Change inbound and outbound security configurations

README.md

@@ -85,9 +85,9 @@ The SOAP client module introduces a robust framework for configuring security me
 
 There are two primary security configurations available for SOAP clients:
 
-- `inboundSecurity`: This configuration is applied to the SOAP envelope when a request is made. It includes various ws security policies such as Username Token, Timestamp Token, X509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding, either individually or in combination with each other.
+- `outboundSecurity`: This configuration is applied to the SOAP envelope when a request is made. It includes various ws security policies such as Username Token, Timestamp Token, X509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding, either individually or in combination with each other.
 
-- `outboundSecurity`: This configuration is applied to the SOAP envelope when a response is received. Its purpose is to decrypt the data within the envelope and verify the digital signature for security validation.
+- `inboundSecurity`: This configuration is applied to the SOAP envelope when a response is received. Its purpose is to decrypt the data within the envelope and verify the digital signature for security validation.
 
 ### Policies
 
@@ -133,7 +133,7 @@ These policies empower SOAP clients to enhance the security of their web service
 
 #### Outbound Security Configurations
 
-- `OutboundSecurityConfig`: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.
+- `InboundSecurityConfig`: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.
   - Fields:
     - `crypto:PublicKey` verificationKey : The public key to verify the signature of the SOAP envelope
     - `crypto:PrivateKey`|`crypto:PublicKey` decryptionKey : The private key to decrypt the SOAP envelope
@@ -153,7 +153,7 @@ import ballerina/soap.soap11;
 public function main() returns error? {
     soap11:Client soapClient = check new ("https://www.secured-soap-endpoint.com", 
         {
-            inboundSecurity: [
+            outboundSecurity: [
             {
                 username: "username",
                 password: "password",
@@ -190,13 +190,13 @@ public function main() returns error? {
 
     soap12:Client soapClient = check new ("https://www.secured-soap-endpoint.com",
     {
-        inboundSecurity: {
+        outboundSecurity: {
                 signatureAlgorithm: soap:RSA_SHA256,
                 encryptionAlgorithm: soap:RSA_ECB,
                 signatureKey: clientPrivateKey,
                 encryptionKey: serverPublicKey,
         },
-        outboundSecurity: {
+        inboundSecurity: {
                 verificationKey: serverPublicKey,
                 signatureAlgorithm: soap:RSA_SHA256,
                 decryptionKey: clientPrivateKey,

ballerina/Module.md

@@ -77,9 +77,9 @@ The SOAP client module introduces a robust framework for configuring security me
 
 There are two primary security configurations available for SOAP clients:
 
-- `inboundSecurity`: This configuration is applied to the SOAP envelope when a request is made. It includes various ws security policies such as Username Token, Timestamp Token, X509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding, either individually or in combination with each other.
+- `outboundSecurity`: This configuration is applied to the SOAP envelope when a request is made. It includes various ws security policies such as Username Token, Timestamp Token, X509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding, either individually or in combination with each other.
 
-- `outboundSecurity`: This configuration is applied to the SOAP envelope when a response is received. Its purpose is to decrypt the data within the envelope and verify the digital signature for security validation.
+- `inboundSecurity`: This configuration is applied to the SOAP envelope when a response is received. Its purpose is to decrypt the data within the envelope and verify the digital signature for security validation.
 
 ### Policies
 
@@ -125,7 +125,7 @@ These policies empower SOAP clients to enhance the security of their web service
 
 #### Outbound Security Configurations
 
-- `OutboundSecurityConfig`: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.
+- `InboundSecurityConfig`: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.
   - Fields:
     - `crypto:PublicKey` verificationKey : The public key to verify the signature of the SOAP envelope
     - `crypto:PrivateKey`|`crypto:PublicKey` decryptionKey : The private key to decrypt the SOAP envelope
@@ -145,7 +145,7 @@ import ballerina/soap.soap11;
 public function main() returns error? {
     soap11:Client soapClient = check new ("https://www.secured-soap-endpoint.com", 
         {
-            inboundSecurity: [
+            outboundSecurity: [
             {
                 username: "username",
                 password: "password",
@@ -182,13 +182,13 @@ public function main() returns error? {
 
     soap12:Client soapClient = check new ("https://www.secured-soap-endpoint.com",
     {
-        inboundSecurity: {
+        outboundSecurity: {
                 signatureAlgorithm: soap:RSA_SHA256,
                 encryptionAlgorithm: soap:RSA_ECB,
                 signatureKey: clientPrivateKey,
                 encryptionKey: serverPublicKey,
         },
-        outboundSecurity: {
+        inboundSecurity: {
                 verificationKey: serverPublicKey,
                 signatureAlgorithm: soap:RSA_SHA256,
                 decryptionKey: clientPrivateKey,

ballerina/Package.md

@@ -77,9 +77,9 @@ The SOAP client module introduces a robust framework for configuring security me
 
 There are two primary security configurations available for SOAP clients:
 
-- `inboundSecurity`: This configuration is applied to the SOAP envelope when a request is made. It includes various ws security policies such as Username Token, Timestamp Token, X509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding, either individually or in combination with each other.
+- `outboundSecurity`: This configuration is applied to the SOAP envelope when a request is made. It includes various ws security policies such as Username Token, Timestamp Token, X509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding, either individually or in combination with each other.
 
-- `outboundSecurity`: This configuration is applied to the SOAP envelope when a response is received. Its purpose is to decrypt the data within the envelope and verify the digital signature for security validation.
+- `inboundSecurity`: This configuration is applied to the SOAP envelope when a response is received. Its purpose is to decrypt the data within the envelope and verify the digital signature for security validation.
 
 ### Policies
 
@@ -125,7 +125,7 @@ These policies empower SOAP clients to enhance the security of their web service
 
 #### Outbound Security Configurations
 
-- `OutboundSecurityConfig`: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.
+- `InboundSecurityConfig`: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.
   - Fields:
     - `crypto:PublicKey` verificationKey : The public key to verify the signature of the SOAP envelope
     - `crypto:PrivateKey`|`crypto:PublicKey` decryptionKey : The private key to decrypt the SOAP envelope
@@ -145,7 +145,7 @@ import ballerina/soap.soap11;
 public function main() returns error? {
     soap11:Client soapClient = check new ("https://www.secured-soap-endpoint.com", 
         {
-            inboundSecurity: [
+            outboundSecurity: [
             {
                 username: "username",
                 password: "password",
@@ -182,13 +182,13 @@ public function main() returns error? {
 
     soap12:Client soapClient = check new ("https://www.secured-soap-endpoint.com",
     {
-        inboundSecurity: {
+        outboundSecurity: {
                 signatureAlgorithm: soap:RSA_SHA256,
                 encryptionAlgorithm: soap:RSA_ECB,
                 signatureKey: clientPrivateKey,
                 encryptionKey: serverPublicKey,
         },
-        outboundSecurity: {
+        inboundSecurity: {
                 verificationKey: serverPublicKey,
                 signatureAlgorithm: soap:RSA_SHA256,
                 decryptionKey: clientPrivateKey,

ballerina/configs.bal

@@ -19,10 +19,10 @@ import ballerina/http;
 # SOAP client configurations.
 #
 # + httpConfig - HTTP Configuration
-# + inboundSecurity - Web service security configurations for SOAP requests
-# + outboundSecurity - Web service security configurations to decrypt and verify SOAP responses
+# + outboundSecurity - Web service security configurations for SOAP requests
+# + inboundSecurity - Web service security configurations to decrypt and verify SOAP responses
 public type ClientConfig record {|
     http:ClientConfiguration httpConfig = {};
-    InboundSecurityConfig|InboundSecurityConfig[] inboundSecurity = NO_POLICY;
-    OutboundSecurityConfig outboundSecurity = {};
+    OutboundSecurityConfig|OutboundSecurityConfig[] outboundSecurity = NO_POLICY;
+    InboundSecurityConfig inboundSecurity = {};
 |};

ballerina/modules/soap11/Module.md

@@ -69,9 +69,9 @@ The SOAP client module introduces a robust framework for configuring security me
 
 There are two primary security configurations available for SOAP clients:
 
-- `inboundSecurity`: This configuration is applied to the SOAP envelope when a request is made. It includes various ws security policies such as Username Token, Timestamp Token, X509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding, either individually or in combination with each other.
+- `outboundSecurity`: This configuration is applied to the SOAP envelope when a request is made. It includes various ws security policies such as Username Token, Timestamp Token, X509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding, either individually or in combination with each other.
 
-- `outboundSecurity`: This configuration is applied to the SOAP envelope when a response is received. Its purpose is to decrypt the data within the envelope and verify the digital signature for security validation.
+- `inboundSecurity`: This configuration is applied to the SOAP envelope when a response is received. Its purpose is to decrypt the data within the envelope and verify the digital signature for security validation.
 
 ### Policies
 
@@ -117,7 +117,7 @@ These policies empower SOAP clients to enhance the security of their web service
 
 #### Outbound Security Configurations
 
-- `OutboundSecurityConfig`: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.
+- `InboundSecurityConfig`: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.
   - Fields:
     - `crypto:PublicKey` verificationKey : The public key to verify the signature of the SOAP envelope
     - `crypto:PrivateKey`|`crypto:PublicKey` decryptionKey : The private key to decrypt the SOAP envelope
@@ -141,13 +141,13 @@ public function main() returns error? {
 
     soap11:Client soapClient = check new ("http://www.secured-soap-endpoint.com",
     {
-        inboundSecurity: {
+        outboundSecurity: {
                 signatureAlgorithm: soap:RSA_SHA256,
                 encryptionAlgorithm: soap:RSA_ECB,
                 signatureKey: clientPrivateKey,
                 encryptionKey: serverPublicKey,
         },
-        outboundSecurity: {
+        inboundSecurity: {
                 verificationKey: serverPublicKey,
                 signatureAlgorithm: soap:RSA_SHA256,
                 decryptionKey: clientPrivateKey,

ballerina/modules/soap11/soap11.bal

@@ -23,8 +23,8 @@ import ballerina/jballerina.java;
 # Object for the basic SOAP 1.1 client endpoint.
 public isolated client class Client {
     private final http:Client soapClient;
-    private final readonly & soap:InboundSecurityConfig|soap:InboundSecurityConfig[] inboundSecurity;
-    private final readonly & soap:OutboundSecurityConfig outboundSecurity;
+    private final readonly & soap:OutboundSecurityConfig|soap:OutboundSecurityConfig[] outboundSecurity;
+    private final readonly & soap:InboundSecurityConfig inboundSecurity;
 
     # Gets invoked during object initialization.
     #
@@ -36,8 +36,8 @@ public isolated client class Client {
             check soap:validateTransportBindingPolicy(config);
             self.soapClient = check new (url, config.httpConfig);
             readonly & soap:ClientConfig readonlyConfig = soap:getReadOnlyClientConfig(config);
-            self.inboundSecurity = readonlyConfig.inboundSecurity;
             self.outboundSecurity = readonlyConfig.outboundSecurity;
+            self.inboundSecurity = readonlyConfig.inboundSecurity;
         } on fail var err {
             return error Error(SOAP_CLIENT_ERROR, err);
         }
@@ -71,7 +71,7 @@ public isolated client class Client {
             xml mimeEntity = body is xml ? body : check body[0].getXml();
             lock {
                 xml envelope = body is xml ? body.clone() : mimeEntity.clone();
-                securedBody = check soap:applySecurityPolicies(self.inboundSecurity.clone(), envelope.clone(), false);
+                securedBody = check soap:applySecurityPolicies(self.outboundSecurity.clone(), envelope.clone(), false);
             }
             xml|mime:Entity[] response;
             if body is mime:Entity[] {
@@ -81,13 +81,13 @@ public isolated client class Client {
                 response = check soap:sendReceive(securedBody, self.soapClient, action, headers, path, false);
             }
             lock {
-                soap:OutboundSecurityConfig? outboundSecurity = self.outboundSecurity.clone();
+                soap:InboundSecurityConfig? inboundSecurity = self.inboundSecurity.clone();
                 do {
-                    if outboundSecurity is soap:OutboundSecurityConfig && outboundSecurity != {} {
+                    if inboundSecurity is soap:InboundSecurityConfig && inboundSecurity != {} {
                         if response is xml {
-                            return check soap:applyOutboundConfig(outboundSecurity.clone(), response.clone(), false);
+                            return check soap:applyOutboundConfig(inboundSecurity.clone(), response.clone(), false);
                         } else {
-                            return check soap:applyOutboundConfig(outboundSecurity.clone(), 
+                            return check soap:applyOutboundConfig(inboundSecurity.clone(), 
                                                                   check response[0].getXml().clone(), false);
                         }
                     }
@@ -119,7 +119,7 @@ public isolated client class Client {
             xml mimeEntity = body is xml ? body : check body[0].getXml();
             lock {
                 xml envelope = body is xml ? body.clone() : mimeEntity.clone();
-                securedBody = check soap:applySecurityPolicies(self.inboundSecurity.clone(), envelope.clone(), false);
+                securedBody = check soap:applySecurityPolicies(self.outboundSecurity.clone(), envelope.clone(), false);
             }
             return check soap:sendOnly(securedBody, self.soapClient, action, headers, path, false);
         } on fail error soapError {