lib/akami/wsse.rb in akami-1.3.2 vs lib/akami/wsse.rb in akami-1.3.3

@@ -88,29 +88,28 @@
       end
     end
 
     # Returns the XML for a WSSE header.
     def to_xml
-      if signature? and signature.have_document?
-        Gyoku.xml wsse_signature.merge!(hash)
-      elsif username_token? && timestamp?
-        Gyoku.xml wsse_username_token.merge!(wsu_timestamp) {
-          |key, v1, v2| v1.merge!(v2) {
-            |key, v1, v2| v1.merge!(v2)
-          }
-        }
-      elsif username_token?
-        Gyoku.xml wsse_username_token.merge!(hash)
-      elsif timestamp?
-        Gyoku.xml wsu_timestamp.merge!(hash)
-      else
-        ""
-      end
+      h = wsse_signature if signature? && signature.have_document?
+      h = merge_hashes_with_keys(h, wsu_timestamp) if timestamp?
+      h = merge_hashes_with_keys(h, wsse_username_token) if username_token?
+
+      return '' unless h
+      Gyoku.xml h
     end
 
   private
 
+    def merge_hashes_with_keys(hash_one, hash_two)
+      return hash_two unless hash_one
+      keys = hash_one["wsse:Security"][:order!] | hash_two["wsse:Security"][:order!]
+      Akami::HashHelper.deep_merge!(hash_one, hash_two)
+      hash_one["wsse:Security"][:order!] = keys
+      hash_one
+    end
+
     # Returns a Hash containing wsse:UsernameToken details.
     def wsse_username_token
       if digest?
         token = security_hash :wsse, "UsernameToken",
           "wsse:Username" => username,
@@ -133,11 +132,11 @@
       signature_hash = signature.to_token
 
       # First key/value is tag/hash
       tag, hash = signature_hash.shift
 
-      security_hash nil, tag, hash, signature_hash
+      security_hash nil, tag, hash, signature_hash, true
     end
 
     # Returns a Hash containing wsu:Timestamp details.
     def wsu_timestamp
       security_hash :wsu, "Timestamp",
@@ -145,25 +144,24 @@
         "wsu:Expires" => (expires_at || (created_at || Time.now) + 60).utc.xmlschema
     end
 
     # Returns a Hash containing wsse/wsu Security details for a given
     # +namespace+, +tag+ and +hash+.
-    def security_hash(namespace, tag, hash, extra_info = {})
+    def security_hash(namespace, tag, hash, extra_info = {}, signature_request=false)
       key = [namespace, tag].compact.join(":")
 
       sec_hash = {
         "wsse:Security" => {
-          key => hash
+          key => hash,
+          :order! => [key]
         },
         :attributes! => { "wsse:Security" => { "xmlns:wsse" => WSE_NAMESPACE } }
       }
 
-      unless extra_info.empty?
-        sec_hash["wsse:Security"].merge!(extra_info)
-      end
+      sec_hash["wsse:Security"].merge!(extra_info) unless extra_info.empty?
 
-      if signature?
+      if signature_request
         sec_hash[:attributes!].merge!("soapenv:mustUnderstand" => "1")
       else
         sec_hash["wsse:Security"].merge!(:attributes! => { key => { "wsu:Id" => "#{tag}-#{count}", "xmlns:wsu" => WSU_NAMESPACE } })
       end
 
@@ -199,8 +197,7 @@
 
     # Returns a memoized and autovivificating Hash.
     def hash
       @hash ||= Hash.new { |h, k| h[k] = Hash.new(&h.default_proc) }
     end
-
   end
 end