Sample code for 30+ languages & platforms
Go

HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat Go Downloads

Go
    success := false

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // See HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

    // ------------------------------------
    // Step 1: Load the signing certificate
    // ------------------------------------
    cert := chilkat.NewCert()
    success = cert.LoadFromSmartcard("")
    if success == false {
        fmt.Println(cert.LastErrorText())
        cert.DisposeCert()
        return
    }

    // ---------------------------------------
    // Step 2: Build the SOAP XML to be signed
    // ---------------------------------------

    xml := chilkat.NewXml()
    xml.SetTag("SOAP-ENV:Envelope")
    xml.AddAttribute("xmlns:SOAP-ENV","http://schemas.xmlsoap.org/soap/envelope/")
    xml.AddAttribute("xmlns:web","http://www.example.com/webservice/")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:ds","http://www.w3.org/2000/09/xmldsig#")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:xenc","http://www.w3.org/2001/04/xmlenc#")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"SOAP-ENV:mustUnderstand","1")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"A1","")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"EncodingType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"wsu:Id","x509cert00")
    xml.UpdateChildContent("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",*cert.GetEncoded())
    xml.UpdateAttrAt("SOAP-ENV:Body",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")
    xml.UpdateAttrAt("SOAP-ENV:Body",true,"wsu:Id","TheBody")
    xml.UpdateChildContent("SOAP-ENV:Body|web:MyRequest|web:Parameter","MyValue")

    // ---------------------------------------
    // Step 3: Sign the XML
    // ---------------------------------------

    gen := chilkat.NewXmlDSigGen()

    gen.SetSigLocation("SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security")
    gen.SetSigLocationMod(0)
    gen.SetSigNamespacePrefix("ds")
    gen.SetSigNamespaceUri("http://www.w3.org/2000/09/xmldsig#")
    gen.SetSignedInfoPrefixList("ds wsu xenc SOAP-ENV ")
    gen.SetIncNamespacePrefix("c14n")
    gen.SetIncNamespaceUri("http://www.w3.org/2001/10/xml-exc-c14n#")
    gen.SetSignedInfoCanonAlg("EXCL_C14N")
    gen.SetSignedInfoDigestMethod("sha1")

    // -------- Reference 1 --------
    gen.AddSameDocRef("TheBody","sha1","EXCL_C14N","wsu SOAP-ENV","")

    gen.SetX509Cert(cert,true)

    gen.SetKeyInfoType("Custom")

    // Create the custom KeyInfo XML..
    xmlCustomKeyInfo := chilkat.NewXml()
    xmlCustomKeyInfo.SetTag("wsse:SecurityTokenReference")
    xmlCustomKeyInfo.SetContent("5")
    xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"URI","#x509cert00")
    xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")

    xmlCustomKeyInfo.SetEmitXmlDecl(false)
    gen.SetCustomKeyInfoXml(xmlCustomKeyInfo.GetXml())

    // Load XML to be signed...
    sbXml := chilkat.NewStringBuilder()
    xml.SetEmitXmlDecl(false)
    xml.GetXmlSb(sbXml)

    gen.SetBehaviors("IndentedSignature")

    // Sign the XML...
    success = gen.CreateXmlDSigSb(sbXml)
    if success == false {
        fmt.Println(gen.LastErrorText())
        cert.DisposeCert()
        xml.DisposeXml()
        gen.DisposeXmlDSigGen()
        xmlCustomKeyInfo.DisposeXml()
        sbXml.DisposeStringBuilder()
        return
    }

    // ---------------------------------------------------------
    // Step 4: Send the HTTP POST containing the Signed SOAP XML
    // ---------------------------------------------------------

    http := chilkat.NewHttp()

    http.SetRequestHeader("SOAPAction","\"http://www.example.com/MyWebService\"")
    http.SetRequestHeader("Host","www.example.com")
    http.SetRequestHeader("Content-Type","text/xml; charset=utf-8")

    resp := chilkat.NewHttpResponse()
    success = http.HttpSb("POST","https://example.com/MyWebService",sbXml,"utf-8","text/xml; charset=utf-8",resp)
    if success == false {
        fmt.Println(http.LastErrorText())
        cert.DisposeCert()
        xml.DisposeXml()
        gen.DisposeXmlDSigGen()
        xmlCustomKeyInfo.DisposeXml()
        sbXml.DisposeStringBuilder()
        http.DisposeHttp()
        resp.DisposeHttpResponse()
        return
    }

    fmt.Println(resp.StatusCode())
    fmt.Println(resp.BodyStr())

    fmt.Println("Finished.")

    cert.DisposeCert()
    xml.DisposeXml()
    gen.DisposeXmlDSigGen()
    xmlCustomKeyInfo.DisposeXml()
    sbXml.DisposeStringBuilder()
    http.DisposeHttp()
    resp.DisposeHttpResponse()