个人中心
文章发布
退出
作者热门文章
- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
26
4
我正在尝试设置 Royal Mail Shipping API(如果有人对此有任何经验,如果您能提供帮助,我将不胜感激)。
在他们提供的文档中,我需要下载一个证书(一个 .p12 文件)并将其导入到我的 Windows 机器上 - 使用“证书导入向导”非常简单。一旦达到“设置安全级别”,我必须选择高,这将在每次使用时请求使用密码的权限。
在 Internet Explorer 的“Internet 选项”的“内容”选项卡中,我可以查看证书,并且可以清楚地看到该证书已导入且尚未过期。
下一步是提取证书组件,在这里我必须使用 OpenSSL 运行以下三个命令来生成 .pem 文件。
$ openssl pkcs12 -in mycert.p12 -cacerts -nokeys -out cacert.pem
$ openssl pkcs12 -in mycert.p12 -clcerts -nokeys -out mycert.pem
$ openssl pkcs12 -in mycert.p12 -nocerts -nodes -out mykey.pem
文档指出 cacert.pem 文件可以由使用文件本身的应用程序直接引用,我相信我已经在我的 PHP 脚本中完成了,但是不清楚我应该放在哪里其他 mycert 和 mykey pem 文件。
文档对此有如下说明:-
How an application passes the issued client SSL certificate when establishing an SSL network connection to is application and environment dependent but it would essentially need to access both the "mycert.pem" and "mykey.pem" file, or in some cases, a single combined file containing both cert and key.
所以它没有说明应用程序如何使用这两个文件,目前我只是将它们留在与 cacert.pem 文件相同的目录中。
如果我尝试访问 url https://api.royalmail.com/shipping/onboarding直接从浏览器中,它要求我选择一个证书,我选择这个,然后在它询问“授予或拒绝使用此 key 的权限”时输入正确的密码。一旦我输入正确的密码,就会出现以下页面 - 任何人都可以确认这是否意味着问题出在我这边,或者皇家邮政在他们这边没有正确配置的东西。
除此之外,我拥有的用于向 Shipping API 发送 SOAP 请求的实际 PHP 脚本无法正常工作(可能与上述所有内容有关)。
在我的 PHP 脚本中,soapclient 选项设置如下:
$soapclient_options['cache_wsdl'] = 'WSDL_CACHE_NONE';
$soapclient_options['local_cert'] = 'certs/cacert.pem';
$soapclient_options['passphrase'] = $api_certificate_passphrase;
$soapclient_options['trace'] = true;
$soapclient_options['ssl_method'] = 'SOAP_SSL_METHOD_SSLv3';
$soapclient_options['location'] = 'https://api.royalmail.com/shipping/onboarding';
$client = new SoapClient('SAPI/ShippingAPI_V2_0_8.wsdl', $soapclient_options);
$client->__setLocation($soapclient_options['location']);
当我运行 PHP 脚本时(这与 Royal Mail 为自己提供我自己的个人 API 登录详细信息的代码基本相同)我在浏览器中收到以下消息:
Could not connect to host
REQUEST: email@yoursite.co.ukAPI rngfJ+4dt4Gt855a5pr6u38i3B4= ODcwMTE5Nzc3 2015-10-13T11:02:20Z 2015-10-13T11:02:201.00526348001DeliveryDSD12015-10-13bobSS23, Some AvenueLondonE10g1000000
显然,由于某些未知原因,这无法连接到主机,后者只是发送的请求。 PHP 脚本的其余部分与他们发送给我的 Royal Mail 脚本完全相同并且已确认已被其他人使用并且工作正常。
虽然最终代码将在 Linux 环境中,但我在 WAMP 环境中工作。 谁能帮忙我真的很困惑,皇家邮政自己还不能提供任何可靠的技术支持。
这是浏览器中显示的完整错误消息(出于安全目的我已经更改了电子邮件地址)
Invalid Request REQUEST: myemail@company.co.ukAPI dgCW98Vqw3ladYgPPpNialODhvI= MTMzMjE1NjM4 2015-10-13T13:25:30Z 2015-10-13T13:25:302.00526348001DeliveryDSD12015-10-13Jon DoeSS23, Some RoadLondonE10g1000000
I've merged the two pem files into a single file called 'bundle.pem' & referenced this in the 'local_cert' variable for the SoapClient & BINGO this is now connecting. This now longer shows the Could not connect but states an 'Invalid Request' instead, so at least now this is connecting and giving me a different error.
我的整个 PHP 脚本如下:
<?php
ini_set('default_socket_timeout', 120);
ini_set('soap.wsdl_cache_enabled',1);
ini_set('soap.wsdl_cache_ttl',1);
$api_password = "xxxxxxxxxxxxxx!";
$api_username = "xxxxxxxxx@xxxxxxxxx.co.ukAPI";
$api_application_id = "xxxxxxxxxxxx";
$api_service_type = "D";
$api_service_code = "SD1";
$api_service_format = "";
$api_certificate_passphrase = 'xxxxxxxxxx';
$api_service_enhancements = "";
$data = new ArrayObject();
$data->order_tracking_id = "";
$data->shipping_name = "Jon Doe";
$data->shipping_company = "SS";
$data->shipping_address1 = "23, Some Road";
$data->shipping_address2 = "";
$data->shipping_town = "London";
$data->shipping_postcode = "E1";
$data->order_tracking_boxes = "0";
$data->order_tracking_weight = "1000";
$time = gmdate('Y-m-d\TH:i:s');
$created = gmdate('Y-m-d\TH:i:s\Z');
$nonce = mt_rand();
$nonce_date_pwd = pack("A*",$nonce) . pack("A*",$created) . pack("H*", sha1($api_password));
$passwordDigest = base64_encode(pack('H*',sha1($nonce_date_pwd)));
$ENCODEDNONCE = base64_encode($nonce);
$soapclient_options = array();
$soapclient_options['cache_wsdl'] = 'WSDL_CACHE_NONE';
$soapclient_options['local_cert'] = 'royalmail/cert/bundle.pem';
$soapclient_options['passphrase'] = $api_certificate_passphrase;
$soapclient_options['trace'] = true;
$soapclient_options['ssl_method'] = 'SOAP_SSL_METHOD_SSLv3';
$soapclient_options['exceptions'] = true;
$soapclient_options['location'] = 'https://api.royalmail.com/shipping/onboarding';
//launch soap client
$client = new SoapClient('royalmail/ShippingAPI_V2_0_8.wsdl', $soapclient_options);
$client->__setLocation($soapclient_options['location']);
//headers needed for royal mail
$HeaderObjectXML = '<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-000">
<wsse:Username>'.$api_username.'</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">'.$passwordDigest.'</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">'.$ENCODEDNONCE.'</wsse:Nonce>
<wsu:Created>'.$created.'</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>';
//push the header into soap
$HeaderObject = new SoapVar( $HeaderObjectXML, XSD_ANYXML );
//push soap header
$header = new SoapHeader( 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd', 'Security', $HeaderObject );
$client->__setSoapHeaders($header);
//build the request
$request = array(
'integrationHeader' => array(
'dateTime' => $time,
'version' => '1.0',
'identification' => array(
'applicationId' => $api_application_id,
'transactionId' => $data->order_tracking_id
)
),
'requestedShipment' => array(
'shipmentType' => array('code' => 'Delivery'),
'serviceOccurence' => '1',
'serviceType' => array('code' => $api_service_type),
'serviceOffering' => array('serviceOfferingCode' => array('code' => $api_service_code)),
'serviceFormat' => array('serviceFormatCode' => array('code' => $api_service_format)),
'shippingDate' => date('Y-m-d'),
'recipientContact' => array('name' => $data->shipping_name, 'complementaryName' => $data->shipping_company),
'recipientAddress' => array('addressLine1' => $data->shipping_address1, 'addressLine2' => $data->shipping_address2, 'postTown' => $data->shipping_town, 'postcode' => $data->shipping_postcode),
'items' => array('item' => array(
'numberOfItems' => $data->order_tracking_boxes,
'weight' => array( 'unitOfMeasure' => array('unitOfMeasureCode' => array('code' => 'g')), 'value' => ($data->order_tracking_weight*1000) //weight of each individual item
)
)
)
)
);
//if any enhancements, add it into the array
if($api_service_enhancements != "") {
$request['requestedShipment']['serviceEnhancements'] = array('enhancementType' => array('serviceEnhancementCode' => array('code' => $api_service_enhancements)));
}
//try make the call
try {
$response = $client->__soapCall( 'createShipment', array($request), array('soapaction' => 'https://api.royalmail.com/shipping/onboarding') );
} catch (Exception $e) {
//catch the error message and echo the last request for debug
echo $e->getMessage();
echo " REQUEST:\n" . $client->__getLastRequest() . "\n";
die;
}
//check for any errors
if(isset($response->integrationFooter->errors)) {
$build = "";
//check it wasn't a single error message
if(isset($response->integrationFooter->errors->error->errorCode)) {
$build .= $output_error->errorCode.": ".$output_error->errorDescription."<br/>";
} else {
//loop out each error message, throw exception will be added ehre
foreach($response->integrationFooter->errors->error as $output_error) {
$build .= $output_error->errorCode.": ".$output_error->errorDescription."<br/>";
}
}
echo $build; die;
}
print_r($response);
echo "REQUEST:\n" . $client->__getLastRequest() . "\n";
die;
?>
为了更加清楚,我在 $request 变量到达 try/catch block 之前添加了一个转储(注意这有点长)。
Array
(
[integrationHeader] => Array
(
[dateTime] => 2015-10-13T13:34:44
[version] => 1.0
[identification] => Array
(
[applicationId] => 0526348001
[transactionId] =>
)
)
[requestedShipment] => Array
(
[shipmentType] => Array
(
[code] => Delivery
)
[serviceOccurence] => 1
[serviceType] => Array
(
[code] => D
)
[serviceOffering] => Array
(
[serviceOfferingCode] => Array
(
[code] => SD1
)
)
[serviceFormat] => Array
(
[serviceFormatCode] => Array
(
[code] =>
)
)
[shippingDate] => 2015-10-13
[recipientContact] => Array
(
[name] => Jon Doe
[complementaryName] => SS
)
[recipientAddress] => Array
(
[addressLine1] => 23, Some Road
[addressLine2] =>
[postTown] => London
[postcode] => E1
)
[items] => Array
(
[item] => Array
(
[numberOfItems] => 0
[weight] => Array
(
[unitOfMeasure] => Array
(
[unitOfMeasureCode] => Array
(
[code] => g
)
)
[value] => 1000000
)
)
)
)
)
最佳答案
!虽然您提到您已经完成了大部分步骤,但我还是会详细说明它们以完成说明
/root/Desktop)openssl pkcs12 -in mycert.p12 -cacerts -nokeys -out cacert.pem
openssl pkcs12 -in mycert.p12 -clcerts -nokeys -out mycert.pem
openssl pkcs12 -in mycert.p12 -nocerts -nodes -out mykey.pem
*.pem 文件复制到 /etc/ssl/certs
mkdir royalmail)*.pem 文件 (mv *.pem/etc/ssl/certs/certificates)mycert.pem 和 mykey.pem 的内容复制到其中(仅从 -----BEGIN .. .. ------ 到 EOF)你应该有以下文件;
现在证书已安装,我们现在可以测试连接(假设您的证书位于 /etc/pki/tls/certs/certificates/royalmail/shippingv2)
如果你跑
wget https://api.royalmail.com/shipping/onboarding --private-key=/etc/ssl/certs/certificates/royalmail/shippingv2/rm_bundle.pem --private-key-type=PEM
您应该能够连接到端口 443(尽管 OpenSSL 中可能存在握手失败 - 至少在我刚刚在暂存环境中进行的测试中)。
我们现在可以使用 WSDL 的本地副本并在 $options 参数中指定本地证书来实例化 SoapClient。
$objSoapClient = new \SoapClient('lib/wsdl/royalmail/shipping/ShippingAPI_V2_0_8.wsdl', array(
'soap_version' => SOAP_1_1,
'trace' => 1,
'uri' => 'http://www.royalmailgroup.com/api/ship/V2',
'location' => 'https://api.royalmail.com/shipping/onboarding',
'local_cert' => '/etc/ssl/certs/certificates/royalmail/shippingv2/rm_bundle.pem',
'passphrase' => '', //Your passphrase when doing step 1
'ssl_method' => 'SOAP_SSL_METHOD_TLS',
'exceptions' => 1,
'trace' => 1
));
在您的文档中,您应该找到一个名为 rm_password_digest.php 或类似文件的文件,其中详细说明了如何创建身份验证 header 。
/* The value below should be changed to your password. If you store the password */
/* as hashed in your database, you will need to change the code below to remove hashing */
$password = 'just_my_royalmail_api_password';
/* CREATIONDATE - The timestamp. The computer must be on correct time or the server you are
* connecting may reject the password digest for security.
*/
$CREATIONDATE = gmdate('Y-m-d\TH:i:s\Z');
/* NONCE - A random word. The use of rand() may repeat the word if the server is
* very loaded.
*/
$nonce = mt_rand();
/* PASSWORDDIGEST This is the way to create the password digest. As per OASIS standard
* digest = base64_encode(Sha1(nonce + creationdate + password)
* however note that we use a SHA1(password) instead of the password above
*/
$nonce_date_pwd = pack("A*",$nonce) . pack("A*",$CREATIONDATE) . pack("H*", sha1($password));
$PASSWORDDIGEST = base64_encode(
pack('H*', sha1($nonce_date_pwd)));
/* ENCODEDNONCE - Now encode the nonce for security header */
$ENCODEDNONCE = base64_encode($nonce);
/* Now Print all the values - so we can use it for testing with tools like soapui */
print "WS Security Header elements \n";
print "--------------------------- \n";
print 'Nonce = ' . $nonce;
print "\n";
print 'PASSWORDDIGEST= ' . $PASSWORDDIGEST;
print "\n";
print 'ENCODEDNONCE= ' . $ENCODEDNONCE;
print "\n";
print "CREATIONDATE= " . $CREATIONDATE;
这将帮助您在 SOAPHeader 中构建以下内容
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-0000">
<wsse:Username>[...]</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">[...]</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">[...]</wsse:Nonce>
<wsu:Created>[...]</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
关于php - Royal Mail Shipping API - SOAP 连接和 pem/证书查询,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/33101153/
26
4
0
我有三张 table 。表 A 有选项名称(即颜色、尺寸)。表 B 有选项值名称(即蓝色、红色、黑色等)。表C通过将选项名称id和选项名称值id放在一起来建立关系。 我的查询需要显示值和选项的名称,而
在mysql中,如何计算一行中的非空单元格?我只想计算某些列之间的单元格,比如第 3-10 列之间的单元格。不是所有的列...同样,仅在该行中。 最佳答案 如果你想这样做,只能在 sql 中使用名称而
关闭。这个问题需要多问focused 。目前不接受答案。 想要改进此问题吗?更新问题,使其仅关注一个问题 editing this post . 已关闭 7 年前。 Improve this ques
我正在为版本7.6进行Elasticsearch查询 我的查询是这样的: { "query": { "bool": { "should": [ {
关闭。这个问题需要多问focused 。目前不接受答案。 想要改进此问题吗?更新问题,使其仅关注一个问题 editing this post . 已关闭 7 年前。 Improve this ques
是否可以编写一个查询来检查任一子查询(而不是一个子查询)是否正确? SELECT * FROM employees e WHERE NOT EXISTS (
我找到了很多关于我的问题的答案,但问题没有解决 我有表格,有数据,例如: Data 1 Data 2 Data 3
以下查询返回错误: 查询: SELECT Id, FirstName, LastName, OwnerId, PersonEmail FROM Account WHERE lower(PersonEm
以下查询返回错误: 查询: SELECT Id, FirstName, LastName, OwnerId, PersonEmail FROM Account WHERE lower(PersonEm
我从 EditText 中获取了 String 值。以及提交查询的按钮。 String sql=editQuery.getText().toString();// SELECT * FROM empl
我有一个或多或少有效的查询(关于结果),但处理大约需要 45 秒。这对于在 GUI 中呈现数据来说肯定太长了。 所以我的需求是找到一个更快/更高效的查询(几毫秒左右会很好)我的数据表大约有 3000
这是我第一次使用 Stack Overflow,所以我希望我以正确的方式提出这个问题。 我有 2 个 SQL 查询,我正在尝试比较和识别缺失值,尽管我无法将 NULL 字段添加到第二个查询中以识别缺失
什么是动态 SQL 查询?何时需要使用动态 SQL 查询?我使用的是 SQL Server 2005。 最佳答案 这里有几篇文章: Introduction to Dynamic SQL Dynami
include "mysql.php"; $query= "SELECT ID,name,displayname,established,summary,searchlink,im
我有一个查询要“转换”为 mysql。这是查询: select top 5 * from (select id, firstName, lastName, sum(fileSize) as To
通过我的研究,我发现至少从 EF 4.1 开始,EF 查询上的 .ToString() 方法将返回要运行的 SQL。事实上,这对我来说非常有用,使用 Entity Framework 5 和 6。 但
我在构造查询来执行以下操作时遇到问题: 按activity_type_id过滤联系人,仅显示最近事件具有所需activity_type_id或为NULL(无事件)的联系人 表格结构如下: 一个联系人可
如何让我输入数据库的信息在输入数据 5 分钟后自行更新? 假设我有一张 table : +--+--+-----+ |id|ip|count| +--+--+-----+ |
我正在尝试搜索正好是 4 位数字的 ID,我知道我需要使用 LENGTH() 字符串函数,但找不到如何使用它的示例。我正在尝试以下(和其他变体)但它们不起作用。 SELECT max(car_id)
我有一个在 mysql 上运行良好的 sql 查询(查询 + 连接): select sum(pa.price) from user u , purchase pu , pack pa where (
我是一名优秀的程序员,十分优秀!