![]() |
Chilkat HOME Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi DLL Go Java Node.js Objective-C PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Delphi ActiveX) Belgium eHealth Platform - checkAccessControlSee more Belgian eHealth Platform ExamplesDemonstrates the checkAccessControl operation of PlatformIntegrationConsumerTest, which requires an X.509 certificate and signature. This tests the validity of your certificate and signature.Note: This example requires Chilkat v11.0.0 or greater. For more information, see https://www.ehealth.fgov.be/ehealthplatform/nl/beveiliging-van-webservices#1
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB; ... procedure TForm1.Button1Click(Sender: TObject); var success: Integer; cert: TChilkatCert; xmlToSign: TChilkatXml; bdCert: TChilkatBinData; dt: TCkDateTime; gen: TChilkatXmlDSigGen; xmlCustomKeyInfo: TChilkatXml; sbXml: TChilkatStringBuilder; http: TChilkatHttp; resp: TChilkatHttpResponse; begin success := 0; // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Provide a certificate + private key. // Note: If your certificate + private key is located on a hardware token or smartcard, you can call a different function to load from smartcard.. cert := TChilkatCert.Create(Self); success := cert.LoadPfxFile('SSIN=12345678.acc.p12','p12_password'); if (success = 0) then begin Memo1.Lines.Add(cert.LastErrorText); Exit; end; // Create the XML to be signed... xmlToSign := TChilkatXml.Create(Self); xmlToSign.Tag := 'soapenv:Envelope'; xmlToSign.AddAttribute('xmlns:soapenv','http://schemas.xmlsoap.org/soap/envelope/'); xmlToSign.AddAttribute('xmlns:urn','urn:be:fgov:ehealth:platformintegrationconsumertest:v1'); xmlToSign.AddAttribute('xmlns:urn1','urn:be:fgov:ehealth:platformintegrationconsumertest:types:v1'); xmlToSign.UpdateAttrAt('soapenv:Header|wsse:Security',1,'xmlns:wsse','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'); xmlToSign.UpdateAttrAt('soapenv:Header|wsse:Security',1,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); xmlToSign.UpdateAttrAt('soapenv:Header|wsse:Security|wsse:BinarySecurityToken',1,'EncodingType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'); xmlToSign.UpdateAttrAt('soapenv:Header|wsse:Security|wsse:BinarySecurityToken',1,'ValueType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'); xmlToSign.UpdateAttrAt('soapenv:Header|wsse:Security|wsse:BinarySecurityToken',1,'wsu:Id','X509-FC77E2C72083DA8E0F16711753508182856'); // --------------------------------------------------------------------------------------------------------------- // A note about the Id's, such as X509-FC77E2C72083DA8E0F16711753508182856, TS-FC77E2C72083DA8E0F16711753508042855, etc. // These Id's simply need to be unique within the XML document. You don't need to generate new Id's every time. // You can use the same Id's in each XML document that is submitted. The purpose of each Id is to // match the XMLDsig Reference to the element in XML being referenced. // In other words, you could use the Id's "mickey_mouse", "donald_duck", and "goofy", and it would work perfectly OK, // as long as no other XML elements also use the Id's "mickey_mouse", "donald_duck", or "goofy" // --------------------------------------------------------------------------------------------------------------- bdCert := TChilkatBinData.Create(Self); cert.ExportCertDerBd(bdCert.ControlInterface); xmlToSign.UpdateChildContent('soapenv:Header|wsse:Security|wsse:BinarySecurityToken',bdCert.GetEncoded('base64')); xmlToSign.UpdateAttrAt('soapenv:Header|wsse:Security|wsu:Timestamp',1,'wsu:Id','TS-FC77E2C72083DA8E0F16711753508042855'); dt := TCkDateTime.Create(Self); dt.SetFromCurrentSystemTime(); xmlToSign.UpdateChildContent('soapenv:Header|wsse:Security|wsu:Timestamp|wsu:Created',dt.GetAsTimestamp(0)); dt.AddSeconds(3600); xmlToSign.UpdateChildContent('soapenv:Header|wsse:Security|wsu:Timestamp|wsu:Expires',dt.GetAsTimestamp(0)); dt.AddSeconds(-3600); xmlToSign.UpdateAttrAt('soapenv:Body',1,'wsu:Id','id-FC77E2C72083DA8E0F16711753508182859'); xmlToSign.UpdateAttrAt('soapenv:Body',1,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'); xmlToSign.UpdateChildContent('soapenv:Body|urn:CheckAccessControlRequest|urn1:Message','Hello World'); // Create a timestamp with the current date/time in the following format: 2014-12-30T15:29:03.157+01:00 xmlToSign.UpdateChildContent('soapenv:Body|urn:CheckAccessControlRequest|urn1:Timestamp',dt.GetAsTimestamp(1)); gen := TChilkatXmlDSigGen.Create(Self); gen.SigLocation := 'soapenv:Envelope|soapenv:Header|wsse:Security|wsse:BinarySecurityToken'; gen.SigLocationMod := 1; gen.SigId := 'SIG-FC77E2C72083DA8E0F16711753508252860'; gen.SigNamespacePrefix := 'ds'; gen.SigNamespaceUri := 'http://www.w3.org/2000/09/xmldsig#'; gen.SignedInfoPrefixList := 'soapenv urn urn1'; gen.IncNamespacePrefix := 'ec'; gen.IncNamespaceUri := 'http://www.w3.org/2001/10/xml-exc-c14n#'; gen.SignedInfoCanonAlg := 'EXCL_C14N'; gen.SignedInfoDigestMethod := 'sha256'; // Set the KeyInfoId before adding references.. gen.KeyInfoId := 'KI-FC77E2C72083DA8E0F16711753508182857'; // -------- Reference 1 -------- gen.AddSameDocRef('TS-FC77E2C72083DA8E0F16711753508042855','sha256','EXCL_C14N','wsse soapenv urn urn1',''); // -------- Reference 2 -------- gen.AddSameDocRef('id-FC77E2C72083DA8E0F16711753508182859','sha256','EXCL_C14N','urn urn1',''); // -------- Reference 3 -------- gen.AddSameDocRef('X509-FC77E2C72083DA8E0F16711753508182856','sha256','EXCL_C14N','_EMPTY_',''); gen.SetX509Cert(cert.ControlInterface,1); gen.KeyInfoType := 'Custom'; // Create the custom KeyInfo XML.. xmlCustomKeyInfo := TChilkatXml.Create(Self); xmlCustomKeyInfo.Tag := 'wsse:SecurityTokenReference'; xmlCustomKeyInfo.AddAttribute('wsu:Id','STR-FC77E2C72083DA8E0F16711753508182858'); xmlCustomKeyInfo.UpdateAttrAt('wsse:Reference',1,'URI','#X509-FC77E2C72083DA8E0F16711753508182856'); xmlCustomKeyInfo.UpdateAttrAt('wsse:Reference',1,'ValueType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'); xmlCustomKeyInfo.EmitXmlDecl := 0; gen.CustomKeyInfoXml := xmlCustomKeyInfo.GetXml(); // Load XML to be signed... sbXml := TChilkatStringBuilder.Create(Self); xmlToSign.GetXmlSb(sbXml.ControlInterface); gen.Behaviors := 'IndentedSignature'; // Sign the XML... success := gen.CreateXmlDSigSb(sbXml.ControlInterface); if (success = 0) then begin Memo1.Lines.Add(gen.LastErrorText); Exit; end; // ----------------------------------------------- // Send the signed XML... http := TChilkatHttp.Create(Self); success := http.SetSslClientCert(cert.ControlInterface); if (success = 0) then begin Memo1.Lines.Add(http.LastErrorText); Exit; end; http.SetRequestHeader('Content-Type','text/xml'); // Change to services.ehealth.fgov.be for the production environment. resp := TChilkatHttpResponse.Create(Self); success := http.HttpSb('POST','https://services-acpt.ehealth.fgov.be/PlatformIntegrationConsumerTest/v1',sbXml.ControlInterface,'utf-8','application/xml',resp.ControlInterface); if (success = 0) then begin Memo1.Lines.Add(http.LastErrorText); Exit; end; Memo1.Lines.Add(resp.BodyStr); Memo1.Lines.Add('response status code = ' + IntToStr(resp.StatusCode)); // A successful response is a 200 status code, with this sample response: // <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> // <soapenv:Header xmlns:v1="urn:be:fgov:ehealth:platformintegrationconsumertest:v1" xmlns:v11="urn:be:fgov:ehealth:platformintegrationconsumertest:types:v1"/> // <soapenv:Body xmlns:ic="urn:be:fgov:ehealth:platformintegrationconsumertest:v1" xmlns:type="urn:be:fgov:ehealth:platformintegrationconsumertest:types:v1"> // <ic:CheckAccessControlResponse> // <type:Message>Hello World</type:Message> // <type:Timestamp>2023-09-28T22:17:26.643+02:00</type:Timestamp> // <type:AuthenticatedConsumer>CN="SSIN=aaaaaa", OU=eHealth-platform Belgium, OU=bbbb, OU="SSIN=aaaaaaa", O=Federal Government, C=BE</type:AuthenticatedConsumer> // </ic:CheckAccessControlResponse> // </soapenv:Body> // </soapenv:Envelope> end; |
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.