Signature Invalid

[Simson Parlindungan]

Hi All,

I have implemented the soap server to return signature but for some reason this seem to be broken now 

My Provider who send us callbacks reject  the response

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://www.proximus.be/services/cws/productordering/preorderingcallback/v1" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">

   <SOAP-ENV:Header>

      <wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

         <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="pfx3b31b59b-993c-6d93-c775-e14840289e63" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIIGhTCCBW2gAwIBAgIQEg4STDxWbEjS7lTc/pSMFzANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMB4XDTE5MDIxMTAwMDAwMFoXDTIxMDIxMDIzNTk1OVowYDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMR0wGwYDVQQLExRQb3NpdGl2ZVNTTCBXaWxkY2FyZDEcMBoGA1UEAwwTKi51bml0ZWQtdGVsZWNvbS5iZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMV/6x0cGgNeYYhd66JiFDlv816dA5yLGBl/EXl6aWkHWeGYpxTO+nmnGe6RZ4vO+SaezLmFCbl6KUh3OhRcjxkgoN9TQirpcfjCsW+MUmYFN2lvm9kKPyNoCzNkWgoS/VY8lJQbKI+3MbY8FoQoL+/ewAlJwrrNtBKathxeX6KAfS2B4jBqnX/X5aJ79vp3I4qsmoT+v2FJ+1Up25HbMtTYRLsUy2Mt10sjwcDErZwmAkDuhoygnuhiBAxhziHKHxwSwTlAF34+qR9F87/1WMtU/3H+p5UbvJRV8T1Aal2A2auC7b4cnWa52NX28kEMlOnuz41/+T2URnfvh9zX9q0CAwEAAaOCAwkwggMFMB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMB0GA1UdDgQWBBRvqdyB0PB42HY+ZkyTKaNlmcxjezAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgwdjBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wMQYDVR0RBCowKIITKi51bml0ZWQtdGVsZWNvbS5iZYIRdW5pdGVkLXRlbGVjb20uYmUwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABaNuwjI0AAAQDAEcwRQIhAJyO3M00QoJ4eiDV4MmJLWl5iylObnj081eF9zymPMIOAiAW/qB2FtkUZJLSeFVu9xs4XOLq130YPP9BeMMPneWTJwB2AESUZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAABaNuwjLMAAAQDAEcwRQIhALmGCwv3MrLpVz88hEJmRGVO6ziEAI4nQmNGCbCXxAZbAiABFCzmZaaz9Z/Dcrs9l/51aAw0KveLy8qvBTgjRsqzlQB3AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2xw7KAAABaNuwjNoAAAQDAEgwRgIhAI8UHoTLPR0yJzDyG66WgEriSl5OzdJ71LgyYvGYQ3ioAiEApXdImvH/DLBgL2vm+TImYD9V6GGfr5wvjB7qIBonU6YwDQYJKoZIhvcNAQELBQADggEBANTaPeJEu0fDp9dUJbWIRq4fqIJ9ZyEC1+ffyFzVhY7CJcO33PihTKo2O8RG4OIHkBZwVOXiZFAtY2//4nmb8OK3MpKNGs2NtOkeuafJ6wQjpVTXZS8aOn3fZTdHREr3U6jMfbcrY2028eZ5Svywk2qu8jvgfY3U03ltZcBd/9/JSd4YuWmDMM3saMIRNoiE0M2IgmwGJPZJWs/pEB8z1lBS7ck8lNMma2yHKC0FxwOX/K+snOqgTLT25PSY+PaWPc9j7gxLVOIWWw/ZoPqTQsVieKuiOP5gEZ4vFo9g0FBsUcLNY5cjwCo/w3vQjACwQxD7MzWVQuhOsPrZovsbgxw=</wsse:BinarySecurityToken>

         <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

            <ds:SignedInfo>

               <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>

               <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

               <ds:Reference URI="#pfxbfc0f14a-f1a0-a7d8-8c61-c91d0303f630">

                  <ds:Transforms>

                     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>

                  </ds:Transforms>

                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>

                  <ds:DigestValue>F9FvscHUQ8QPHB1vrwKExFdxYcE=</ds:DigestValue>

               </ds:Reference>

               <ds:Reference URI="#pfx9afec16f-c1e7-0829-f7f2-5da31714e66b">

                  <ds:Transforms>

                     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>

                  </ds:Transforms>

                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>

                  <ds:DigestValue>Ec3HbEvguHXmEnIIr4mv9GhDWKo=</ds:DigestValue>

               </ds:Reference>

            </ds:SignedInfo>

            <ds:SignatureValue>dYHvl0REJZ/szBFyyXB1dOkZiWKrak7Apjp5k0REwcI46HopXQjFvJ6Si3B8+P5vbEoB2hnWBWmiva74cxw/Ib1cyzBEju1u2CJXDOKwj+iXQCFt/WnwQ9TAy/y94WFL2hiaWp86AHA4J94qDqxJqQEWtTAmpSaKS065c4PVoS3/x/3/2Iv0xFVhwozn3q/2eHxLIHYvpfchnw5qVJL4qOEZq44D7TRLeSuRYm4N/8jmTWN4qDMt542Fa+lMe8BLknCymXk8sQWdKcasbCxusRysLTY2UczqBIu+JTtaB/0qrY5+YC25bun1s5wORYD+VWDUfUGTSpJZXS865h9lsw==</ds:SignatureValue>

            <ds:KeyInfo>

               <wsse:SecurityTokenReference>

                  <wsse:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#pfx3b31b59b-993c-6d93-c775-e14840289e63"/>

               </wsse:SecurityTokenReference>

            </ds:KeyInfo>

         </ds:Signature>

         <wsu:Timestamp wsu:Id="pfxbfc0f14a-f1a0-a7d8-8c61-c91d0303f630" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">

            <wsu:Created>2019-08-20T13:12:04Z</wsu:Created>

            <wsu:Expires>2019-08-20T14:12:04Z</wsu:Expires>

         </wsu:Timestamp>

      </wsse:Security>

   </SOAP-ENV:Header>

   <SOAP-ENV:Body wsu:Id="pfx9afec16f-c1e7-0829-f7f2-5da31714e66b" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">

      <ns1:ResponseDataFindGeographicLocationCallback>

         <ns1:feedback>

            <ns1:code>1010</ns1:code>

            <ns1:description>Accepted</ns1:description>

         </ns1:feedback>

      </ns1:ResponseDataFindGeographicLocationCallback>

   </SOAP-ENV:Body>

</SOAP-ENV:Envelope>

Here is the code  below to return the response above

could someone or Rob help me what i am doing wrong here?

use RobRichards\WsePhp\WSASoap;

use RobRichards\WsePhp\WSSESoap;

use RobRichards\WsePhp\WSSESoapServer;

use RobRichards\XMLSecLibs\XMLSecurityKey;

class MCallback extends SoapServer

{

public function handle($soap_request = null)

{

parent::handle();

$headers = $this->getHeaders();

ob_end_clean();

ob_start();

ini_set("soap.wsdl_cache_enabled", "0");

//$headers = getHeaders();

$dom = new DOMDocument();

$action = str_replace('"', '', $headers['SOAPACTION']);

$xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"http://www.proximus.be/services/cws/productordering/preorderingcallback/v1\"><SOAP-ENV:Body><ns1:ResponseData$action><ns1:feedback><ns1:code>1010</ns1:code><ns1:description>Accepted</ns1:description> </ns1:feedback></ns1:ResponseData$action></SOAP-ENV:Body></SOAP-ENV:Envelope>";

//error_log($xml, 0);

$dom->loadXML($xml);

$objWSA = new WSASoap($dom);

$dom = $objWSA->getDoc();

$objWSSE = new WSSESoap($dom);

/* Sign all headers to include signing the WS-Addressing headers */

$objWSSE->signAllHeaders = true;

$objWSSE->addTimestamp();

/* create new XMLSec Key using RSA SHA-1 and type is private key */

$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array(

'type' => 'private'

));

/* load the private key from file - last arg is bool if key in file (true) or is string (FALSE) */

$objKey->loadKey(PRIVATE_KEY, true);

/* Sign the message - also signs appropraite WS-Security items */

$objWSSE->signSoapDoc($objKey);

/* Add certificate (BinarySecurityToken) to the message and attach pointer to Signature */

$token = $objWSSE->addBinaryToken(trim(file_get_contents(CERT_FILE)));

$objWSSE->attachTokentoSig($token);

$response = $objWSSE->saveXML();

print_r($response);

exit;

//$res = $this->formatXmlString($response);

}