Sample code for 30+ languages & platforms
Node.js

HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat Node.js Downloads

Node.js
NODEJS_PRELUDE

function chilkatExample() {

    var success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // See HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

    // ------------------------------------
    // Step 1: Load the signing certificate
    // ------------------------------------
    var cert = new chilkat.Cert();
    success = cert.LoadFromSmartcard("");
    if (success == false) {
        console.log(cert.LastErrorText);
        return;
    }

    // ---------------------------------------
    // Step 2: Build the SOAP XML to be signed
    // ---------------------------------------

    var xml = new chilkat.Xml();
    xml.Tag = "SOAP-ENV:Envelope";
    xml.AddAttribute("xmlns:SOAP-ENV","http://schemas.xmlsoap.org/soap/envelope/");
    xml.AddAttribute("xmlns:web","http://www.example.com/webservice/");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:ds","http://www.w3.org/2000/09/xmldsig#");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:xenc","http://www.w3.org/2001/04/xmlenc#");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"SOAP-ENV:mustUnderstand","1");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"A1","");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"EncodingType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"wsu:Id","x509cert00");
    xml.UpdateChildContent("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",cert.GetEncoded());
    xml.UpdateAttrAt("SOAP-ENV:Body",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Body",true,"wsu:Id","TheBody");
    xml.UpdateChildContent("SOAP-ENV:Body|web:MyRequest|web:Parameter","MyValue");

    // ---------------------------------------
    // Step 3: Sign the XML
    // ---------------------------------------

    var gen = new chilkat.XmlDSigGen();

    gen.SigLocation = "SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security";
    gen.SigLocationMod = 0;
    gen.SigNamespacePrefix = "ds";
    gen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#";
    gen.SignedInfoPrefixList = "ds wsu xenc SOAP-ENV ";
    gen.IncNamespacePrefix = "c14n";
    gen.IncNamespaceUri = "http://www.w3.org/2001/10/xml-exc-c14n#";
    gen.SignedInfoCanonAlg = "EXCL_C14N";
    gen.SignedInfoDigestMethod = "sha1";

    // -------- Reference 1 --------
    gen.AddSameDocRef("TheBody","sha1","EXCL_C14N","wsu SOAP-ENV","");

    gen.SetX509Cert(cert,true);

    gen.KeyInfoType = "Custom";

    // Create the custom KeyInfo XML..
    var xmlCustomKeyInfo = new chilkat.Xml();
    xmlCustomKeyInfo.Tag = "wsse:SecurityTokenReference";
    xmlCustomKeyInfo.Content = "5";
    xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"URI","#x509cert00");
    xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509");

    xmlCustomKeyInfo.EmitXmlDecl = false;
    gen.CustomKeyInfoXml = xmlCustomKeyInfo.GetXml();

    // Load XML to be signed...
    var sbXml = new chilkat.StringBuilder();
    xml.EmitXmlDecl = false;
    xml.GetXmlSb(sbXml);

    gen.Behaviors = "IndentedSignature";

    // Sign the XML...
    success = gen.CreateXmlDSigSb(sbXml);
    if (success == false) {
        console.log(gen.LastErrorText);
        return;
    }

    // ---------------------------------------------------------
    // Step 4: Send the HTTP POST containing the Signed SOAP XML
    // ---------------------------------------------------------

    var http = new chilkat.Http();

    http.SetRequestHeader("SOAPAction","\"http://www.example.com/MyWebService\"");
    http.SetRequestHeader("Host","www.example.com");
    http.SetRequestHeader("Content-Type","text/xml; charset=utf-8");

    var resp = new chilkat.HttpResponse();
    success = http.HttpSb("POST","https://example.com/MyWebService",sbXml,"utf-8","text/xml; charset=utf-8",resp);
    if (success == false) {
        console.log(http.LastErrorText);
        return;
    }

    console.log(resp.StatusCode);
    console.log(resp.BodyStr);

    console.log("Finished.");

}

chilkatExample();