We are trying to set up node-soap using the WSSecurityCertificate as detailed here. We were expecting the signature to be generated, but it just says 'Signature'. The BinarySecurityToken looks to be generated correctly. Looking around online shows how we can sign something using openssl, but not really get the signature. And if we were to generate it, what do we sign? Our own key? Our own certificate? And this documentation doesn't list how to generate the signature. Any help on how to populate this signature or what we are doing wrong?
Code:
var options = {
hasTimeStamp: true,
mustUnderstand: true,
additionalReferences: [
'wsa:Action',
'wsa:To',
],
signerOptions: {
prefix: 'ds',
attrs: { Id: 'Signature' },
existingPrefixes: {
wsse: 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd',
}
}
};
var wsSecurity = new soap.WSSecurityCert(privateKey, publicKey, password, options)
What is output:
<ds:Signature Id="Signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
What we expected (X'd out end to err on safety):
<ds:Signature Id="SIG-262E3B6052F7XXXXXXXXXXXXXXXXXXXX" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
If we remove the attrs line above, it becomes like below, so I am pretty sure this is needed:
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
