RobRichards\WsePhp\WSSESoap::attachTokentoSig PHP Method

attachTokentoSig() public method

public attachTokentoSig ( $token )
    public function attachTokentoSig($token)
    {
        if (!$token instanceof DOMElement) {
            throw new Exception('Invalid parameter: BinarySecurityToken element expected');
        }
        $objXMLSecDSig = new XMLSecurityDSig();
        if ($objDSig = $objXMLSecDSig->locateSignature($this->soapDoc)) {
            $tokenURI = '#' . $token->getAttributeNS(self::WSUNS, 'Id');
            $this->SOAPXPath->registerNamespace('secdsig', XMLSecurityDSig::XMLDSIGNS);
            $query = './secdsig:KeyInfo';
            $nodeset = $this->SOAPXPath->query($query, $objDSig);
            $keyInfo = $nodeset->item(0);
            if (!$keyInfo) {
                $keyInfo = $objXMLSecDSig->createNewSignNode('KeyInfo');
                $objDSig->appendChild($keyInfo);
            }
            $tokenRef = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':SecurityTokenReference');
            $keyInfo->appendChild($tokenRef);
            $reference = $this->soapDoc->createElementNS(self::WSSENS, self::WSSEPFX . ':Reference');
            $reference->setAttribute('ValueType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3');
            $reference->setAttribute('URI', $tokenURI);
            $tokenRef->appendChild($reference);
        } else {
            throw new Exception('Unable to locate digital signature');
        }
    }

Usage Example

 public function __doRequest($request, $location, $saction, $version)
 {
     $doc = new DOMDocument('1.0');
     $doc->loadXML($request);
     $objWSSE = new WSSESoap($doc);
     /* add Timestamp with no expiration timestamp */
     $objWSSE->addTimestamp();
     /* create new XMLSec Key using AES256_CBC and type is private key */
     $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'private'));
     /* load the private key from file - last arg is bool if key in file (true) or is string (false) */
     $objKey->loadKey(PRIVATE_KEY, true);
     /* Sign the message - also signs appropiate WS-Security items */
     $options = array("insertBefore" => false);
     $objWSSE->signSoapDoc($objKey, $options);
     /* Add certificate (BinarySecurityToken) to the message */
     $token = $objWSSE->addBinaryToken(file_get_contents(CERT_FILE));
     /* Attach pointer to Signature */
     $objWSSE->attachTokentoSig($token);
     $objKey = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
     $objKey->generateSessionKey();
     $siteKey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type' => 'public'));
     $siteKey->loadKey(SERVICE_CERT, true, true);
     $options = array("KeyInfo" => array("X509SubjectKeyIdentifier" => true));
     $objWSSE->encryptSoapDoc($siteKey, $objKey, $options);
     $retVal = parent::__doRequest($objWSSE->saveXML(), $location, $saction, $version);
     $doc = new DOMDocument();
     $doc->loadXML($retVal);
     $options = array("keys" => array("private" => array("key" => PRIVATE_KEY, "isFile" => true, "isCert" => false)));
     $objWSSE->decryptSoapDoc($doc, $options);
     return $doc->saveXML();
 }
All Usage Examples Of RobRichards\WsePhp\WSSESoap::attachTokentoSig