You can write a SOAP API test script to test a specific web Service and upload this script to Monitoring and run it on a schedule.
The following web Service authentication methods are supported for Synthetics SOAP test.
Unsecure
You can put the SOAP request xml in the 'body' section and set 'Content-type' to 'text/xml'.
Example script:
let host = 'example.com';
let options = {
endpoint: 'http://' + host + '/soap/myAPI',
returnFault: 'true'
};
// soap request
var soapbody = '<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tem="http://exampleNameSpace.ibm.com/">' +
'<soap:Header></soap:Header>' +
'<soap:Body>' +
'<Data>put data here</Data>' +
'</soap:Body>' +
'</soap:Envelope>';
describe('Soap Basic Script Test', function () {
request.post(options.endpoint, {
headers: {
'Content-Type': 'text/xml; charset=utf-8'
},
body: soapbody
},
function (error, response, body) {
assert.ok(response.statusCode == 200, 'Expected 200');
var parseString = require('xml2js').parseString;
var XMLResult = body;
parseString(XMLResult, function (error, result) {
// Validate result
var parseString = require('xml2js').parseString;
var XMLResult = body;
parseString(XMLResult, function (error, result) {
var soapBody = result['soap:Envelope']['soap:Body'][0];
assert.equal(soapBody.DataExample, "your expected data here");
});
});
});
});
WS-Security UserName token
Both UsernameToken and PasswordText/PasswordDigest are supported. The options object is optional and can contain the following properties:
Example Script:
let host = 'example.com';
let options = {
endpoint: 'http://' + host + '/soap/myAPI',
returnFault: 'true'
};
// soap request
var soapbody = '<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tem="http://exampleNameSpace.ibm.com/">' +
'<soap:Header></soap:Header>' +
'<soap:Body>' +
'<Data>put data here</Data>' +
'</soap:Body>' +
'</soap:Envelope>';
let user = $globalContext["username"]; // username
let password = $globalContext["password"]; // password
describe('Username Token Authentication Script Test', function () {
var usernameTokenOptions = {
passwordType: "PasswordText", // PasswordDigest, PasswordText
hasTimeStamp: false, // adds Timestamp element
hasTokenCreated: false, // adds Created element
mustUnderstand: false, // adds Nonce element
hasNonce: false, // adds mustUnderstand=1 attribute to security tag
actor: '' // if set, adds Actor attribute with given value to security tag
};
var wsSecurity = new soap.WSSecurity(user, password, usernameTokenOptions);
let prefix = 'soap';
let xmlp = wsSecurity.postProcess(soapbody, prefix);
request.post(options.endpoint, {
headers: {
'Content-Type': 'text/xml; charset=utf-8',
SOAPAction: 'http://example.com/Action'
},
body: xmlp
}, function (error, response, body) {
// Validate result
var parseString = require('xml2js').parseString;
var XMLResult = body;
parseString(XMLResult, function (error, result) {
var soapBody = result['soap:Envelope']['soap:Body'][0];
assert.equal(soapBody.DataExample, "your expected data here");
});
});
});
WS-Security Signature
WS-Security Signature is supported. The options object is optional and can contain the following properties:
Example Script:
let host = 'example.com';
let options = {
endpoint: 'http://' + host + '/soap/myAPI',
returnFault: 'true'
};
// soap request
var soapbody = '<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tem="http://exampleNameSpace.ibm.com/">' +
'<soap:Header></soap:Header>' +
'<soap:Body>' +
'<Data>put data here</Data>' +
'</soap:Body>' +
'</soap:Envelope>';
// private key, if your private has password, please provide it.
let privateKey = $globalContext["privateKey"];
// plain text of certificate
let certificate = $globalContext["certificate"];
// password of privateKey, leave it empty if no password
let passwordForPrivateKey = $globalContext["passwordForPrivateKey"];
describe('Signature Script Test', function () {
// Transformation Algorithms:
// - http://www.w3.org/TR/2001/REC-xml-c14n-20010315
// - http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
// - http://www.w3.org/2001/10/xml-exc-c14n#
// - http://www.w3.org/2001/10/xml-exc-c14n#WithComments
// - http://www.w3.org/2000/09/xmldsig#enveloped-signature
// signatureAlgorithm:
// - http://www.w3.org/2000/09/xmldsig#rsa-sha1
// - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
// - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
// - http://www.w3.org/2000/09/xmldsig#hmac-sha1
// signerOptions: (optional)
// existingPrefixes: (optional) A hash of prefixes and namespaces,
// prefix: namespace that shouldn't be in the signature because they already exist in the xml
// (default: { 'wsse': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' })
// prefix: (optional) Adds this value as a prefix for the generated signature tags.
// attrs: (optional) A hash of attributes and values attrName: value to add to the signature root node
var sigOptions = {
// signatureTransformations: default is ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#'], type is array
signatureAlgorithm: "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
additionalReferences: ['soap:Body'], // Array of Soap headers that need to be signed
signerOptions: {
prefix: 'ds',
attrs: {
Id: 'Signature'
},
existingPrefixes: {
wsse: 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
}
}
};
var wsSecurity = new soap.WSSecurityCert(privateKey, certificate, passwordForPrivateKey, sigOptions);
let prefix = 'soap';
let xmlp = wsSecurity.postProcess(soapbody, prefix);
request.post(options.endpoint, {
headers: {
'Content-Type': 'text/xml; charset=utf-8',
SOAPAction: "http://example.com/Action"
},
body: xmlp
}, function (error, response, body) {
// Validate result
var parseString = require('xml2js').parseString;
var XMLResult = body;
parseString(XMLResult, function (error, result) {
var soapBody = result['soap:Envelope']['soap:Body'][0];
assert.equal(soapBody.DataExample, "your expected data here");
});
});
});
WS-Security Encryption
The options object is optional and can contain the following properties:
publicKey: RSA public key.
certificate: The plain text of certificate.
encryptionAlgorithm: By default it is 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'.
keyEncryptionAlgorithm: By default it is 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'.
disallowEncryptionWithInsecureAlgorithm: By default it is true.
EncryptedKey to transport symmetric key by using:
EncryptedData by using:
Example Script:
let host = 'example.com';
let options = {
endpoint: 'http://' + host + '/soap/myAPI',
returnFault: 'true'
};
// soap request
var soapbody = '<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tem="http://exampleNameSpace.ibm.com/">' +
'<soap:Header></soap:Header>' +
'<soap:Body>' +
'<Data>put data here</Data>' +
'</soap:Body>' +
'</soap:Envelope>';
// plain text of public key
let publicKey = $globalContext["publicKey"];
// plain text of certificate
let certificate = $globalContext["certificate"];
describe('Encryption SOAP Script Test', function () {
// keyEncryptionAlgorithm:
// - http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
// - http://www.w3.org/2001/04/xmlenc#rsa-1_5
// encryptionAlgorithm:
// - http://www.w3.org/2001/04/xmlenc#aes128-cbc
// - http://www.w3.org/2001/04/xmlenc#aes256-cbc
// - http://www.w3.org/2001/04/xmlenc#tripledes-cbc
// signerOptions: (optional)
// existingPrefixes: (optional) A hash of prefixes and namespaces,
// prefix: namespace that shouldn't be in the signature because they already exist in the xml
// (default: { 'wsse': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' })
// prefix: (optional) Adds this value as a prefix for the generated signature tags.
// attrs: (optional) A hash of attributes and values attrName: value to add to the signature root node
var encOptions = {
// encryptionAlgorithm: default 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
// keyEncryptionAlgorithm: default 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p',
hasTimeStamp: false,
signerOptions: {
prefix: 'ds'
}
};
var wsSecurity = new soap.WSEncryption(publicKey, certificate, encOptions);
let prefix = 'soap';
let xmlp = wsSecurity.postProcess(soapbody, prefix);
request.post(options.endpoint, {
headers: {
'Content-Type': 'text/xml; charset=utf-8',
SOAPAction: "http://example.com/Action"
},
body: xmlp
}, function (error, response, body) {
// Validate result
var parseString = require('xml2js').parseString;
var XMLResult = body;
parseString(XMLResult, function (error, result) {
var soapBody = result['soap:Envelope']['soap:Body'][0];
assert.equal(soapBody.DataExample, "your expected data here");
});
});
});
Multiple WS-Security
Multiple WS-Security is a combination of several authentication methods. Different WS-Security methods need to be in correct order. For example, first sign the request body, then use the output to encrypt the request body. In the following script
example, the Username Token, Signature, and Encryption methods are added in sequence.
Example Script:
let host = 'example.com';
let options = {
endpoint: 'http://' + host + '/soap/myAPI',
returnFault: 'true'
};
// soap request
var soapbody = '<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tem="http://exampleNameSpace.ibm.com/">' +
'<soap:Header></soap:Header>' +
'<soap:Body>' +
'<Data>put data here</Data>' +
'</soap:Body>' +
'</soap:Envelope>';
// private key, if your private has password, please provide it.
let privateKey = $globalContext["privateKey"];
// plain text of certificate
let certificate = $globalContext["certificate"];
// password of privateKey, leave it empty if no password
let passwordForPrivateKey = $globalContext["passwordForPrivateKey"];
let envelopeKey = 'soap';
describe("Signature then Encryption Script Test", function(){
// 1. add username token
var usernameTokenOptions = {
passwordType: "PasswordText", // PasswordDigest, PasswordText
hasTimeStamp: false, // adds Timestamp element
hasTokenCreated: false, // adds Created element
mustUnderstand: false, // adds Nonce element
hasNonce: false, // adds mustUnderstand=1 attribute to security tag
actor: '' // if set, adds Actor attribute with given value to security tag
};
let user = $globalContext["username"]; // username
let password = $globalContext["password"]; // password
var wsSecurity = new soap.WSSecurity(user, password, usernameTokenOptions);
let xmlp = wsSecurity.postProcess(soapbody, envelopeKey);
// 2. add signature
var sigOptions = {
// signatureTransformations: default is ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#'], type is array
signatureAlgorithm: "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
additionalReferences: ['soap:Body'], // Array of Soap headers that need to be signed
signerOptions: {
prefix: 'ds',
attrs: {
Id: 'Signature'
},
existingPrefixes: {
wsse: 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
}
}
};
var wsSecuritySig = new soap.WSSecurityCert(privateKey, certificate, passwordForPrivateKey, sigOptions);
let xmlp1 = wsSecuritySig.postProcess(xmlp, envelopeKey);
// 3. add encryption
// plain text of public key
let publicKey = $globalContext["publicKey"];
var encOptions = {
// encryptionAlgorithm: default 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
// keyEncryptionAlgorithm: default 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p',
hasTimeStamp: false,
signerOptions: {
prefix: 'ds'
}
};
var wsSecurityEncryption = new soap.WSEncryption(publicKey, certificate, encOptions);
let finalXml = wsSecurityEncryption.postProcess(xmlp1, envelopeKey);
request.post(options.endpoint, {
headers: {
'Content-Type': 'text/xml; charset=utf-8',
SOAPAction: 'http://example.com/Action'
},
body: finalXml
}, function (error, response, body) {
// Validate result
var parseString = require('xml2js').parseString;
var XMLResult = body;
parseString(XMLResult, function (error, result) {
var soapBody = result['soap:Envelope']['soap:Body'][0];
assert.equal(soapBody.DataExample, "your expected data here");
});
});
});