I was trying to generate a password digest for SOAP messages. Here is
what ended up working for me:
let $nonce := "7xpUL9BJXk07+9bgVCq+Aw=="
let $password-dig := "60OFc22i0MCpRsFnWZw/H5+RrUc="
let $created := "2012-06-06T21:04:58.067Z"
let $password := "test"
return
$password-dig =
xdmp:sha1(
binary{xs:hexBinary(
fn:concat(
binary{xs:hexBinary(xs:base64Binary($nonce))},
binary{xs:hexBinary(xs:base64Binary(xdmp:base64-encode($created)))},
binary{xs:hexBinary(xs:base64Binary(xdmp:base64-encode($password)))})
)}, 'base64')
I wasn't understanding what the casting was doing initially. Thanks
for the responses.
Steve
On Wed, Jun 6, 2012 at 3:11 PM, Michael Blakeley <[email protected]> wrote:
> HTTPS sounds reasonable, but you can do a few more tricks with binary data.
> This might get you there:
>
> xdmp:hex-to-integer(
> string(xs:hexBinary(xs:base64Binary('JxrHeSl2YX4LunZkWKZqog=='))))
>
> The result is an xs:decimal 18446744073709551615 - is that what you need? You
> might want to construct an xs:unsignedLong from it, and use xdmp:not64() and
> its siblings for the math.
>
> -- Mike
>
> On 6 Jun 2012, at 13:53 , Steve Spigarelli wrote:
>
>> So the initial string "JxrHeSl2YX4LunZkWKZqog==" is a base64 encoded
>> nonce from soapUI. It only contains characters that are valid in a
>> base64 world, so Marklogic has no problems with it. It's what happens
>> next when one runs the decode that causes the problems.
>>
>> In order to calculate a SOAP password digest one needs the original
>> nonce (base64 decoded of the base64 encoded nonce), the timestamp and
>> the password. But, in order to base64 decode a nonce with invalid
>> UTF-8 sequences one must use functions that are not available in
>> Marklogic. Casting the original base64 encoded string (that is already
>> valid) to base64 binary then to hexbinary then to a binary document
>> doesn't get me what I need for calling the base64-decode function that
>> expects an xs:string.
>>
>> I think that my colleague will just end up doing simple passwords over
>> https instead of password digest unless there is another way to do
>> this.
>>
>> Steve
>>
>>
>> That function only works with encoded strings, and I think they have
>> to be UTF-8 as well. But try this trick:
>>
>> binary { xs:hexBinary(xs:base64Binary('JxrHeSl2YX4LunZkWKZqog=='))
>>
>> -- Mike
>>
>>
>> On Wed, Jun 6, 2012 at 2:25 PM, Steve Spigarelli <[email protected]> wrote:
>>> How do I tell this code that I don't want it to be UTF-8 encoded?
>>>
>>> xquery version "1.0-ml";
>>>
>>> xdmp:base64-decode('JxrHeSl2YX4LunZkWKZqog==')
>>>
>>> Thanks
>>> Steve
>> _______________________________________________
>> General mailing list
>> [email protected]
>> http://community.marklogic.com/mailman/listinfo/general
>>
>
> _______________________________________________
> General mailing list
> [email protected]
> http://community.marklogic.com/mailman/listinfo/general
_______________________________________________
General mailing list
[email protected]
http://community.marklogic.com/mailman/listinfo/general
