{"id":13403742,"url":"https://github.com/vpulim/node-soap","last_synced_at":"2026-01-22T01:16:39.426Z","repository":{"id":37561792,"uuid":"1584707","full_name":"vpulim/node-soap","owner":"vpulim","description":"A SOAP client and server for node.js.","archived":false,"fork":false,"pushed_at":"2025-04-22T07:32:19.000Z","size":3104,"stargazers_count":3006,"open_issues_count":20,"forks_count":1497,"subscribers_count":108,"default_branch":"master","last_synced_at":"2025-05-05T22:41:26.051Z","etag":null,"topics":["javascript","namespace-prefix","node-soap","received-soap-headers","soap-client","soap-headers","soap-messages","soap-request","soap-response","soap-service","xml-string"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vpulim.png","metadata":{"files":{"readme":"Readme.md","changelog":"History.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2011-04-07T22:16:49.000Z","updated_at":"2025-05-05T18:27:37.000Z","dependencies_parsed_at":"2022-07-11T00:46:01.149Z","dependency_job_id":"57bf44ce-3be7-4983-85c1-b67efe6e16db","html_url":"https://github.com/vpulim/node-soap","commit_stats":{"total_commits":833,"total_committers":361,"mean_commits":"2.3074792243767313","dds":0.8823529411764706,"last_synced_commit":"9c3822bd0921f3a4fef6a8508454a7a96f936342"},"previous_names":["milewise/node-soap"],"tags_count":85,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vpulim%2Fnode-soap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vpulim%2Fnode-soap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vpulim%2Fnode-soap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vpulim%2Fnode-soap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vpulim","download_url":"https://codeload.github.com/vpulim/node-soap/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253199468,"owners_count":21870081,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["javascript","namespace-prefix","node-soap","received-soap-headers","soap-client","soap-headers","soap-messages","soap-request","soap-response","soap-service","xml-string"],"created_at":"2024-07-30T19:01:33.966Z","updated_at":"2026-01-22T01:16:39.419Z","avatar_url":"https://github.com/vpulim.png","language":"JavaScript","readme":"[![NPM version][npm-image]][npm-url] [![Downloads][downloads-image]][npm-url] [![Coveralls Status][coveralls-image]][coveralls-url]\n\n[![Support][buy-me-a-coffee-image]][buy-me-a-coffee-url]\n\n# Sponsors\n\n[**Travel Axis**](https://www.linkedin.com/company/travel-axis) is proud to support this project by contributing engineering resources.  \nThe company is building [**Helix**](https://www.midoffice.app), a SaaS platform designed to transform the travel management industry.\n\n# SOAP client and server for node.js.\n\nThis module lets you connect to web services using SOAP. It also provides a server that allows you to run your own SOAP services.\n\n\u003c!-- Run `npm run toc` to update below section --\u003e\n\u003c!-- START doctoc generated TOC please keep comment here to allow auto update --\u003e\n\u003c!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE --\u003e\n\n- [Features](#features)\n- [Install](#install)\n- [Support](#support)\n- [Module](#module)\n  - [soap.createClient(url[, options], callback) - create a new SOAP client from a WSDL url. Also supports a local filesystem path.](#soapcreateclienturl-options-callback---create-a-new-soap-client-from-a-wsdl-url-also-supports-a-local-filesystem-path)\n  - [soap.createClientAsync(url[, options]) - create a new SOAP client from a WSDL url. Also supports a local filesystem path.](#soapcreateclientasyncurl-options---create-a-new-soap-client-from-a-wsdl-url-also-supports-a-local-filesystem-path)\n  - [soap.listen(_server_, _path_, _services_, _wsdl_, _callback_) - create a new SOAP server that listens on _path_ and provides _services_.](#soaplistenserver-path-services-wsdl-callback---create-a-new-soap-server-that-listens-on-path-and-provides-services)\n  - [soap.listen(_server_, _options_) - create a new SOAP server that listens on _path_ and provides _services_.](#soaplistenserver-options---create-a-new-soap-server-that-listens-on-path-and-provides-services)\n  - [Server Logging](#server-logging)\n  - [Server Events](#server-events)\n  - [Server Response on one-way calls](#server-response-on-one-way-calls)\n  - [SOAP Fault](#soap-fault)\n  - [Server security example using PasswordDigest](#server-security-example-using-passworddigest)\n  - [Server connection authorization](#server-connection-authorization)\n- [SOAP Headers](#soap-headers)\n  - [Received SOAP Headers](#received-soap-headers)\n  - [Outgoing SOAP Headers](#outgoing-soap-headers)\n- [Client](#client)\n  - [Client.describe() - description of services, ports and methods as a JavaScript object](#clientdescribe---description-of-services-ports-and-methods-as-a-javascript-object)\n  - [Client.setSecurity(security) - use the specified security protocol](#clientsetsecuritysecurity---use-the-specified-security-protocol)\n  - [Client._method_(args, callback, options) - call _method_ on the SOAP service.](#clientmethodargs-callback-options---call-method-on-the-soap-service)\n  - [Client.*method*Async(args, options) - call _method_ on the SOAP service.](#clientmethodasyncargs-options---call-method-on-the-soap-service)\n  - [Client._service_._port_._method_(args, callback[, options[, extraHeaders]]) - call a _method_ using a specific _service_ and _port_](#clientserviceportmethodargs-callback-options-extraheaders---call-a-method-using-a-specific-service-and-port)\n  - [Overriding the namespace prefix](#overriding-the-namespace-prefix)\n  - [Client._lastRequest_ - the property that contains last full soap request for client logging](#clientlastrequest---the-property-that-contains-last-full-soap-request-for-client-logging)\n  - [Client.setEndpoint(url) - overwrite the SOAP service endpoint address](#clientsetendpointurl---overwrite-the-soap-service-endpoint-address)\n  - [Client Events](#client-events)\n  - [_request_](#request)\n  - [_message_](#message)\n  - [_soapError_](#soaperror)\n  - [_response_](#response)\n- [WSDL](#wsdl)\n- [WSDL.constructor(wsdl, baseURL, options):](#wsdlconstructorwsdl-baseurl-options)\n  - [wsdl.xmlToObject(xml):](#wsdlxmltoobjectxml)\n  - [wsdl.objectToXML(object, typeName, namespacePrefix, namespaceURI, ...):](#wsdlobjecttoxmlobject-typename-namespaceprefix-namespaceuri-)\n- [Security](#security)\n  - [BasicAuthSecurity](#basicauthsecurity)\n  - [BearerSecurity](#bearersecurity)\n  - [ClientSSLSecurity](#clientsslsecurity)\n  - [ClientSSLSecurityPFX](#clientsslsecuritypfx)\n  - [WSSecurity](#wssecurity)\n  - [WSSecurityCert](#wssecuritycert)\n  - [WSSecurityPlusCert](#wssecuritypluscert)\n  - [WSSecurityCertWithToken](#wssecuritycertwithtoken)\n  - [NTLMSecurity](#ntlmsecurity)\n- [Handling XML Attributes, Value and XML (wsdlOptions).](#handling-xml-attributes-value-and-xml-wsdloptions)\n  - [Overriding the `value` key](#overriding-the-value-key)\n  - [Overriding the `xml` key](#overriding-the-xml-key)\n  - [Overriding the `attributes` key](#overriding-the-attributes-key)\n  - [Overriding imports relative paths](#overriding-imports-relative-paths)\n  - [Overriding import locations](#overriding-import-locations)\n  - [Specifying the exact namespace definition of the root element](#specifying-the-exact-namespace-definition-of-the-root-element)\n  - [Overriding element key specification in XML](#overriding-element-key-specification-in-xml)\n  - [Custom Deserializer](#custom-deserializer)\n  - [Changing the tag formats to use self-closing (empty element) tags](#changing-the-tag-formats-to-use-self-closing-empty-element-tags)\n- [Handling \"ignored\" namespaces](#handling-ignored-namespaces)\n- [Handling \"ignoreBaseNameSpaces\" attribute](#handling-ignorebasenamespaces-attribute)\n- [Contributors](#contributors)\n\n\u003c!-- END doctoc generated TOC please keep comment here to allow auto update --\u003e\n\n## Features\n\n- Very simple API\n- Handles both RPC and Document schema types\n- Supports multiRef SOAP messages (thanks to [@kaven276](https://github.com/kaven276))\n- Support for both synchronous and asynchronous method handlers\n- WS-Security UsernameToken Profile 1.0\n- Supports [Express](http://expressjs.com/) based web server (body parser middleware can be used)\n\n## Install\n\n```\n  npm install soap\n```\n\n## Support\n\nCommunity support is available through GitHub issues tab.\nPaid support can be provided as well, please contact one of the active maintainers.\n\n## Module\n\n### soap.createClient(url[, options], callback) - create a new SOAP client from a WSDL url. Also supports a local filesystem path.\n\n- `url` (_string_): A HTTP/HTTPS URL, XML or a local filesystem path.\n- `options` (_Object_):\n  - `endpoint` (_string_): Override the host specified by the SOAP service in the WSDL file.\n  - `envelopeKey` (_string_): Set a custom envelope key. (**Default:** `'soap'`)\n  - `preserveWhitespace` (_boolean_): Preserve any leading and trailing whitespace characters in text and cdata.\n  - `escapeXML` (_boolean_): Escape special XML characters (e.g. `\u0026`, `\u003e`, `\u003c` etc) in SOAP messages. (**Default:** `true`)\n  - `suppressStack` (_boolean_): Suppress the full stack trace for error messages.\n  - `returnFault` (_boolean_): Return an `Invalid XML` SOAP fault upon a bad request. (**Default:** `false`)\n  - `forceSoap12Headers` (_boolean_): Enable SOAP 1.2 compliance.\n  - `httpClient` (_Object_): Override the built-in HttpClient object with your own. Must implement `request(rurl, data, callback, exheaders, exoptions)`.\n  - `request` (_Object_): Override the default request module ([Axios](https://axios-http.com/) as of `v0.40.0`).\n  - `wsdl_headers` (_Object_): Set HTTP headers with values to be sent on WSDL requests.\n  - `wsdl_options` (_Object_): Set options for the request module on WSDL requests. If using the default request module, see [Request Config | Axios Docs](https://axios-http.com/docs/req_config).\n  - `disableCache` (_boolean_): Prevents caching WSDL files and option objects.\n  - `wsdlCache` (_IWSDLCache_): Custom cache implementation. If not provided, defaults to caching WSDLs indefinitely.\n  - `overridePromiseSuffix` (_string_): Override the default method name suffix of WSDL operations for Promise-based methods. If any WSDL operation name ends with `Async', you must use this option. (**Default:** `Async`)\n  - `normalizeNames` (_boolean_): Replace non-identifier characters (`[^a-z$_0-9]`) with `_` in WSDL operation names. Note: Clients using WSDLs with two operations like `soap:method` and `soap-method` will be overwritten. In this case, you must use bracket notation instead (`client['soap:method']()`).\n  - `namespaceArrayElements` (_boolean_): Support non-standard array semantics. JSON arrays of the form `{list: [{elem: 1}, {elem: 2}]}` will be marshalled into XML as `\u003clist\u003e\u003celem\u003e1\u003c/elem\u003e\u003c/list\u003e \u003clist\u003e\u003celem\u003e2\u003c/elem\u003e\u003c/list\u003e`. If `false`, it would be marshalled into `\u003clist\u003e \u003celem\u003e1\u003c/elem\u003e \u003celem\u003e2\u003c/elem\u003e \u003c/list\u003e`. (**Default:** `true`)\n  - `stream` (_boolean_): Use streams to parse the XML SOAP responses. (**Default:** `false`)\n  - `returnSaxStream` (_boolean_): Return the SAX stream, transferring responsibility of parsing XML to the end user. Only valid when the _stream_ option is set to `true`. (**Default:** `false`)\n  - `parseReponseAttachments` (_boolean_): Treat response as multipart/related response with MTOM attachment. Reach attachments on the `lastResponseAttachments` property of SoapClient. (**Default:** `false`)\n  - `encoding` (_string_): Response data enconding, used with `parseReponseAttachments`. (**Default:** `utf8`)\n  - `forceUseSchemaXmlns` (_boolean_): Force to use schema xmlns when schema prefix not found, this is needed when schema prefix is different for the same namespace in different files, for example wsdl and in imported xsd file fir complex types (**Default** `false`)\n- `callback` (_Function_):\n  - `err` (_Error_ | _\\\u003cAggregateError\\\u003e_)\n  - `result` (_Any_)\n- Returns: `Client`\n\n#### Example\n\nHTTP/HTTPS:\n\n```javascript\nvar soap = require('soap');\nvar url = 'http://example.com/wsdl?wsdl';\nvar args = { name: 'value' };\n\nsoap.createClient(url, {}, function (err, client) {\n  client.MyFunction(args, function (err, result) {\n    console.log(result);\n  });\n});\n```\n\nXML string format:\n\n```javascript\nvar soap = require('soap');\nvar xml = `\n    \u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n    \u003cdefinitions xmlns=\"http://schemas.xmlsoap.org/wsdl/\" xmlns:soap=\"http://schemas.xmlsoap.org/wsdl/soap/\"\u003e\n       \u003cmessage name=\"MyFunctionRequest\"/\u003e\n       \u003cmessage name=\"MyFunctionResponse\"/\u003e\n    \n       \u003cportType name=\"MyFunctionPortType\"\u003e\n          \u003coperation name=\"MyFunction\"\u003e\n             \u003cinput message=\"MyFunctionRequest\"/\u003e\n             \u003coutput message=\"MyFunctionResponse\"/\u003e\n          \u003c/operation\u003e\n       \u003c/portType\u003e\n    \n       \u003cbinding name=\"MyFunctionBinding\" type=\"MyFunctionPortType\"\u003e\n          \u003csoap:binding style=\"rpc\" transport=\"http://schemas.xmlsoap.org/soap/http\"/\u003e\n          \u003coperation name=\"MyFunction\"\u003e\n             \u003csoap:operation soapAction=\"MyFunction\"/\u003e\n             \u003cinput\u003e\u003csoap:body use=\"encoded\"/\u003e\u003c/input\u003e\n             \u003coutput\u003e\u003csoap:body use=\"encoded\"/\u003e\u003c/output\u003e\n          \u003c/operation\u003e\n       \u003c/binding\u003e\n    \n       \u003cservice name=\"MyService\"\u003e\n          \u003cport binding=\"MyFunctionBinding\" name=\"MyFunctionPort\"\u003e\n             \u003csoap:address location=\"http://www.examples.com/MyFunction/\" /\u003e\n          \u003c/port\u003e\n       \u003c/service\u003e\n    \u003c/definitions\u003e\n  `;\nvar args = { name: 'value' };\n\nsoap.createClient(xml, {}, function (err, client) {\n  client.MyFunction(args, function (err, result) {\n    console.log(result);\n  });\n});\n```\n\nNote: for versions of node \u003e0.10.X, you may need to specify `{connection: 'keep-alive'}` in SOAP headers to avoid truncation of longer chunked responses.\n\n### soap.createClientAsync(url[, options]) - create a new SOAP client from a WSDL url. Also supports a local filesystem path.\n\nConstruct a `Promise\u003cClient\u003e` with the given WSDL file.\n\n- `url` (_string_): A HTTP/HTTPS URL, XML or a local filesystem path.\n- `options` (_Object_): See [soap.createClient(url[, options], callback)](#soapcreateclienturl-options-callback---create-a-new-soap-client-from-a-wsdl-url-also-supports-a-local-filesystem-path) for a description.\n- Returns: `Promise\u003cClient\u003e`\n\n#### Example\n\n```javascript\nvar soap = require('soap');\nvar url = 'http://example.com/wsdl?wsdl';\nvar args = { name: 'value' };\n\n// then/catch\nsoap\n  .createClientAsync(url)\n  .then((client) =\u003e {\n    return client.MyFunctionAsync(args);\n  })\n  .then((result) =\u003e {\n    console.log(result);\n  });\n\n// async/await\nvar client = await soap.createClientAsync(url);\nvar result = await client.MyFunctionAsync(args);\nconsole.log(result[0]);\n```\n\nNote: for versions of node \u003e0.10.X, you may need to specify `{connection: 'keep-alive'}` in SOAP headers to avoid truncation of longer chunked responses.\n\n### soap.listen(_server_, _path_, _services_, _wsdl_, _callback_) - create a new SOAP server that listens on _path_ and provides _services_.\n\n### soap.listen(_server_, _options_) - create a new SOAP server that listens on _path_ and provides _services_.\n\n- `server` (_Object_): A [http](https://nodejs.org/api/http.html) server or [Express](http://expressjs.com/) framework based server.\n- `path` (_string_)\n- `options` (_Object_): An object containing _server options_ and [WSDL Options](#handling-xml-attributes-value-and-xml-wsdloptions)\n  - `path` (_string_)\n  - `services` (_Object_)\n  - `xml` (_string_)\n  - `uri` (_string_)\n  - `pfx` (_string_ | _Buffer_): The private key, certificate and CA certs of the server in PFX or PKCS12 format. (Mutually exclusive with the key, cert and ca options.)\n  - `key` (_string_ | _Buffer_): The private key of the server in PEM format. (Could be an array of keys). (Required)\n  - `passphrase` (_string_): The passphrase for the private key or pfx.\n  - `cert` (_string_ | _Buffer_): The certificate key of the server in PEM format. (Could be an array of certs). (Required)\n  - `ca` (_string[]_ | _Buffer[]_): Trusted certificates in PEM format. If this is omitted several well known \"root\" CAs will be used, like VeriSign. These are used to authorize connections.\n  - `crl` (_string_ | _string[]_: PEM encoded CRLs (Certificate Revocation List)\n  - `ciphers` (_string_): A description of the ciphers to use or exclude, separated by `:`. The default cipher suite is:\n  - `enableChunkedEncoding` (_boolean_): Controls chunked transfer encoding in response. Some clients (such as Windows 10's MDM enrollment SOAP client) are sensitive to transfer-encoding mode and can't accept chunked response. This option lets users disable chunked transfer encoding for such clients. (**Default:** `true`)\n- `services` (_Object_)\n- `wsdl` (_string_): An XML string that defines the service.\n- `callback` (_Function_): A function to run after the server has been initialized.\n- Returns: `Server`\n\n#### Example\n\n```javascript\nvar myService = {\n  MyService: {\n    MyPort: {\n      MyFunction: function (args) {\n        return {\n          name: args.name,\n        };\n      },\n\n      // This is how to define an asynchronous function with a callback.\n      MyAsyncFunction: function (args, callback) {\n        // do some work\n        callback({\n          name: args.name,\n        });\n      },\n\n      // This is how to define an asynchronous function with a Promise.\n      MyPromiseFunction: function (args) {\n        return new Promise((resolve) =\u003e {\n          // do some work\n          resolve({\n            name: args.name,\n          });\n        });\n      },\n\n      // This is how to receive incoming headers\n      HeadersAwareFunction: function (args, cb, headers) {\n        return {\n          name: headers.Token,\n        };\n      },\n\n      // You can also inspect the original `req`\n      reallyDetailedFunction: function (args, cb, headers, req) {\n        console.log('SOAP `reallyDetailedFunction` request from ' + req.connection.remoteAddress);\n        return {\n          name: headers.Token,\n        };\n      },\n    },\n  },\n};\n\nvar xml = require('fs').readFileSync('myservice.wsdl', 'utf8');\n\n//http server example\nvar server = http.createServer(function (request, response) {\n  response.end('404: Not Found: ' + request.url);\n});\n\nserver.listen(8000);\nsoap.listen(server, '/wsdl', myService, xml, function () {\n  console.log('server initialized');\n});\n\n//express server example\nvar app = express();\n//body parser middleware are supported (optional)\napp.use(\n  bodyParser.raw({\n    type: function () {\n      return true;\n    },\n    limit: '5mb',\n  }),\n);\napp.listen(8001, function () {\n  //Note: /wsdl route will be handled by soap module\n  //and all other routes \u0026 middleware will continue to work\n  soap.listen(app, '/wsdl', myService, xml, function () {\n    console.log('server initialized');\n  });\n});\n```\n\n```javascript\nvar xml = require('fs').readFileSync('myservice.wsdl', 'utf8');\n\nsoap.listen(server, {\n  // Server options.\n  path: '/wsdl',\n  services: myService,\n  xml: xml,\n\n  // WSDL options.\n  attributesKey: 'theAttrs',\n  valueKey: 'theVal',\n  xmlKey: 'theXml',\n});\n```\n\n### Server Logging\n\nIf the `log` method is defined, it will be called with:\n\n- `type`: 'received', 'replied', 'info' or 'error'.\n- `data`: The data to be logged which will be an XML for 'received' and 'replied' or a message for the other types.\n- `req`: The original request object\n\n```javascript\n  server = soap.listen(...)\n  server.log = function(type, data, req) {\n    // type is 'received', 'replied', 'info' or 'error'\n  };\n```\n\n### Server Events\n\nServer instances emit the following events:\n\n- request - Emitted for every received messages.\n  The signature of the callback is `function(request, methodName)`.\n- response - Emitted before sending SOAP response.\n  The signature of the callback is `function(response, methodName)`.\n- headers - Emitted when the SOAP Headers are not empty.\n  The signature of the callback is `function(headers, methodName)`.\n\nThe sequence order of the calls is `request`, `headers` and then the dedicated\nservice method.\n\n### Server Response on one-way calls\n\nThe so called one-way (or asynchronous) calls occur when an operation is called with no output defined in WSDL.\nThe server sends a response (defaults to status code 200 with no body) to the client disregarding the result of the operation.\n\nYou can configure the response to match the appropriate client expectation to the SOAP standard implementation.\nPass in `oneWay` object in server options. Use the following keys:\n`emptyBody`: if true, returns an empty body, otherwise no content at all (default is false)\n`responseCode`: default statusCode is 200, override it with this options (for example 202 for SAP standard compliant response)\n\n### SOAP Fault\n\nA service method can reply with a SOAP Fault to a client by `throw`ing an\nobject with a `Fault` property.\n\n```javascript\nthrow {\n  Fault: {\n    Code: {\n      Value: 'soap:Sender',\n      Subcode: { value: 'rpc:BadArguments' },\n    },\n    Reason: { Text: 'Processing Error' },\n  },\n};\n```\n\nTo change the HTTP statusCode of the response include it on the fault. The statusCode property will not be put on the xml message.\n\n```javascript\nthrow {\n  Fault: {\n    Code: {\n      Value: 'soap:Sender',\n      Subcode: { value: 'rpc:BadArguments' },\n    },\n    Reason: { Text: 'Processing Error' },\n    statusCode: 500,\n  },\n};\n```\n\n### Server security example using PasswordDigest\n\nIf `server.authenticate` is not defined then no authentication will take place.\n\nAsynchronous authentication:\n\n```javascript\n  server = soap.listen(...)\n  server.authenticate = function(security, callback) {\n    var created, nonce, password, user, token;\n    token = security.UsernameToken, user = token.Username,\n            password = token.Password, nonce = token.Nonce, created = token.Created;\n\n    myDatabase.getUser(user, function (err, dbUser) {\n      if (err || !dbUser) {\n        callback(false);\n        return;\n      }\n\n      callback(password === soap.passwordDigest(nonce, created, dbUser.password));\n    });\n  };\n```\n\nSynchronous authentication:\n\n```javascript\n  server = soap.listen(...)\n  server.authenticate = function(security) {\n    var created, nonce, password, user, token;\n    token = security.UsernameToken, user = token.Username,\n            password = token.Password, nonce = token.Nonce, created = token.Created;\n    return user === 'user' \u0026\u0026 password === soap.passwordDigest(nonce, created, 'password');\n  };\n```\n\n### Server connection authorization\n\nThe `server.authorizeConnection` method is called prior to the soap service method.\nIf the method is defined and returns `false` then the incoming connection is\nterminated.\n\n```javascript\n  server = soap.listen(...)\n  server.authorizeConnection = function(req) {\n    return true; // or false\n  };\n```\n\n## SOAP Headers\n\n### Received SOAP Headers\n\nA service method can look at the SOAP headers by providing a 3rd arguments.\n\n```javascript\n  {\n      HeadersAwareFunction: function(args, cb, headers) {\n          return {\n              name: headers.Token\n          };\n      }\n  }\n```\n\nIt is also possible to subscribe to the 'headers' event.\nThe event is triggered before the service method is called, and only when the\nSOAP Headers are not empty.\n\n```javascript\n  server = soap.listen(...)\n  server.on('headers', function(headers, methodName) {\n    // It is possible to change the value of the headers\n    // before they are handed to the service method.\n    // It is also possible to throw a SOAP Fault\n  });\n```\n\nFirst parameter is the Headers object;\nsecond parameter is the name of the SOAP method that will called\n(in case you need to handle the headers differently based on the method).\n\n### Outgoing SOAP Headers\n\nBoth client \u0026 server can define SOAP headers that will be added to what they send.\nThey provide the following methods to manage the headers.\n\n#### _addSoapHeader_(soapHeader[, name, namespace, xmlns]) - add soapHeader to soap:Header node\n\n##### Parameters\n\n- `soapHeader` Object({rootName: {name: 'value'}}), strict xml-string,\n  or function (server only)\n\nFor servers only, `soapHeader` can be a function, which allows headers to be\ndynamically generated from information in the request. This function will be\ncalled with the following arguments for each received request:\n\n- `methodName` The name of the request method\n- `args` The arguments of the request\n- `headers` The headers in the request\n- `req` The original request object\n\nThe return value of the function must be an Object({rootName: {name: 'value'}})\nor strict xml-string, which will be inserted as an outgoing header of the\nresponse to that request.\n\nFor example:\n\n```javascript\n  server = soap.listen(...);\n  server.addSoapHeader(function(methodName, args, headers, req) {\n    console.log('Adding headers for method', methodName);\n    return {\n      MyHeader1: args.SomeValueFromArgs,\n      MyHeader2: headers.SomeRequestHeader\n    };\n    // or you can return \"\u003cMyHeader1\u003eSomeValue\u003c/MyHeader1\u003e\"\n  });\n```\n\n##### Returns\n\nThe index where the header is inserted.\n\n##### Optional parameters when first arg is object :\n\n- `name` Unknown parameter (it could just a empty string)\n- `namespace` prefix of xml namespace\n- `xmlns` URI\n\n#### _changeSoapHeader_(index, soapHeader[, name, namespace, xmlns]) - change an already existing soapHeader\n\n##### Parameters\n\n- `index` index of the header to replace with provided new value\n- `soapHeader` Object({rootName: {name: 'value'}}), strict xml-string\n  or function (server only)\n\nSee `addSoapHeader` for how to pass a function into `soapHeader`.\n\n#### _getSoapHeaders_() - return all defined headers\n\n#### _clearSoapHeaders_() - remove all defined headers\n\n## Client\n\nAn instance of `Client` is passed to the `soap.createClient` callback. It is used to execute methods on the soap service.\n\n### Client.describe() - description of services, ports and methods as a JavaScript object\n\n```javascript\nclient.describe(); // returns\n{\n  MyService: {\n    MyPort: {\n      MyFunction: {\n        input: {\n          name: 'string';\n        }\n      }\n    }\n  }\n}\n```\n\n### Client.setSecurity(security) - use the specified security protocol\n\nSee [Security](#security) for example usage.\n\n### Client._method_(args, callback, options) - call _method_ on the SOAP service.\n\n- `args` (_Object_): Arguments that generate an XML document inside of the SOAP Body section.\n- `callback` (_Function_)\n- `options` (_Object_): Set options for the request module on WSDL requests. If using the default request module, see [Request Config | Axios Docs](https://axios-http.com/docs/req_config). Additional options supported by `node-soap` are documented below:\n  - `forever` (_boolean_): Enables keep-alive connections and pools them\n  - `attachments` (_Array_): array of attachment objects. This converts the request into MTOM: _headers['Content-Type']='multipart/related; type=\"application/xop+xml\"; start= ... '_\n\n  ```\n  [{\n        mimetype: content mimetype,\n        contentId: part id,\n        name: file name,\n        body: binary data\n   },\n    ...\n  ]\n  ```\n\n  - `forceMTOM` (_boolean_): Send the request as MTOM even if you don't have attachments.\n  - `forceGzip` (_boolean_): Force transfer-encoding in gzip. (**Default:** `false`)\n\n#### Example\n\n```javascript\nclient.MyFunction({ name: 'value' }, function (err, result, rawResponse, soapHeader, rawRequest) {\n  // result is a javascript object\n  // rawResponse is the raw xml response string\n  // soapHeader is the response soap header as a javascript object\n  // rawRequest is the raw xml request string\n});\n```\n\n### Client.*method*Async(args, options) - call _method_ on the SOAP service.\n\n- `args` (_Object_): Arguments that generate an XML document inside of the SOAP Body section.\n- `options` (_Object_): See [Client._method_(args, callback, options) - call _method_ on the SOAP service.](#clientmethodargs-callback-options---call-method-on-the-soap-service) for a description.\n\n#### Example\n\n```javascript\nclient.MyFunctionAsync({ name: 'value' }).then((result) =\u003e {\n  // result is a javascript array containing result, rawResponse, soapheader, and rawRequest\n  // result is a javascript object\n  // rawResponse is the raw xml response string\n  // soapHeader is the response soap header as a javascript object\n  // rawRequest is the raw xml request string\n});\n```\n\n##### Example with JSON for the `args`\n\nThe example above uses `{name: 'value'}` as the args. This may generate a SOAP messages such as:\n\n```javascript\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\u003csoapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\u003e\n   \u003csoapenv:Body\u003e\n      \u003cRequest xmlns=\"http://www.example.com/v1\"\u003e\n          \u003cname\u003evalue\u003c/name\u003e\n      \u003c/Request\u003e\n   \u003c/soapenv:Body\u003e\n\u003c/soapenv:Envelope\u003e\n```\n\nNote that the \"Request\" element in the output above comes from the WSDL. If an element in `args` contains no namespace prefix, the default namespace is assumed. Otherwise, you must add the namespace prefixes to the element names as necessary (e.g., `ns1:name`).\n\nCurrently, when supplying JSON args, elements may not contain both child elements and a text value, even though that is allowed in the XML specification.\n\n##### Example with XML String for the `args`\n\nYou may pass in a fully-formed XML string instead the individual elements in JSON `args` and attributes that make up the XML. The XML string should not contain an XML declaration (e.g., `\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e`) or a document type declaration (e.g., `\u003c!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Frameset//EN\" \"http://www.w3.org/TR/html4/frameset.dtd\"\u003e`).\n\n```\n var args = { _xml: \"\u003cns1:MyRootElement xmlns:ns1=\"http://www.example.com/v1/ns1\"\u003e\n                        \u003cChildElement\u003eelementvalue\u003c/ChildElement\u003e\n                     \u003c/ns1:MyRootElement\u003e\"\n            };\n```\n\nYou must specify all of the namespaces and namespace prefixes yourself. The element(s) from the WSDL are not utilized as they were in the \"Example with JSON as the `args`\" example above, which automatically populated the \"Request\" element.\n\n### Client._service_._port_._method_(args, callback[, options[, extraHeaders]]) - call a _method_ using a specific _service_ and _port_\n\n- `args` (_Object_): Arguments that generate an XML document inside of the SOAP Body section.\n- `callback` (_Function_)\n- `options` (_Object_): See [Client._method_(args, callback, options) - call _method_ on the SOAP service.](#clientmethodargs-callback-options---call-method-on-the-soap-service) for a description.\n- `extraHeaders` (_Object_): Sets HTTP headers for the WSDL request.\n\n#### Example\n\n```javascript\nclient.MyService.MyPort.MyFunction({ name: 'value' }, function (err, result) {\n  // result is a javascript object\n});\n```\n\n#### Options (optional)\n\n- Accepts any option that the request module accepts, see [here.](https://github.com/mikeal/request)\n- For example, you could set a timeout of 5 seconds on the request like this:\n\n```javascript\nclient.MyService.MyPort.MyFunction(\n  { name: 'value' },\n  function (err, result) {\n    // result is a javascript object\n  },\n  { timeout: 5000 },\n);\n```\n\n- You can measure the elapsed time on the request by passing the time option:\n\n```javascript\nclient.MyService.MyPort.MyFunction(\n  { name: 'value' },\n  function (err, result) {\n    // client.lastElapsedTime - the elapsed time of the last request in milliseconds\n  },\n  { time: true },\n);\n```\n\n- Also, you could pass your soap request through a debugging proxy such as [Fiddler](http://www.telerik.com/fiddler) or [Betwixt](https://github.com/kdzwinel/betwixt).\n\n```javascript\nclient.MyService.MyPort.MyFunction(\n  { name: 'value' },\n  function (err, result) {\n    // client.lastElapsedTime - the elapsed time of the last request in milliseconds\n  },\n  {\n    proxy: {\n      protocol: 'https',\n      host: '127.0.0.1',\n      port: 9000,\n      auth: {\n        username: 'mikeymike',\n        password: 'rapunz3l',\n      },\n    },\n  },\n);\n```\n\n- You can modify xml (string) before call:\n\n```javascript\nclient.MyService.MyPort.MyFunction(\n  { name: 'value' },\n  function (err, result) {\n    // client.lastElapsedTime - the elapsed time of the last request in milliseconds\n  },\n  {\n    postProcess: function (_xml) {\n      return _xml.replace('text', 'newtext');\n    },\n  },\n);\n```\n\n#### Extra Headers (optional)\n\nObject properties define extra HTTP headers to be sent on the request.\n\n- Add custom User-Agent:\n\n```javascript\nclient.addHttpHeader('User-Agent', `CustomUserAgent`);\n```\n\n#### Alternative method call using callback-last pattern\n\nTo align method call signature with node' standard callback-last patter and event allow promisification of method calls, the following method signatures are also supported:\n\n```javascript\nclient.MyService.MyPort.MyFunction({ name: 'value' }, options, function (err, result) {\n  // result is a javascript object\n});\n\nclient.MyService.MyPort.MyFunction({ name: 'value' }, options, extraHeaders, function (err, result) {\n  // result is a javascript object\n});\n```\n\n### Overriding the namespace prefix\n\n`node-soap` is still working out some kinks regarding namespaces. If you find that an element is given the wrong namespace prefix in the request body, you can add the prefix to it's name in the containing object. I.E.:\n\n```javascript\nclient.MyService.MyPort.MyFunction(\n  { 'ns1:name': 'value' },\n  function (err, result) {\n    // request body sent with `\u003cns1:name`, regardless of what the namespace should have been.\n  },\n  { timeout: 5000 },\n);\n```\n\n- Remove namespace prefix of param\n\n```javascript\nclient.MyService.MyPort.MyFunction(\n  { ':name': 'value' },\n  function (err, result) {\n    // request body sent with `\u003cname`, regardless of what the namespace should have been.\n  },\n  { timeout: 5000 },\n);\n```\n\n### Client._lastRequest_ - the property that contains last full soap request for client logging\n\n### Client.setEndpoint(url) - overwrite the SOAP service endpoint address\n\n### Client Events\n\nClient instances emit the following events:\n\n### _request_\n\nEmitted before a request is sent. The event handler has the signature `(xml, eid)`.\n\n- _xml_ - The entire Soap request (Envelope) including headers.\n- _eid_ - The exchange id.\n\n### _message_\n\nEmitted before a request is sent, but only the body is passed to the event handler. Useful if you don't want to log /store Soap headers. The event handler has the signature `(message, eid)`.\n\n- _message_ - Soap body contents.\n- _eid_ - The exchange id.\n\n### _soapError_\n\nEmitted when an erroneous response is received. Useful if you want to globally log errors. The event handler has the signature `(error, eid)`.\n\n- _error_ - An error object which also contains the resoponse.\n- _eid_ - The exchange id.\n\n### _response_\n\nEmitted after a response is received. This is emitted for all responses (both success and errors). The event handler has the signature `(body, response, eid)`\n\n- _body_ - The SOAP response body.\n- _response_ - The entire `IncomingMessage` response object.\n- _eid_ - The exchange id.\n\nAn 'exchange' is a request/response couple.\nEvent handlers receive the exchange id in all events.\nThe exchange id is the same for the requests events and the responses events, this way you can use it to retrieve the matching request\nwhen an response event is received.\n\nBy default exchange ids are generated by using node-uuid but you can use options in client calls to pass your own exchange id.\n\nExample :\n\n```javascript\nclient.MyService.MyPort.MyFunction(args, function (err, result) {}, { exchangeId: myExchangeId });\n```\n\n## WSDL\n\nA WSDL instance can also be instantiated directly when you want to (un)marshal\nmessages without doing SOAP calls. This can be used when a WSDL does not contain\nbindings for services (e.g. some Windows Communication Foundation SOAP web\nservices).\n\n## WSDL.constructor(wsdl, baseURL, options):\n\nConstruct a WSDL instance from either the WSDL content or the URL to the WSDL.\n\n#### Parameters\n\n- wsdl: a WSDL string or an URL to the WSDL\n- baseURL: base URL for the SOAP API\n- options: options (see source for details), use `{}` as default.\n\n### wsdl.xmlToObject(xml):\n\nUnmarshal XML to object.\n\n#### Parameters:\n\n- xml: SOAP response (XML) to unmarshal\n\n#### Returns:\n\nObject containing the object types from the xml as keys.\n\n### wsdl.objectToXML(object, typeName, namespacePrefix, namespaceURI, ...):\n\nMarshal an object to XML\n\n#### Parameters:\n\n- object: Object to marshal\n- typeName: type (as per the wsdl) of the object\n- namespacePrefix: namespace prefix\n- namespaceURI: URI of the namespace\n\n#### Returns:\n\nXML representation of object.\n\n#### Example:\n\n```typescript\n// Abstracted from a real use case\nimport { AxiosInstance } from 'axios';\nimport { WSDL } from 'soap';\nimport { IProspectType } from './types';\n\n// A WSDL in a string.\nconst WSDL_CONTENT = \"...\";\n\nconst httpClient: AxiosInstance = /* ... instantiate ... */;\nconst baseURL = 'http://example.org/SoapService.svc';\n\nconst wsdl = new WSDL(WSDL_CONTENT, baseURL, {});\n\nasync function sampleGetCall(): IProspectType | undefined {\n    const res = await httpClient.get(`${baseURL}/GetProspect`);\n\n    const object = wsdl.xmlToObject(res.data);\n\n    if (!object.ProspectType) {\n      // Response did not contain the expected type\n      return undefined;\n    }\n    // Optionally, unwrap and set defaults for some fields\n    // Ensure that the object meets the expected prototype\n    // Finally cast and return the result.\n    return object.ProspectType as IProspectType;\n}\n\nasync function samplePostCall(prospect: IProspectType) {\n  // objectToXML(object, typeName, namespacePrefix, namespaceURI, ...)\n  const objectBody = wsdl.objectToXML(obj, 'ProspectType', '', '');\n  const data = `\u003c?xml version=\"1.0\" ?\u003e${body}`;\n\n  const res = await httpClient.post(`${baseURL}/ProcessProspect`, data);\n  // Optionally, deserialize request and return response status.\n}\n```\n\n## Security\n\n`node-soap` has several default security protocols. You can easily add your own\nas well. The interface is quite simple. Each protocol defines these optional methods:\n\n- `addOptions(options)` - a method that accepts an options arg that is eventually passed directly to `request`.\n- `addHeaders(headers)` - a method that accepts an argument with HTTP headers, to add new ones.\n- `toXML()` - a method that returns a string of XML to be appended to the SOAP headers. Not executed if `postProcess` is also defined.\n- `postProcess(xml, envelopeKey)` - a method that receives the the assembled request XML plus envelope key, and returns a processed string of XML. Executed before `options.postProcess`.\n\n### BasicAuthSecurity\n\n```javascript\nclient.setSecurity(new soap.BasicAuthSecurity('username', 'password'));\n```\n\n### BearerSecurity\n\n```javascript\nclient.setSecurity(new soap.BearerSecurity('token'));\n```\n\n### ClientSSLSecurity\n\n_Note_: If you run into issues using this protocol, consider passing these options\nas default request options to the constructor:\n\n- `rejectUnauthorized: false`\n- `strictSSL: false`\n- `secureOptions: constants.SSL_OP_NO_TLSv1_2` (this is likely needed for node \u003e= 10.0)\n\nIf you want to reuse tls sessions, you can use the option `forever: true`.\n\n```javascript\nclient.setSecurity(\n  new soap.ClientSSLSecurity(\n    '/path/to/key',\n    'path/to/cert',\n    '/path/to/ca-cert' /*or an array of buffer: [fs.readFileSync('/path/to/ca-cert/1', 'utf8'),\n                'fs.readFileSync('/path/to/ca-cert/2', 'utf8')], */,\n    {\n      /*default request options like */\n      // strictSSL: true,\n      // rejectUnauthorized: false,\n      // hostname: 'some-hostname'\n      // secureOptions: constants.SSL_OP_NO_TLSv1_2,\n      // forever: true,\n    },\n  ),\n);\n```\n\n### ClientSSLSecurityPFX\n\n_Note_: If you run into issues using this protocol, consider passing these options\nas default request options to the constructor:\n\n- `rejectUnauthorized: false`\n- `strictSSL: false`\n- `secureOptions: constants.SSL_OP_NO_TLSv1_2` (this is likely needed for node \u003e= 10.0)\n\nIf you want to reuse tls sessions, you can use the option `forever: true`.\n\n```javascript\nclient.setSecurity(\n  new soap.ClientSSLSecurityPFX(\n    '/path/to/pfx/cert', // or a buffer: [fs.readFileSync('/path/to/pfx/cert', 'utf8'),\n    'path/to/optional/passphrase',\n    {\n      /*default request options like */\n      // strictSSL: true,\n      // rejectUnauthorized: false,\n      // hostname: 'some-hostname'\n      // secureOptions: constants.SSL_OP_NO_TLSv1_2,\n      // forever: true,\n    },\n  ),\n);\n```\n\n### WSSecurity\n\n`WSSecurity` implements WS-Security. UsernameToken and PasswordText/PasswordDigest is supported.\n\n```javascript\nvar options = {\n  hasNonce: true,\n  actor: 'actor',\n};\nvar wsSecurity = new soap.WSSecurity('username', 'password', options);\nclient.setSecurity(wsSecurity);\n```\n\nthe `options` object is optional and can contain the following properties:\n\n- `passwordType`: 'PasswordDigest' or 'PasswordText' (default: `'PasswordText'`)\n- `hasTimeStamp`: adds Timestamp element (default: `true`)\n- `hasTokenCreated`: adds Created element (default: `true`)\n- `hasNonce`: adds Nonce element (default: `false`)\n- `mustUnderstand`: adds mustUnderstand=1 attribute to security tag (default: `false`)\n- `actor`: if set, adds Actor attribute with given value to security tag (default: `''`)\n- `appendElement`: A string containing XML element to append to the end of the WSSecurity element. This can be used to add custom elements like certificates or other security tokens (default: `''`)\n\n### WSSecurityCert\n\nWS-Security X509 Certificate support.\n\n```javascript\nvar privateKey = fs.readFileSync(privateKeyPath);\nvar publicKey = fs.readFileSync(publicKeyPath);\nvar password = ''; // optional password\nvar options = {\n  hasTimeStamp: true,\n  additionalReferences: ['wsa:Action', 'wsa:ReplyTo', 'wsa:To'],\n  signerOptions: {\n    prefix: 'ds',\n    attrs: { Id: 'Signature' },\n    existingPrefixes: {\n      wsse: 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd',\n    },\n  },\n};\nvar wsSecurity = new soap.WSSecurityCert(privateKey, publicKey, password, options);\nclient.setSecurity(wsSecurity);\n```\n\nThe `options` object is optional and can contain the following properties:\n\n- `hasTimeStamp`: Includes Timestamp tags (default: `true`)\n- `signatureTransformations`: sets the Reference Transforms Algorithm (default ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#']). Type is a string array\n- `signatureAlgorithm`: set to `http://www.w3.org/2001/04/xmldsig-more#rsa-sha256` to use sha256\n- `digestAlgorithm`: set to `http://www.w3.org/2000/09/xmldsig#sha1` to use sha1 (default `http://www.w3.org/2001/04/xmlenc#sha256`)\n- `additionalReferences` : (optional) Array of Soap headers that need to be signed. This need to be added using `client.addSoapHeader('header')`\n- `excludeReferencesFromSigning`: (Optional) An array of SOAP element names to exclude from signing (e.g., `Body`, `Timestamp`, `To`, `Action`).\n- `signerOptions`: (optional) passes options to the XML Signer package - from (https://github.com/yaronn/xml-crypto)\n  - `existingPrefixes`: (optional) A hash of prefixes and namespaces prefix: namespace that shouldn't be in the signature because they already exist in the xml (default: `{ 'wsse': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' }`)\n  - `prefix`: (optional) Adds this value as a prefix for the generated signature tags.\n  - `attrs`: (optional) A hash of attributes and values attrName: value to add to the signature root node\n  - `idMode`: (optional) either 'wssecurity' to generate wsse-scoped reference Id on \u003cBody\u003e or undefined for an unscoped reference Id\n- `appendElement`: (optional) A string containing XML element to append to the end of the WSSecurity element. This can be used to add custom elements like certificates or other security tokens.\n\n### WSSecurityPlusCert\n\nUse WSSecurity and WSSecurityCert together.\n\n```javascript\nvar wsSecurity = new soap.WSSecurity(/* see WSSecurity above */);\nvar wsSecurityCert = new soap.WSSecurityCert(/* see WSSecurityCert above */);\nvar wsSecurityPlusCert = new soap.WSSecurityPlusCert(wsSecurity, wsSecurityCert);\nclient.setSecurity(wsSecurityPlusCert);\n```\n\n#### Option examples\n\n`hasTimeStamp:true`\n\n```xml\n\u003csoap:Header\u003e\n    \u003cwsse:Security soap:mustUnderstand=\"1\"\u003e\n        \u003cwsse:BinarySecurityToken\u003eXXX\u003c/wsse:BinarySecurityToken\u003e\n        \u003c!-- The Timestamp group of tags are added and signed --\u003e\n        \u003cTimestamp xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" Id=\"Timestamp\"\u003e\n            \u003cCreated\u003e2019-10-01T08:17:50Z\u003c/Created\u003e\n            \u003cExpires\u003e2019-10-01T08:27:50Z\u003c/Expires\u003e\n        \u003c/Timestamp\u003e\n        \u003cSignature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\n            \u003cSignedInfo\u003e\n                ...\n                \u003cReference URI=\"#Timestamp\"\u003e\n                    \u003cTransforms\u003e\n                        \u003cTransform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/\u003e\n                        \u003cTransform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\n                    \u003c/Transforms\u003e\n                    \u003cDigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/\u003e\n                    \u003cDigestValue\u003eXyZ=\u003c/DigestValue\u003e\n                \u003c/Reference\u003e\n            \u003c/SignedInfo\u003e\n        \u003c/Signature\u003e\n    \u003c/wsse:Security\u003e\n\u003c/soap:Header\u003e\n```\n\n`additionalReferences: ['To']`\n\n```XML\n\u003csoap:Header\u003e\n    \u003cTo Id=\"To\"\u003elocalhost.com\u003c/To\u003e\n    \u003cwsse:Security soap:mustUnderstand=\"1\"\u003e\n        \u003cwsse:BinarySecurityToken\u003eXXX\u003c/wsse:BinarySecurityToken\u003e\n        \u003cSignature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\n            \u003cSignedInfo\u003e\n                \u003cCanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\n                \u003cSignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/\u003e\n                \u003c!-- The \"To\" tag is signed and added as a reference --\u003e\n                \u003cReference URI=\"#To\"\u003e\n                    \u003cTransforms\u003e\n                        \u003cTransform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/\u003e\n                        \u003cTransform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\n                    \u003c/Transforms\u003e\n                    \u003cDigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/\u003e\n                    \u003cDigestValue\u003eXYZ\u003c/DigestValue\u003e\n                \u003c/Reference\u003e\n            \u003c/SignedInfo\u003e\n            \u003cSignatureValue\u003e\n                Rf6M4F4puQuQHJIPtJz1CZIVvF3qOdpEEcuAiooWkX5ecnAHSf3RW3sOIzFUWW7VOOncJcts/3xr8DuN4+8Wm9hx1MoOcWJ6kyRIdVNbQWLseIcAhxYCntRY57T2TBXzpb0UPA56pry1+TEcnIQXhdIzG5YT+tTVTp+SZHHcnlP5Y+yqnIOH9wzgRvAovbydTYPCODF7Ana9K/7CSGDe7vpVT85CUYUcJE4DfTxaRa9gKkKrBdPN9vFVi0WfxtMF4kv23cZRCZzS5+CoLfPlx3mq65gVXsqH01RLbktNJq9VaQKcZUgapmUCMzrYhqyzUQJ8HrSHqe+ya2GsjlB0VQ==\n            \u003c/SignatureValue\u003e\n            \u003cKeyInfo\u003e\n                \u003cwsse:SecurityTokenReference\n                        xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"\u003e\n                    \u003cwsse:Reference URI=\"#x509-c5c0d213676f4a6ba5e6fa58074eb57a\"\n                                    ValueType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3\"/\u003e\n                \u003c/wsse:SecurityTokenReference\u003e\n            \u003c/KeyInfo\u003e\n        \u003c/Signature\u003e\n    \u003c/wsse:Security\u003e\n\u003c/soap:Header\u003e\n```\n\n`signerOptions.prefix:'ds'`\n\n```XML\n\u003csoap:Header\u003e\n    \u003cTo Id=\"To\"\u003elocalhost.com\u003c/To\u003e\n    \u003cwsse:Security soap:mustUnderstand=\"1\"\u003e\n        \u003cwsse:BinarySecurityToken\u003eXXX\u003c/wsse:BinarySecurityToken\u003e\n        \u003c!-- Signature and children tags are given the prefix defined. --\u003e\n        \u003cds:Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\n            \u003cds:SignedInfo\u003e\n                \u003cds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\n                \u003cds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/\u003e\n                \u003cds:Reference URI=\"#To\"\u003e\n                    \u003cds:Transforms\u003e\n                        \u003cds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/\u003e\n                        \u003cds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\n                    \u003c/ds:Transforms\u003e\n                    \u003cds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/\u003e\n                    \u003cds:DigestValue\u003eXYZ\u003c/DigestValue\u003e\n                \u003c/ds:Reference\u003e\n            \u003c/ds:SignedInfo\u003e\n            \u003cds:SignatureValue\u003e\n                Rf6M4F4puQuQHJIPtJz1CZIVvF3qOdpEEcuAiooWkX5ecnAHSf3RW3sOIzFUWW7VOOncJcts/3xr8DuN4+8Wm9hx1MoOcWJ6kyRIdVNbQWLseIcAhxYCntRY57T2TBXzpb0UPA56pry1+TEcnIQXhdIzG5YT+tTVTp+SZHHcnlP5Y+yqnIOH9wzgRvAovbydTYPCODF7Ana9K/7CSGDe7vpVT85CUYUcJE4DfTxaRa9gKkKrBdPN9vFVi0WfxtMF4kv23cZRCZzS5+CoLfPlx3mq65gVXsqH01RLbktNJq9VaQKcZUgapmUCMzrYhqyzUQJ8HrSHqe+ya2GsjlB0VQ==\n            \u003c/ds:SignatureValue\u003e\n            \u003cds:KeyInfo\u003e\n                \u003cwsse:SecurityTokenReference\n                        xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"\u003e\n                    \u003cwsse:Reference URI=\"#x509-c5c0d213676f4a6ba5e6fa58074eb57a\"\n                                    ValueType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3\"/\u003e\n                \u003c/wsse:SecurityTokenReference\u003e\n            \u003c/ds:KeyInfo\u003e\n        \u003c/ds:Signature\u003e\n    \u003c/wsse:Security\u003e\n\u003c/soap:Header\u003e\n```\n\n`signerOptions.attrs:{ Id: 'signature-100', foo:'bar'}`\n\n```xml\n\u003csoap:Header\u003e\n    \u003cwsse:Security soap:mustUnderstand=\"1\"\u003e\n        \u003cwsse:BinarySecurityToken\u003eXXX\u003c/wsse:BinarySecurityToken\u003e\n        \u003c!-- The Timestamp group of tags are added and signed --\u003e\n        \u003cTimestamp xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" Id=\"Timestamp\"\u003e\n            \u003cCreated\u003e2019-10-01T08:17:50Z\u003c/Created\u003e\n            \u003cExpires\u003e2019-10-01T08:27:50Z\u003c/Expires\u003e\n        \u003c/Timestamp\u003e\n        \u003cSignature Id=\"signature-100\" foo=\"bar\" xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\n            \u003cSignedInfo\u003e\n                ...\n                \u003cReference URI=\"#Timestamp\"\u003e\n                    \u003cTransforms\u003e\n                        \u003cTransform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/\u003e\n                        \u003cTransform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\n                    \u003c/Transforms\u003e\n                    \u003cDigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/\u003e\n                    \u003cDigestValue\u003eXyZ=\u003c/DigestValue\u003e\n                \u003c/Reference\u003e\n            \u003c/SignedInfo\u003e\n        \u003c/Signature\u003e\n    \u003c/wsse:Security\u003e\n\u003c/soap:Header\u003e\n```\n\n`appendElement: '\u003ccustom:Element\u003etest\u003c/custom:Element\u003e'`\n\n```xml\n\u003csoap:Header\u003e\n    \u003cwsse:Security soap:mustUnderstand=\"1\"\u003e\n        \u003cwsse:BinarySecurityToken\u003eXXX\u003c/wsse:BinarySecurityToken\u003e\n        \u003cSignature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\n            \u003cSignedInfo\u003e\n                ...\n            \u003c/SignedInfo\u003e\n        \u003c/Signature\u003e\n        \u003c!-- Custom element is appended to the end of the security block --\u003e\n        \u003ccustom:MyCustomElement xmlns:custom=\"http://example.com/custom\"\u003e\n          foo\n        \u003c/custom:MyCustomElement\u003e\n    \u003c/wsse:Security\u003e\n\u003c/soap:Header\u003e\n```\n\n### WSSecurityCertWithToken\n\nWS-Security X509 Certificate support. Just like WSSecurityCert, except that it accepts the input properties as a single object, with two properties added `username` and `password`. Which if added, will add a UsernameToken Element to the xml security element.\n\n```xml\n\u003cwsse:UsernameToken\u003e\n  \u003cwsse:Username\u003esomeusername\u003c/wsse:Username\u003e\n  \u003cwsse:Password\u003esomeusername's password\u003c/wsse:Password\u003e\n\u003c/wsse:UsernameToken\u003e\n```\n\n### NTLMSecurity\n\nParameter invocation:\n\n```javascript\nclient.setSecurity(new soap.NTLMSecurity('username', 'password', 'domain', 'workstation'));\n```\n\nThis can also be set up with a JSON object, substituting values as appropriate, for example:\n\n```javascript\nvar loginData = { username: 'username', password: 'password', domain: 'domain', workstation: 'workstation' };\nclient.setSecurity(new soap.NTLMSecurity(loginData));\n```\n\n## Handling XML Attributes, Value and XML (wsdlOptions).\n\nSometimes it is necessary to override the default behaviour of `node-soap` in order to deal with the special requirements\nof your code base or a third library you use. Therefore you can use the `wsdlOptions` Object, which is passed in the\n`#createClient()` method and could have any (or all) of the following contents:\n\n```javascript\nvar wsdlOptions = {\n  attributesKey: 'theAttrs',\n  valueKey: 'theVal',\n  xmlKey: 'theXml',\n};\n```\n\nIf nothing (or an empty Object `{}`) is passed to the `#createClient()` method, the `node-soap` defaults (`attributesKey: 'attributes'`, `valueKey: '$value'` and `xmlKey: '$xml'`) are used.\n\n### Overriding the `value` key\n\nBy default, `node-soap` uses `$value` as the key for any parsed XML value which may interfere with your other code as it\ncould be some reserved word, or the `$` in general cannot be used for a key to start with.\n\nYou can define your own `valueKey` by passing it in the `wsdl_options` to the createClient call:\n\n```javascript\nvar wsdlOptions = {\n  valueKey: 'theVal',\n};\n\nsoap.createClient(__dirname + '/wsdl/default_namespace.wsdl', wsdlOptions, function (err, client) {\n  // your code\n});\n```\n\n### Overriding the `xml` key\n\nBy default, `node-soap` uses `$xml` as the key to pass through an XML string as is; without parsing or namespacing it. It overrides all the other content that the node might have otherwise had.\n\nFor example :\n\n```javascript\n{\n  dom: {\n    nodeone: {\n      $xml: '\u003cparentnode type=\"type\"\u003e\u003cchildnode\u003e\u003c/childnode\u003e\u003c/parentnode\u003e',\n      siblingnode: 'Cant see me.'\n    },\n    nodetwo: {\n      parentnode: {\n        attributes: {\n          type: 'type'\n        },\n        childnode: ''\n      }\n    }\n  }\n};\n```\n\ncould become\n\n```xml\n\u003ctns:dom\u003e\n  \u003ctns:nodeone\u003e\n    \u003cparentnode type=\"type\"\u003e\n      \u003cchildnode\u003e\u003c/childnode\u003e\n    \u003c/parentnode\u003e\n  \u003c/tns:nodeone\u003e\n  \u003ctns:nodetwo\u003e\n    \u003ctns:parentnode type=\"type\"\u003e\n      \u003ctns:childnode\u003e\u003c/tns:childnode\u003e\n    \u003c/tns:parent\u003e\n  \u003c/tns:nodetwo\u003e\n\u003c/tns:dom\u003e\n```\n\nYou can define your own `xmlKey` by passing it in the `wsdl_options` object to the createClient call:\n\n```javascript\nvar wsdlOptions = {\n  xmlKey: 'theXml',\n};\n\nsoap.createClient(__dirname + '/wsdl/default_namespace.wsdl', wsdlOptions, function (err, client) {\n  // your code\n});\n```\n\n### Overriding the `attributes` key\n\nBy default, `node-soap` uses `attributes` as the key to define a nodes attributes.\n\n```javascript\n{\n  parentnode: {\n    childnode: {\n      attributes: {\n        name: 'childsname'\n      },\n      $value: 'Value'\n    }\n  }\n}\n```\n\ncould become\n\n```xml\n\u003cparentnode\u003e\n  \u003cchildnode name=\"childsname\"\u003eValue\u003c/childnode\u003e\n\u003c/parentnode\u003e\n```\n\nHowever, `attributes` may be a reserved key for some systems that actually want a node called `attributes`\n\n```xml\n\u003cattributes\u003e\n\u003c/attributes\u003e\n```\n\nYou can define your own `attributesKey` by passing it in the `wsdl_options` object to the createClient call:\n\n```javascript\nvar wsdlOptions = {\n  attributesKey: '$attributes',\n};\n\nsoap.createClient(__dirname + '/wsdl/default_namespace.wsdl', wsdlOptions, function (err, client) {\n  client.method({\n    parentnode: {\n      childnode: {\n        $attributes: {\n          name: 'childsname',\n        },\n        $value: 'Value',\n      },\n    },\n  });\n});\n```\n\n### Overriding imports relative paths\n\nBy default, WSDL and schema files import other schemas and types using relative paths.\n\nHowever in some systems (i.e. NetSuite) when the wsdl is downloaded for offline caching, all files are flattened under a single directory and all the imports fail.\nPassing this option allows `node-soap` to correctly load all files.\n\n```javascript\nvar options ={\n    wsdl_options = { fixedPath: true }\n};\nsoap.createClient(__dirname+'/wsdl/fixedPath/netsuite.wsdl', options, function(err, client) {\n    // your code\n});\n```\n\n### Overriding import locations\n\nYou can override the URIs or paths of imports in the WSDL by specifying a `overrideImportLocation` function in the WSDL options.\n\n```javascript\nconst options ={\n    wsdl_options = {\n        overrideImportLocation: (location) =\u003e {\n          return 'https://127.0.0.1/imported-service.wsdl';\n        }\n    }\n};\nsoap.createClient('https://127.0.0.1/service.wsdl', options, function(err, client) {\n    // your code\n});\n```\n\n### Specifying the exact namespace definition of the root element\n\nIn rare cases, you may want to precisely control the namespace definition that is included in the root element.\n\nYou can specify the namespace definitions by setting the `overrideRootElement` key in the `wsdlOptions` like so:\n\n```javascript\nvar wsdlOptions = {\n  overrideRootElement: {\n    namespace: 'xmlns:tns',\n    xmlnsAttributes: [\n      {\n        name: 'xmlns:ns2',\n        value: 'http://tempuri.org/',\n      },\n      {\n        name: 'xmlns:ns3',\n        value: 'http://sillypets.com/xsd',\n      },\n    ],\n  },\n};\n```\n\nTo see it in practice, have a look at the sample files in: [test/request-response-samples/addPets\\_\\_force_namespaces](https://github.com/vpulim/node-soap/tree/master/test/request-response-samples/addPets__force_namespaces)\n\n### Overriding element key specification in XML\n\nIn very rare cases ([external implementation isn't matching exactly the WSDL spec?](https://github.com/vpulim/node-soap/pull/1189)),\nyou may want to override element XML keys in requests and/or responses.\n\nYou can specify the key definitions by setting the `overrideElementKey` key in the `wsdlOptions` like so:\n\n```javascript\nvar wsdlOptions = {\n  overrideElementKey: {\n    Nom: 'Name',\n    Commande: 'Order',\n    SillyResponse: 'DummyResponse'\n  };\n};\n```\n\nTest sample files covering this are in [test/request-response-samples/Dummy\\_\\_ref_element_should_have_correct_namespace_with_overrideElementKey](https://github.com/vpulim/node-soap/tree/master/test/request-response-samples/Dummy__ref_element_should_have_correct_namespace_with_overrideElementKey)\n\n### Custom Deserializer\n\nSometimes it's useful to handle deserialization in your code instead of letting node-soap do it.\nFor example if the soap response contains dates that are not in a format recognized by javascript, you might want to use your own function to handle them.\n\nTo do so, you can pass a `customDeserializer` object in `options`. The properties of this object are the types that your deserializer handles itself.\n\nExample :\n\n```javascript\n\n   var wsdlOptions = {\n     customDeserializer: {\n\n       // this function will be used to any date found in soap responses\n       date: function (text, context) {\n         /* text is the value of the xml element.\n           context contains the name of the xml element and other infos :\n             {\n                 name: 'lastUpdatedDate',\n                 object: {},\n                 schema: 'xsd:date',\n                 id: undefined,\n                 nil: false\n             }\n\n          */\n         return text;\n       }\n     }\n   };\n\n   soap.createClient(__dirname + '/wsdl/default_namespace.wsdl', wsdlOptions, function (err, client) {\n     ...\n   });\n\n```\n\n### Changing the tag formats to use self-closing (empty element) tags\n\nThe XML specification specifies that there is no semantic difference between `\u003cTag\u003e\u003c/Tag\u003e` and `\u003cTag /\u003e`, and node-soap defaults to using the `\u003cTag\u003e\u003c/Tag\u003e` format. But if your web service is particular, or if there is a stylistic preference, the `useEmptyTag` option causes tags with no contents to use the `\u003cTag /\u003e` format instead.\n\n```javascript\nvar wsdlOptions = {\n  useEmptyTag: true,\n};\n```\n\nFor example: `{ MyTag: { attributes: { MyAttr: 'value' } } }` is:\n\n- **Without useEmptyTag**: `\u003cMyTag MyAttr=\"value\"\u003e\u003c/MyTag\u003e`\n- **With useEmptyTag set to true**: `\u003cMyTag MyAttr=\"value\" /\u003e`\n\n## Handling \"ignored\" namespaces\n\nIf an Element in a `schema` definition depends on an Element which is present in the same namespace, normally the `tns:`\nnamespace prefix is used to identify this Element. This is not much of a problem as long as you have just one `schema` defined\n(inline or in a separate file). If there are more `schema` files, the `tns:` in the generated `soap` file resolved mostly to the parent `wsdl` file,\nwhich was obviously wrong.\n\n`node-soap` now handles namespace prefixes which shouldn't be resolved (because it's not necessary) as so called `ignoredNamespaces`\nwhich default to an Array of 3 Strings (`['tns', 'targetNamespace', 'typedNamespace']`).\n\nIf this is not sufficient for your purpose you can easily add more namespace prefixes to this Array, or override it in its entirety\nby passing an `ignoredNamespaces` object within the `options` you pass in `soap.createClient()` method.\n\nA simple `ignoredNamespaces` object, which only adds certain namespaces could look like this:\n\n```\nvar options = {\n  ignoredNamespaces: {\n    namespaces: ['namespaceToIgnore', 'someOtherNamespace']\n  }\n}\n```\n\nThis would extend the `ignoredNamespaces` of the `WSDL` processor to `['tns', 'targetNamespace', 'typedNamespace', 'namespaceToIgnore', 'someOtherNamespace']`.\n\nIf you want to override the default ignored namespaces you would simply pass the following `ignoredNamespaces` object within the `options`:\n\n```\nvar options = {\n    ignoredNamespaces: {\n      namespaces: ['namespaceToIgnore', 'someOtherNamespace'],\n      override: true\n    }\n  }\n```\n\nThis would override the default `ignoredNamespaces` of the `WSDL` processor to `['namespaceToIgnore', 'someOtherNamespace']`. (This shouldn't be necessary, anyways).\n\n## Handling \"ignoreBaseNameSpaces\" attribute\n\nIf an Element in a `schema` definition depends has a basenamespace defined but the request does not need that value, for example you have a \"sentJob\" with basenamespace \"v20\"\nbut the request need only: \u003csendJob\u003e set in the tree structure, you need to set the ignoreBaseNameSpaces to true. This is set because in a lot of workaround the wsdl structure is not correctly\nset or the webservice bring errors.\n\nBy default the attribute is set to true.\nAn example to use:\n\nA simple `ignoredNamespaces` object, which only adds certain namespaces could look like this:\n\n```\nvar options = {\nignoredNamespaces: true\n}\n```\n\n## Contributors\n\n- Author: [Vinay Pulim](https://github.com/vpulim)\n- Active maintainers:\n  - [Vasily Martynov](https://github.com/w666)\n- Previous maintainers (not active for a long time):\n  - [Joe Spencer](https://github.com/jsdevel)\n  - [Heinz Romirer](https://github.com/herom)\n- [All Contributors](https://github.com/vpulim/node-soap/graphs/contributors)\n\n[downloads-image]: http://img.shields.io/npm/dm/soap.svg\n[npm-url]: https://npmjs.org/package/soap\n[npm-image]: http://img.shields.io/npm/v/soap.svg\n[coveralls-url]: https://coveralls.io/r/vpulim/node-soap\n[coveralls-image]: http://img.shields.io/coveralls/vpulim/node-soap/master.svg\n[buy-me-a-coffee-url]: https://coff.ee/vasily.m\n[buy-me-a-coffee-image]: https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png\n","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvpulim%2Fnode-soap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvpulim%2Fnode-soap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvpulim%2Fnode-soap/lists"}