Secure, Scalable and Dynamic Invocation of SOAP in Python with Zato and Suds

Zato ESB and app server in Python has grown additional means through which it is now even easier to invoke SOAP services without a need for generating stub classes or clients.

Given an existing WSDL, all that is needed is filling out a couple of forms and a pool of SOAP clients is automatically generated and available in a cluster

Built on top of Suds, the feature is available in git master and here's a preview showing how to consume SOAP services without any need for direct XML manipulations in order to build a RESTful service validating credit card numbers with JSON output.

First, let's upload the service that will connect to SOAP and produce JSON on output.

Note that the service doesn't really know what type of output it produces - this is configured from the GUI and no code changes are needed for the service to produce XML instead of JSON.

   # -*- coding: utf-8 -*-
   
   # Zato
   from zato.server.service import Service
   
   class ValidateCreditCard(Service):
   
       class SimpleIO:
           input_required = ('number',)
           output_required = ('card_type', 'is_valid')
   
       def handle(self):
           conn = self.outgoing.soap['Credit Card Validator'].conn
   
           with conn.client() as client:
   
               # Invoke SOAP dynamically - no need for stub classes
               result = client.service.CheckCC(self.request.input.number)
   
               # Results are turned into Python objects automatically
               self.response.payload.card_type = result.CardType
               self.response.payload.is_valid = result.CardValid

While not strictly required, let's say we need to secure our REST service with Basic Auth:

Now a channel is created through which requests will flow in. Note that the URL path is a pattern - all named attributes, such as *number* here, are available as input to services.

And although it's not used in this example, both JSON or XML can be mixed on input with URL parameters with full control of what has priority over other parts.

Next an outgoing SOAP connection is needed. Note that its serialization type is Suds - this is the new feature. The WSDL points to a free SOAP service online courtesy of CDYNE .

In the example below, each server will be given a pool of 20 SOAP clients, each generated dynamically on fly from the WSDL provided on input.

If you're coming from Java or C# background you'll note that no stubs nor client classes need to be generated. This is all taken care of behind the scenes so one can focus on invoking SOAP services straightaway.

With all that in place, the Zato service can now be invoked. curl is used from command line in the examples below:

   $ curl -u user:password localhost:17010/validate-cc/4111111111111111
   {"response": {"card_type": "VISA", "is_valid": true}}
   $

   $ curl -u user:password localhost:17010/validate-cc/123456789
   {"response": {"card_type": "NONE", "is_valid": false}}
   $

What if the WSDL changes with time? You only need to click 'Reload WSDL' and a new pool of SOAP clients will be created using the newest contents.

The feature will be released in the upcoming 1.2 release and until then - please use git master version.