</wsse:Nonce>
  </wsse:UsernameToken>
  <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-4ebcebd6-ea54-4be4-a4a7-b4f5040f2dc3">
    <wsu:Created>2024-09-04T13:48:21Z</wsu:Created>
  </wsu:Timestamp>
</wsse:Security>

[mikaelcom]

Call to 'protected WsSecurity::__construct()' from invalid context

Be sure to update the source because I changed it to public (https://github.com/WsdlToPhp/WsSecurity/pull/20/files#diff-30d343eb5cbb31e76a5c333ecb92698fb4d04efd3a486b9b9cddb46c9bb1a62cR14).

I spoke too soon. On closer inspection of my output, I just noticed that the above code is putting the new Timestamp attribute not just on the Timestamp node but also the parent Security node:

Because of your code $wsSecurity->getSecurity()->setAttribute('wsu:Id', 'Timestamp-'.$this->guid);

[agmattzarb]

Ah stupid me. Meant to delete that line.

Everything is perfect now, thanks again.

[mikaelcom]

Ah stupid me. Meant to delete that line.

Everything is perfect now, thanks again.

Perfect 😉

[mikaelcom]

@agmattzarb you can validate the PR #20 then 😃

[mikaelcom]

@agmattzarb you can validate the PR #20 then 😃

I merged it too early without waiting the validation, git flow habits...