SOAPAction matching errors after upgrade to v2.15.x

[CHTJonas]

Bug report

Upon upgrade from Savon v2.14.0 to Savon v2.15.0, I start getting error messages. Nothing else has changed on my end (the client). The issue is also present in Savon v2.15.1 as well.

Current behavior:

I get this error where previously there was none:

(soap:Client) SOAPAction shall match 'uri#method' if present (got 'urn:sympasoap#login', expected 'urn:sympasoap#loginRequest' (Savon::SOAPFault)

Steps to reproduce current behavior:

Gemfile:

source "https://rubygems.org"
ruby "3.2.2"
gem 'savon', '2.15.0'

Gemfile.lock:

GEM
  remote: https://rubygems.org/
  specs:
    addressable (2.8.7)
      public_suffix (>= 2.0.2, < 7.0)
    akami (1.3.3)
      base64
      gyoku (>= 0.4.0)
      nokogiri
    base64 (0.2.0)
    bigdecimal (3.1.8)
    builder (3.3.0)
    date (3.3.4)
    faraday (2.12.0)
      faraday-net_http (>= 2.0, < 3.4)
      json
      logger
    faraday-net_http (3.3.0)
      net-http
    gyoku (1.4.0)
      builder (>= 2.1.2)
      rexml (~> 3.0)
    httpi (4.0.4)
      base64
      mutex_m
      nkf
      rack (>= 2.0, < 4)
    json (2.7.2)
    logger (1.6.1)
    mail (2.8.1)
      mini_mime (>= 0.1.1)
      net-imap
      net-pop
      net-smtp
    mini_mime (1.1.5)
    mutex_m (0.2.0)
    net-http (0.4.1)
      uri
    net-imap (0.4.16)
      date
      net-protocol
    net-pop (0.1.2)
      net-protocol
    net-protocol (0.2.2)
      timeout
    net-smtp (0.5.0)
      net-protocol
    nkf (0.2.0)
    nokogiri (1.16.7-aarch64-linux)
      racc (~> 1.4)
    nokogiri (1.16.7-arm-linux)
      racc (~> 1.4)
    nokogiri (1.16.7-arm64-darwin)
      racc (~> 1.4)
    nokogiri (1.16.7-x86-linux)
      racc (~> 1.4)
    nokogiri (1.16.7-x86_64-darwin)
      racc (~> 1.4)
    nokogiri (1.16.7-x86_64-linux)
      racc (~> 1.4)
    nori (2.7.1)
      bigdecimal
    public_suffix (6.0.1)
    racc (1.8.1)
    rack (3.1.7)
    rexml (3.3.8)
    savon (2.15.0)
      akami (~> 1.2)
      builder (>= 2.1.2)
      gyoku (~> 1.2)
      httpi (>= 2.4.5, < 5)
      mail (~> 2.5)
      nokogiri (>= 1.8.1)
      nori (~> 2.4)
      wasabi (>= 3.7, < 6)
    timeout (0.4.1)
    uri (0.13.1)
    wasabi (5.0.3)
      addressable
      faraday (>= 1.9, < 3)
      nokogiri (>= 1.13.9)

PLATFORMS
  aarch64-linux
  arm-linux
  arm64-darwin
  x86-linux
  x86_64-darwin
  x86_64-linux

DEPENDENCIES
  savon (= 2.15.0)

RUBY VERSION
   ruby 3.2.2p53

BUNDLED WITH
   2.5.20

Script (run inside bundle exec irb):

require 'savon'
SERVER = 'https://lists.cam.ac.uk/sympa/wsdl'
ATTRIBUTES = { "xmlns:ns0" => "urn:sympasoap" }
client = Savon.client(wsdl: SERVER, env_namespace: 'soap-env', namespace_identifier: 'ns0')
login_msg = { email: ENV['SYMPA_USERNAME'], password: ENV['SYMPA_PASSWORD'] }
response = client.call(:login, message: login_msg, attributes: ATTRIBUTES)

The actual email/password credentials are unimportant. The error can be reproduced with any values in the message. If you do want to test in totality then you go to https://lists.cam.ac.uk/sympa/firstpasswd and create an account.

Expected behavior:

No error thrown (unless you've used nonexistent credentials, in which case an authentication error is expected).

System information:

• Ruby version: 3.2.2
• Savon version: 2.15.0 / 2.15.1 (issue present in both versions)

[CHTJonas]

Here's a version of Savon that works fine.

Gemfile:

source "https://rubygems.org"
ruby "3.2.2"
gem 'savon', '=2.14.0'

Gemfile.lock:

GEM
  remote: https://rubygems.org/
  specs:
    addressable (2.8.7)
      public_suffix (>= 2.0.2, < 7.0)
    akami (1.3.3)
      base64
      gyoku (>= 0.4.0)
      nokogiri
    base64 (0.2.0)
    bigdecimal (3.1.8)
    builder (3.3.0)
    date (3.3.4)
    gyoku (1.4.0)
      builder (>= 2.1.2)
      rexml (~> 3.0)
    httpi (3.0.2)
      base64
      mutex_m
      nkf
      rack (< 3)
    mail (2.8.1)
      mini_mime (>= 0.1.1)
      net-imap
      net-pop
      net-smtp
    mini_mime (1.1.5)
    mutex_m (0.2.0)
    net-imap (0.4.16)
      date
      net-protocol
    net-pop (0.1.2)
      net-protocol
    net-protocol (0.2.2)
      timeout
    net-smtp (0.5.0)
      net-protocol
    nkf (0.2.0)
    nokogiri (1.16.7-aarch64-linux)
      racc (~> 1.4)
    nokogiri (1.16.7-arm-linux)
      racc (~> 1.4)
    nokogiri (1.16.7-arm64-darwin)
      racc (~> 1.4)
    nokogiri (1.16.7-x86-linux)
      racc (~> 1.4)
    nokogiri (1.16.7-x86_64-darwin)
      racc (~> 1.4)
    nokogiri (1.16.7-x86_64-linux)
      racc (~> 1.4)
    nori (2.7.1)
      bigdecimal
    public_suffix (6.0.1)
    racc (1.8.1)
    rack (2.2.9)
    rexml (3.3.8)
    savon (2.14.0)
      akami (~> 1.2)
      builder (>= 2.1.2)
      gyoku (~> 1.2)
      httpi (>= 2.4.5)
      mail (~> 2.5)
      nokogiri (>= 1.8.1)
      nori (~> 2.4)
      wasabi (~> 3.4)
    timeout (0.4.1)
    wasabi (3.8.0)
      addressable
      httpi (~> 3.0)
      nokogiri (>= 1.4.2)

PLATFORMS
  aarch64-linux
  arm-linux
  arm64-darwin
  x86-linux
  x86_64-darwin
  x86_64-linux

DEPENDENCIES
  savon (= 2.14.0)

RUBY VERSION
   ruby 3.2.2p53

BUNDLED WITH
   2.5.20

[pcai]

Thanks for the perfect repro. i ran this with debug:true on 2.14.0 and 2.15.1 and noticed this difference in the requests:

savon 2.14.0

<?xml version="1.0" encoding="UTF-8"?>
<soap-env:Envelope
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:ns0="https://lists.cam.ac.uk/sympa/wsdl"
	xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"
	xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
	xmlns:tns="https://lists.cam.ac.uk/sympa/wsdl"
	xmlns:xsdl="https://lists.cam.ac.uk/sympasoap/wsdl">
	<soap-env:Body>
		<ns0:login
			xmlns:ns0="urn:sympasoap">
			<email xsi:nil="true"/>
			<password xsi:nil="true"/>
		</ns0:login>
	</soap-env:Body>
</soap-env:Envelope>

later versions:

<?xml version="1.0" encoding="UTF-8"?>
<soap-env:Envelope
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:ns0="https://lists.cam.ac.uk/sympa/wsdl"
	xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"
	xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
	xmlns:tns="https://lists.cam.ac.uk/sympa/wsdl"
	xmlns:xsdl="https://lists.cam.ac.uk/sympasoap/wsdl">
	<soap-env:Body>
		<ns0:loginRequest
			xmlns:ns0="urn:sympasoap">
			<email xsi:nil="true"/>
			<password xsi:nil="true"/>
		</ns0:loginRequest>
	</soap-env:Body>
</soap-env:Envelope>

note that ns0:login is now incorrectly ns0:loginRequest which isn't a valid operation (its a message)

These changes don't appear to be in savon, but rather in wasabi 3.x to 5.x - here is the diff: savonrb/wasabi@v3.8.0...v5.0.3

[pcai]

mind checking if this fixes the issue?

gem "wasabi", github: "savonrb/wasabi", ref: "d4984c7a"

[CHTJonas]

Yep - happy to confirm that adding that to the Gemfile makes everything work properly again.

[pcai]

going to get a few more data points to check regressions / confirm fixes and then ill cut a release in next few days

[jensb]

I can confirm that after an upgrade to v2.15.0 I also get login errors to a SOAP endpoint, and that the above 'wasabi' fix fixes the login errors.