Improved Feat/wsse auth (#3172)

* adding wsse auth logic * adding wsse auth logic to electron * adding wsse auth formatting * Refactoring WSSE 'secret' to 'password' * Incorporating PR feedback * Removed unused packages from package.json * Fixed issue caused when resolving merge conflicts and added new route to test wsse * Removed deprecated package usages from bruno-cli * Fixed tests --------- Co-authored-by: dwolter-emarsys <dylan.wolter@emarsys.com>
2024-11-21 15:33:11 +01:00 · 2024-09-23 17:46:31 +05:30 · 2024-09-23 17:46:31 +05:30 · 4d820af4e0
commit 4d820af4e0
parent bebb18fc99
26 changed files with 447 additions and 13 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -18862,4 +18862,4 @@
      }
    }
  }
-}
+}
--- a/packages/bruno-app/src/components/CollectionSettings/Auth/AuthMode/index.js
+++ b/packages/bruno-app/src/components/CollectionSettings/Auth/AuthMode/index.js
@ -52,6 +52,15 @@ const AuthMode = ({ collection }) => {
          >
            Basic Auth
          </div>
          <div
            className="dropdown-item"
            onClick={() => {
              dropdownTippyRef.current.hide();
              onModeChange('wsse');
            }}
          >
            WSSE Auth
          </div>
          <div
            className="dropdown-item"
            onClick={() => {
--- a/packages/bruno-app/src/components/CollectionSettings/Auth/WsseAuth/StyledWrapper.js
+++ b/packages/bruno-app/src/components/CollectionSettings/Auth/WsseAuth/StyledWrapper.js
@ -0,0 +1,16 @@
 import styled from 'styled-components';
 const Wrapper = styled.div`
  label {
    font-size: 0.8125rem;
  }
  .single-line-editor-wrapper {
    padding: 0.15rem 0.4rem;
    border-radius: 3px;
    border: solid 1px ${(props) => props.theme.input.border};
    background-color: ${(props) => props.theme.input.bg};
  }
 `;
 export default Wrapper;
--- a/packages/bruno-app/src/components/CollectionSettings/Auth/WsseAuth/index.js
+++ b/packages/bruno-app/src/components/CollectionSettings/Auth/WsseAuth/index.js
@ -0,0 +1,71 @@
 import React from 'react';
 import get from 'lodash/get';
 import { useTheme } from 'providers/Theme';
 import { useDispatch } from 'react-redux';
 import SingleLineEditor from 'components/SingleLineEditor';
 import { updateCollectionAuth } from 'providers/ReduxStore/slices/collections';
 import { saveCollectionRoot } from 'providers/ReduxStore/slices/collections/actions';
 import StyledWrapper from './StyledWrapper';
 const WsseAuth = ({ collection }) => {
  const dispatch = useDispatch();
  const { storedTheme } = useTheme();
  const wsseAuth = get(collection, 'root.request.auth.wsse', {});
  const handleSave = () => dispatch(saveCollectionRoot(collection.uid));
  const handleUserChange = (username) => {
    dispatch(
      updateCollectionAuth({
        mode: 'wsse',
        collectionUid: collection.uid,
        content: {
          username,
          password: wsseAuth.password
        }
      })
    );
  };
  const handlePasswordChange = (password) => {
    dispatch(
      updateCollectionAuth({
        mode: 'wsse',
        collectionUid: collection.uid,
        content: {
          username: wsseAuth.username,
          password
        }
      })
    );
  };
  return (
    <StyledWrapper className="mt-2 w-full">
      <label className="block font-medium mb-2">Username</label>
      <div className="single-line-editor-wrapper mb-2">
        <SingleLineEditor
          value={wsseAuth.username || ''}
          theme={storedTheme}
          onSave={handleSave}
          onChange={(val) => handleUserChange(val)}
          collection={collection}
        />
      </div>
      <label className="block font-medium mb-2">Password</label>
      <div className="single-line-editor-wrapper">
        <SingleLineEditor
          value={wsseAuth.password || ''}
          theme={storedTheme}
          onSave={handleSave}
          onChange={(val) => handlePasswordChange(val)}
          collection={collection}
        />
      </div>
    </StyledWrapper>
  );
 };
 export default WsseAuth;
--- a/packages/bruno-app/src/components/CollectionSettings/Auth/index.js
+++ b/packages/bruno-app/src/components/CollectionSettings/Auth/index.js
@ -6,6 +6,7 @@ import AwsV4Auth from './AwsV4Auth';
 import BearerAuth from './BearerAuth';
 import BasicAuth from './BasicAuth';
 import DigestAuth from './DigestAuth';
 import WsseAuth from './WsseAuth';
 import ApiKeyAuth from './ApiKeyAuth/';
 import { saveCollectionRoot } from 'providers/ReduxStore/slices/collections/actions';
 import StyledWrapper from './StyledWrapper';
@ -34,6 +35,9 @@ const Auth = ({ collection }) => {
      case 'oauth2': {
        return <OAuth2 collection={collection} />;
      }
      case 'wsse': {
        return <WsseAuth collection={collection} />;
      }
      case 'apikey': {
        return <ApiKeyAuth collection={collection} />;
      }
--- a/packages/bruno-app/src/components/RequestPane/Auth/AuthMode/index.js
+++ b/packages/bruno-app/src/components/RequestPane/Auth/AuthMode/index.js
@ -30,7 +30,6 @@ const AuthMode = ({ item, collection }) => {
      })
    );
  };
  return (
    <StyledWrapper>
      <div className="inline-flex items-center cursor-pointer auth-mode-selector">
@ -80,6 +79,15 @@ const AuthMode = ({ item, collection }) => {
          >
            OAuth 2.0
          </div>
          <div
            className="dropdown-item"
            onClick={() => {
              dropdownTippyRef?.current?.hide();
              onModeChange('wsse');
            }}
          >
            WSSE Auth
          </div>
          <div
            className="dropdown-item"
            onClick={() => {
--- a/packages/bruno-app/src/components/RequestPane/Auth/WsseAuth/StyledWrapper.js
+++ b/packages/bruno-app/src/components/RequestPane/Auth/WsseAuth/StyledWrapper.js
@ -0,0 +1,17 @@
 import styled from 'styled-components';
 const Wrapper = styled.div`
  label {
    font-size: 0.8125rem;
  }
  .single-line-editor-wrapper {
    max-width: 400px;
    padding: 0.15rem 0.4rem;
    border-radius: 3px;
    border: solid 1px ${(props) => props.theme.input.border};
    background-color: ${(props) => props.theme.input.bg};
  }
 `;
 export default Wrapper;
--- a/packages/bruno-app/src/components/RequestPane/Auth/WsseAuth/index.js
+++ b/packages/bruno-app/src/components/RequestPane/Auth/WsseAuth/index.js
@ -0,0 +1,76 @@
 import React from 'react';
 import get from 'lodash/get';
 import { useTheme } from 'providers/Theme';
 import { useDispatch } from 'react-redux';
 import SingleLineEditor from 'components/SingleLineEditor';
 import { updateAuth } from 'providers/ReduxStore/slices/collections';
 import { sendRequest, saveRequest } from 'providers/ReduxStore/slices/collections/actions';
 import StyledWrapper from './StyledWrapper';
 const WsseAuth = ({ item, collection }) => {
  const dispatch = useDispatch();
  const { storedTheme } = useTheme();
  const wsseAuth = item.draft ? get(item, 'draft.request.auth.wsse', {}) : get(item, 'request.auth.wsse', {});
  const handleRun = () => dispatch(sendRequest(item, collection.uid));
  const handleSave = () => dispatch(saveRequest(item.uid, collection.uid));
  const handleUserChange = (username) => {
    dispatch(
      updateAuth({
        mode: 'wsse',
        collectionUid: collection.uid,
        itemUid: item.uid,
        content: {
          username,
          password: wsseAuth.password
        }
      })
    );
  };
  const handlePasswordChange = (password) => {
    dispatch(
      updateAuth({
        mode: 'wsse',
        collectionUid: collection.uid,
        itemUid: item.uid,
        content: {
          username: wsseAuth.username,
          password
        }
      })
    );
  };
  return (
    <StyledWrapper className="mt-2 w-full">
      <label className="block font-medium mb-2">Username</label>
      <div className="single-line-editor-wrapper mb-2">
        <SingleLineEditor
          value={wsseAuth.username || ''}
          theme={storedTheme}
          onSave={handleSave}
          onChange={(val) => handleUserChange(val)}
          onRun={handleRun}
          collection={collection}
        />
      </div>
      <label className="block font-medium mb-2">Password</label>
      <div className="single-line-editor-wrapper">
        <SingleLineEditor
          value={wsseAuth.password || ''}
          theme={storedTheme}
          onSave={handleSave}
          onChange={(val) => handlePasswordChange(val)}
          onRun={handleRun}
          collection={collection}
        />
      </div>
    </StyledWrapper>
  );
 };
 export default WsseAuth;
--- a/packages/bruno-app/src/components/RequestPane/Auth/index.js
+++ b/packages/bruno-app/src/components/RequestPane/Auth/index.js
@ -5,6 +5,7 @@ import AwsV4Auth from './AwsV4Auth';
 import BearerAuth from './BearerAuth';
 import BasicAuth from './BasicAuth';
 import DigestAuth from './DigestAuth';
 import WsseAuth from './WsseAuth';
 import ApiKeyAuth from './ApiKeyAuth';
 import StyledWrapper from './StyledWrapper';
 import { humanizeRequestAuthMode } from 'utils/collections/index';
@ -33,6 +34,9 @@ const Auth = ({ item, collection }) => {
      case 'oauth2': {
        return <OAuth2 collection={collection} item={item} />;
      }
      case 'wsse': {
        return <WsseAuth collection={collection} item={item} />;
      }
      case 'apikey': {
        return <ApiKeyAuth collection={collection} item={item} />;
      }
--- a/packages/bruno-app/src/providers/ReduxStore/slices/collections/index.js
+++ b/packages/bruno-app/src/providers/ReduxStore/slices/collections/index.js
@ -477,6 +477,10 @@ export const collectionsSlice = createSlice({
              item.draft.request.auth.mode = 'oauth2';
              item.draft.request.auth.oauth2 = action.payload.content;
              break;
            case 'wsse':
              item.draft.request.auth.mode = 'wsse';
              item.draft.request.auth.wsse = action.payload.content;
              break;
            case 'apikey':
              item.draft.request.auth.mode = 'apikey';
              item.draft.request.auth.apikey = action.payload.content;
@ -1141,6 +1145,9 @@ export const collectionsSlice = createSlice({
          case 'oauth2':
            set(collection, 'root.request.auth.oauth2', action.payload.content);
            break;
          case 'wsse':
            set(collection, 'root.request.auth.wsse', action.payload.content);
            break;
          case 'apikey':
            set(collection, 'root.request.auth.apikey', action.payload.content);
            break;
--- a/packages/bruno-app/src/utils/collections/index.js
+++ b/packages/bruno-app/src/utils/collections/index.js
@ -379,7 +379,12 @@ export const transformCollectionToSaveToExportAsFile = (collection, options = {}
              placement: get(si.request, 'auth.apikey.placement', 'header')
            };
            break;
-
+          case 'wsse':
            di.request.auth.wsse = {
              username: get(si.request, 'auth.wsse.username', ''),
              password: get(si.request, 'auth.wsse.password', '')
            };
            break;
          default:
            break;
        }
@ -669,6 +674,10 @@ export const humanizeRequestAuthMode = (mode) => {
      label = 'OAuth 2.0';
      break;
    }
    case 'wsse': {
      label = 'WSSE Auth';
      break;
    }
    case 'apikey': {
      label = 'API Key';
      break;
--- a/packages/bruno-cli/src/runner/prepare-request.js
+++ b/packages/bruno-cli/src/runner/prepare-request.js
@ -2,6 +2,7 @@ const { get, each, filter } = require('lodash');
 const fs = require('fs');
 var JSONbig = require('json-bigint');
 const decomment = require('decomment');
 const crypto = require('node:crypto');
 const prepareRequest = (request, collectionRoot) => {
  const headers = {};
@ -69,6 +70,24 @@ const prepareRequest = (request, collectionRoot) => {
    if (request.auth.mode === 'bearer') {
      axiosRequest.headers['Authorization'] = `Bearer ${get(request, 'auth.bearer.token')}`;
    }
    if (request.auth.mode === 'wsse') {
      const username = get(request, 'auth.wsse.username', '');
      const password = get(request, 'auth.wsse.password', '');
      const ts = new Date().toISOString();
      const nonce = crypto.randomBytes(16).toString('base64');
      // Create the password digest using SHA-256
      const hash = crypto.createHash('sha256');
      hash.update(nonce + ts + password);
      const digest = hash.digest('base64');
      // Construct the WSSE header
      axiosRequest.headers[
        'X-WSSE'
      ] = `UsernameToken Username="${username}", PasswordDigest="${digest}", Created="${ts}", Nonce="${nonce}"`;
    }
  }
  request.body = request.body || {};
--- a/packages/bruno-electron/src/ipc/network/interpolate-vars.js
+++ b/packages/bruno-electron/src/ipc/network/interpolate-vars.js
@ -215,6 +215,12 @@ const interpolateVars = (request, envVariables = {}, runtimeVariables = {}, proc
    request.digestConfig.password = _interpolate(request.digestConfig.password) || '';
  }
  // interpolate vars for wsse auth
  if (request.wsse) {
    request.wsse.username = _interpolate(request.wsse.username) || '';
    request.wsse.password = _interpolate(request.wsse.password) || '';
  }
  return request;
 };
--- a/packages/bruno-electron/src/ipc/network/prepare-request.js
+++ b/packages/bruno-electron/src/ipc/network/prepare-request.js
@ -4,6 +4,7 @@ const decomment = require('decomment');
 const FormData = require('form-data');
 const fs = require('fs');
 const path = require('path');
 const crypto = require('node:crypto');
 const { getTreePathFromCollectionToItem } = require('../../utils/collection');
 const { buildFormUrlEncodedPayload } = require('../../utils/common');
@ -218,6 +219,23 @@ const setAuthHeaders = (axiosRequest, request, collectionRoot) => {
          password: get(collectionAuth, 'digest.password')
        };
        break;
      case 'wsse':
        const username = get(request, 'auth.wsse.username', '');
        const password = get(request, 'auth.wsse.password', '');
        const ts = new Date().toISOString();
        const nonce = crypto.randomBytes(16).toString('base64');
        // Create the password digest using SHA-256
        const hash = crypto.createHash('sha256');
        hash.update(nonce + ts + password);
        const digest = hash.digest('base64');
        // Construct the WSSE header
        axiosRequest.headers[
          'X-WSSE'
        ] = `UsernameToken Username="${username}", PasswordDigest="${digest}", Created="${ts}", Nonce="${nonce}"`;
        break;
      case 'apikey':
        const apiKeyAuth = get(collectionAuth, 'apikey');
        if (apiKeyAuth.placement === 'header') {
@ -295,6 +313,23 @@ const setAuthHeaders = (axiosRequest, request, collectionRoot) => {
            break;
        }
        break;
      case 'wsse':
        const username = get(request, 'auth.wsse.username', '');
        const password = get(request, 'auth.wsse.password', '');
        const ts = new Date().toISOString();
        const nonce = crypto.randomBytes(16).toString('base64');
        // Create the password digest using SHA-256
        const hash = crypto.createHash('sha256');
        hash.update(nonce + ts + password);
        const digest = hash.digest('base64');
        // Construct the WSSE header
        axiosRequest.headers[
          'X-WSSE'
        ] = `UsernameToken Username="${username}", PasswordDigest="${digest}", Created="${ts}", Nonce="${nonce}"`;
        break;
      case 'apikey':
        const apiKeyAuth = get(request, 'auth.apikey');
        if (apiKeyAuth.placement === 'header') {
--- a/packages/bruno-js/src/bruno-request.js
+++ b/packages/bruno-js/src/bruno-request.js
@ -43,7 +43,6 @@ class BrunoRequest {
  getMethod() {
    return this.req.method;
  }
  getAuthMode() {
    if (this.req?.oauth2) {
      return 'oauth2';
@ -55,6 +54,8 @@ class BrunoRequest {
      return 'awsv4';
    } else if (this.req?.digestConfig) {
      return 'digest';
    } else if (this.headers?.['X-WSSE'] || this.req?.auth?.username) {
      return 'wsse';
    } else {
      return 'none';
    }
--- a/packages/bruno-lang/v2/src/bruToJson.js
+++ b/packages/bruno-lang/v2/src/bruToJson.js
@ -23,7 +23,7 @@ const { outdentString } = require('../../v1/src/utils');
 */
 const grammar = ohm.grammar(`Bru {
  BruFile = (meta | http | query | params | headers | auths | bodies | varsandassert | script | tests | docs)*
-  auths = authawsv4 | authbasic | authbearer | authdigest | authOAuth2 | authapikey
+  auths = authawsv4 | authbasic | authbearer | authdigest | authOAuth2 | authwsse | authapikey
  bodies = bodyjson | bodytext | bodyxml | bodysparql | bodygraphql | bodygraphqlvars | bodyforms | body
  bodyforms = bodyformurlencoded | bodymultipart
  params = paramspath | paramsquery
@ -88,6 +88,7 @@ const grammar = ohm.grammar(`Bru {
  authbearer = "auth:bearer" dictionary
  authdigest = "auth:digest" dictionary
  authOAuth2 = "auth:oauth2" dictionary
  authwsse = "auth:wsse" dictionary
  authapikey = "auth:apikey" dictionary
  body = "body" st* "{" nl* textblock tagend
@ -484,6 +485,23 @@ const sem = grammar.createSemantics().addAttribute('ast', {
      }
    };
  },
  authwsse(_1, dictionary) {
    const auth = mapPairListToKeyValPairs(dictionary.ast, false);
    const userKey = _.find(auth, { name: 'username' });
    const secretKey = _.find(auth, { name: 'password' });
    const username = userKey ? userKey.value : '';
    const password = secretKey ? secretKey.value : '';
    return {
      auth: {
        wsse: {
          username,
          password
        }
      }
    };
  },
  authapikey(_1, dictionary) {
    const auth = mapPairListToKeyValPairs(dictionary.ast, false);
--- a/packages/bruno-lang/v2/src/collectionBruToJson.js
+++ b/packages/bruno-lang/v2/src/collectionBruToJson.js
@ -4,7 +4,7 @@ const { outdentString } = require('../../v1/src/utils');
 const grammar = ohm.grammar(`Bru {
  BruFile = (meta | query | headers | auth | auths | vars | script | tests | docs)*
-  auths = authawsv4 | authbasic | authbearer | authdigest | authOAuth2 | authapikey
+  auths = authawsv4 | authbasic | authbearer | authdigest | authOAuth2 | authwsse | authapikey
  nl = "\\r"? "\\n"
  st = " " | "\\t"
@ -43,6 +43,7 @@ const grammar = ohm.grammar(`Bru {
  authbearer = "auth:bearer" dictionary
  authdigest = "auth:digest" dictionary
  authOAuth2 = "auth:oauth2" dictionary
  authwsse = "auth:wsse" dictionary
  authapikey = "auth:apikey" dictionary
  script = scriptreq | scriptres
@ -294,6 +295,21 @@ const sem = grammar.createSemantics().addAttribute('ast', {
      }
    };
  },
  authwsse(_1, dictionary) {
    const auth = mapPairListToKeyValPairs(dictionary.ast, false);
    const userKey = _.find(auth, { name: 'username' });
    const secretKey = _.find(auth, { name: 'password' });
    const username = userKey ? userKey.value : '';
    const password = secretKey ? secretKey.value : '';
    return {
      auth: {
        wsse: {
          username,
          password
        }
      }
    }
  }, 
  authapikey(_1, dictionary) {
    const auth = mapPairListToKeyValPairs(dictionary.ast, false);
--- a/packages/bruno-lang/v2/src/jsonToBru.js
+++ b/packages/bruno-lang/v2/src/jsonToBru.js
@ -136,6 +136,15 @@ ${indentString(`username: ${auth?.basic?.username || ''}`)}
 ${indentString(`password: ${auth?.basic?.password || ''}`)}
 }
 `;
  }
  if (auth && auth.wsse) {
    bru += `auth:wsse {
 ${indentString(`username: ${auth?.wsse?.username || ''}`)}
 ${indentString(`password: ${auth?.wsse?.password || ''}`)}
 }
 `;
  }
--- a/packages/bruno-lang/v2/src/jsonToCollectionBru.js
+++ b/packages/bruno-lang/v2/src/jsonToCollectionBru.js
@ -94,6 +94,15 @@ ${indentString(`username: ${auth.basic.username}`)}
 ${indentString(`password: ${auth.basic.password}`)}
 }
 `;
  }
  if (auth && auth.wsse) {
    bru += `auth:wsse {
 ${indentString(`username: ${auth.wsse.username}`)}
 ${indentString(`password: ${auth.wsse.password}`)}
 }
 `;
  }
--- a/packages/bruno-lang/v2/tests/fixtures/collection.bru
+++ b/packages/bruno-lang/v2/tests/fixtures/collection.bru
@ -17,6 +17,11 @@ auth:basic {
  password: secret
 }
 auth:wsse {
  username: john
  password: secret
 }
 auth:bearer {
  token: 123
 }
--- a/packages/bruno-lang/v2/tests/fixtures/collection.json
+++ b/packages/bruno-lang/v2/tests/fixtures/collection.json
@ -31,6 +31,10 @@
    "digest": {
      "username": "john",
      "password": "secret"
    },
    "wsse": {
      "username": "john",
      "password": "secret"
    }
  },
  "vars": {
--- a/packages/bruno-lang/v2/tests/fixtures/request.bru
+++ b/packages/bruno-lang/v2/tests/fixtures/request.bru
@ -40,6 +40,11 @@ auth:basic {
  password: secret
 }
 auth:wsse {
  username: john
  password: secret
 }
 auth:bearer {
  token: 123
 }
--- a/packages/bruno-lang/v2/tests/fixtures/request.json
+++ b/packages/bruno-lang/v2/tests/fixtures/request.json
@ -83,6 +83,10 @@
      "scope": "read write",
      "state": "807061d5f0be",
      "pkce": false
    },
    "wsse": {
      "username": "john",
      "password": "secret"
    }
  },
  "body": {
--- a/packages/bruno-schema/src/collections/index.js
+++ b/packages/bruno-schema/src/collections/index.js
@ -106,6 +106,13 @@ const authBasicSchema = Yup.object({
  .noUnknown(true)
  .strict();
 const authWsseSchema = Yup.object({
  username: Yup.string().nullable(),
  password: Yup.string().nullable()
 })
  .noUnknown(true)
  .strict();
 const authBearerSchema = Yup.object({
  token: Yup.string().nullable()
 })
@ -119,6 +126,14 @@ const authDigestSchema = Yup.object({
  .noUnknown(true)
  .strict();
 const authApiKeySchema = Yup.object({
  key: Yup.string().nullable(),
  value: Yup.string().nullable(),
  placement: Yup.string().oneOf(['header', 'queryparams']).nullable()
 })
  .noUnknown(true)
  .strict();
 const oauth2Schema = Yup.object({
  grantType: Yup.string()
    .oneOf(['client_credentials', 'password', 'authorization_code'])
@ -177,21 +192,16 @@ const oauth2Schema = Yup.object({
  .noUnknown(true)
  .strict();
 const authApiKeySchema = Yup.object({
  key: Yup.string().nullable(),
  value: Yup.string().nullable(),
  placement: Yup.string().oneOf(['header', 'queryparams']).nullable()
 });
 const authSchema = Yup.object({
  mode: Yup.string()
-    .oneOf(['inherit', 'none', 'awsv4', 'basic', 'bearer', 'digest', 'oauth2', 'apikey'])
+    .oneOf(['inherit', 'none', 'awsv4', 'basic', 'bearer', 'digest', 'oauth2', 'wsse', 'apikey'])
    .required('mode is required'),
  awsv4: authAwsV4Schema.nullable(),
  basic: authBasicSchema.nullable(),
  bearer: authBearerSchema.nullable(),
  digest: authDigestSchema.nullable(),
  oauth2: oauth2Schema.nullable(),
  wsse: authWsseSchema.nullable(),
  apikey: authApiKeySchema.nullable()
 })
  .noUnknown(true)
--- a/packages/bruno-tests/src/auth/index.js
+++ b/packages/bruno-tests/src/auth/index.js
@ -3,6 +3,7 @@ const router = express.Router();
 const authBearer = require('./bearer');
 const authBasic = require('./basic');
 const authWsse = require('./wsse');
 const authCookie = require('./cookie');
 const authOAuth2PasswordCredentials = require('./oauth2/passwordCredentials');
 const authOAuth2AuthorizationCode = require('./oauth2/authorizationCode');
@ -13,6 +14,7 @@ router.use('/oauth2/authorization_code', authOAuth2AuthorizationCode);
 router.use('/oauth2/client_credentials', authOAuth2ClientCredentials);
 router.use('/bearer', authBearer);
 router.use('/basic', authBasic);
 router.use('/wsse', authWsse);
 router.use('/cookie', authCookie);
 module.exports = router;
--- a/packages/bruno-tests/src/auth/wsse.js
+++ b/packages/bruno-tests/src/auth/wsse.js
@ -0,0 +1,70 @@
 'use strict';
 const express = require('express');
 const router = express.Router();
 const crypto = require('crypto');
 function sha256(data) {
  return crypto.createHash('sha256').update(data).digest('base64');
 }
 function validateWSSE(req, res, next) {
  const wsseHeader = req.headers['x-wsse'];
  if (!wsseHeader) {
    return unauthorized(res, 'WSSE header is missing');
  }
  const regex = /UsernameToken Username="(.+?)", PasswordDigest="(.+?)", (?:Nonce|nonce)="(.+?)", Created="(.+?)"/;
  const matches = wsseHeader.match(regex);
  if (!matches) {
    return unauthorized(res, 'Invalid WSSE header format');
  }
  const [_, username, passwordDigest, nonce, created] = matches;
  const expectedPassword = 'bruno'; // Ideally store in a config or env variable
  const expectedDigest = sha256(nonce + created + expectedPassword);
  if (passwordDigest !== expectedDigest) {
    return unauthorized(res, 'Invalid credentials');
  }
  next();
 }
 // Helper to respond with an unauthorized SOAP fault
 function unauthorized(res, message) {
  const faultResponse = `
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice/">
      <soapenv:Header/>
      <soapenv:Body>
        <soapenv:Fault>
          <faultcode>soapenv:Client</faultcode>
          <faultstring>${message}</faultstring>
        </soapenv:Fault>
      </soapenv:Body>
    </soapenv:Envelope>
  `;
  res.status(401).set('Content-Type', 'text/xml');
  res.send(faultResponse);
 }
 const responses = {
  success: `
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice/">
      <soapenv:Header/>
      <soapenv:Body>
        <web:response>
          <web:result>Success</web:result>
        </web:response>
      </soapenv:Body>
    </soapenv:Envelope>
  `
 };
 router.post('/protected', validateWSSE, (req, res) => {
  res.set('Content-Type', 'text/xml');
  res.send(responses.success);
 });
 module.exports = router;