node-soap 上的身份验证问题

Question

感谢您抽出宝贵时间阅读本文，

我对 node-soap 有一点问题，所以基本上我试图在发回响应之前验证客户端的身份，在遵循文档之后我找到了 server.authenticate 函数。

server.authenticate = async function (security: any) {
                const binarySecurityTokenAsBase64String = security.BinarySecurityToken.$value;
                const pemKeyFromRequestAsString = "-----BEGIN CERTIFICATE-----" + "\n" + binarySecurityTokenAsBase64String.replace(/(.{64})/g, "$1\n") + "\n" + "-----END CERTIFICATE-----";
                const success =  await validateCertificate(pemKeyFromRequestAsString);
                if (success) {
                    return true;
                } else {
                    winston.warn("Failed to validate Certificate - Either Certificate Verification with CA Chain Failed or the system encountered an error");
                    return false;
                }
            };

这就是我做验证业务并根据结果返回真或假的地方：

const success =  await validateCertificate(pemKeyFromRequestAsString);

我的问题是，无论结果如何，我仍然得到响应，在日志上，一切都很好，并确认验证失败，可能是因为异步/同步的东西。我真的很新到 Javascript/Typescript World，任何帮助将不胜感激。

这是我的代码预览：

try {
        const myService = {
            Calculate_Service: {
                Calculate_Port: {
                    multiply: function(args, callback) {
                        const a = 1;
                        try {
                            winston.debug("Reached the multiply Function");
                            const n = args.a * args.b;
                            callback({
                                multiplicationResult : n
                            });
                        } catch (e) {
                            winston.error(e);
                            throw {
                                Fault: {
                                    Code: {
                                        Value: "soap:Sender",
                                        Subcode: { value: "rpc:BadArguments" }
                                    },
                                    Reason: { Text: JSON.stringify(e) },
                                    statusCode: 500
                                }
                            };
                        }

                    },
                }
            }
        }

        const xml = fs.readFileSync(AppConfiguration.responseServerWsdlPath, "utf8");

        app.use(bodyParser.raw({
            type: function () {
                return true;
            }, limit: "5mb"
        }));

        app.listen(port, async function () {

            winston.info("Express server listening on port " + port);
            const server = ArcNodeSoap.listen(app, "/calculatorService", myService, xml);

            server.authenticate = async function (security: any) {
                const binarySecurityTokenAsBase64String = security.BinarySecurityToken.$value;
                const pemKeyFromRequestAsString = "-----BEGIN CERTIFICATE-----" + "\n" + binarySecurityTokenAsBase64String.replace(/(.{64})/g, "$1\n") + "\n" + "-----END CERTIFICATE-----";
                const success =  await validateCertificate(pemKeyFromRequestAsString);
                if (success) {
                    return true;
                } else {
                    winston.warn("Failed to validate Certificate - Either Certificate Verification with CA Chain Failed or the system encountered an error");
                    return false;
                }
            };

            server.log = function (type, data) {
                winston.debug("type: " + type);
                winston.debug(JSON.stringify(data));
            };

                server.on("headers", function (headers, methodName) {
                    //More debug stuff;
                    winston.debug("****** HEADERS **********");
                    winston.debug(JSON.stringify(headers));
                    winston.debug("methodName: " + methodName);
                    winston.debug("*************************")

                });
        });
    } catch (err) {
        winston.error(err);
    }

我很感谢你们，谢谢你们！

Answer 1

我终于解决了我的问题，如果有人对异步/同步代码有同样的问题： 我使用文档中的 Async 方法修复了它

server.authenticate =  function (security: any, callback): any {
                //Get the Binary Security Token coming from the request as a Base 64 String
            const binarySecurityTokenAsBase64String = security.BinarySecurityToken.$value;
            //Creating a new certificate with header, footer and line breaks from the binarySecurityTokenAsBase64String
            const pemKeyFromRequestAsString = "-----BEGIN CERTIFICATE-----" + "\n" + binarySecurityTokenAsBase64String.replace(/(.{64})/g, "$1\n") + "\n" + "-----END CERTIFICATE-----";
            //Validate the certificate

                //This is an async wrapper where I added all my verification steps;
                validateCertificateWrapper(pemKeyFromRequestAsString).then((authorized: boolean) => {
                    //If the certificate is valid
                    if (authorized) {
                        winston.info("Verification successfully Passed");
                        return callback(true);

                    } else {                     //If the certificate is invalid
                        winston.error("Failed to validate Certificate");
                        return callback(false);
                    }
                }, () => {
                    winston.error("Failed to validate Certificate");
                    return callback(false);
                } );
            };