Sample code for 30+ languages & platforms
PHP Extension

HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// See HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

// ------------------------------------
// Step 1: Load the signing certificate
// ------------------------------------
$cert = new CkCert();
$success = $cert->LoadFromSmartcard('');
if ($success == false) {
    print $cert->lastErrorText() . "\n";
    exit;
}

// ---------------------------------------
// Step 2: Build the SOAP XML to be signed
// ---------------------------------------

$xml = new CkXml();
$xml->put_Tag('SOAP-ENV:Envelope');
$xml->AddAttribute('xmlns:SOAP-ENV','http://schemas.xmlsoap.org/soap/envelope/');
$xml->AddAttribute('xmlns:web','http://www.example.com/webservice/');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security',true,'xmlns:ds','http://www.w3.org/2000/09/xmldsig#');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security',true,'xmlns:wsse','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security',true,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security',true,'xmlns:xenc','http://www.w3.org/2001/04/xmlenc#');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security',true,'SOAP-ENV:mustUnderstand','1');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',true,'A1','');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',true,'EncodingType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',true,'ValueType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509');
$xml->UpdateAttrAt('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',true,'wsu:Id','x509cert00');
$xml->UpdateChildContent('SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken',$cert->getEncoded());
$xml->UpdateAttrAt('SOAP-ENV:Body',true,'xmlns:wsu','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd');
$xml->UpdateAttrAt('SOAP-ENV:Body',true,'wsu:Id','TheBody');
$xml->UpdateChildContent('SOAP-ENV:Body|web:MyRequest|web:Parameter','MyValue');

// ---------------------------------------
// Step 3: Sign the XML
// ---------------------------------------

$gen = new CkXmlDSigGen();

$gen->put_SigLocation('SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security');
$gen->put_SigLocationMod(0);
$gen->put_SigNamespacePrefix('ds');
$gen->put_SigNamespaceUri('http://www.w3.org/2000/09/xmldsig#');
$gen->put_SignedInfoPrefixList('ds wsu xenc SOAP-ENV ');
$gen->put_IncNamespacePrefix('c14n');
$gen->put_IncNamespaceUri('http://www.w3.org/2001/10/xml-exc-c14n#');
$gen->put_SignedInfoCanonAlg('EXCL_C14N');
$gen->put_SignedInfoDigestMethod('sha1');

// -------- Reference 1 --------
$gen->AddSameDocRef('TheBody','sha1','EXCL_C14N','wsu SOAP-ENV','');

$gen->SetX509Cert($cert,true);

$gen->put_KeyInfoType('Custom');

// Create the custom KeyInfo XML..
$xmlCustomKeyInfo = new CkXml();
$xmlCustomKeyInfo->put_Tag('wsse:SecurityTokenReference');
$xmlCustomKeyInfo->put_Content('5');
$xmlCustomKeyInfo->UpdateAttrAt('wsse:Reference',true,'URI','#x509cert00');
$xmlCustomKeyInfo->UpdateAttrAt('wsse:Reference',true,'ValueType','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509');

$xmlCustomKeyInfo->put_EmitXmlDecl(false);
$gen->put_CustomKeyInfoXml($xmlCustomKeyInfo->getXml());

// Load XML to be signed...
$sbXml = new CkStringBuilder();
$xml->put_EmitXmlDecl(false);
$xml->GetXmlSb($sbXml);

$gen->put_Behaviors('IndentedSignature');

// Sign the XML...
$success = $gen->CreateXmlDSigSb($sbXml);
if ($success == false) {
    print $gen->lastErrorText() . "\n";
    exit;
}

// ---------------------------------------------------------
// Step 4: Send the HTTP POST containing the Signed SOAP XML
// ---------------------------------------------------------

$http = new CkHttp();

$http->SetRequestHeader('SOAPAction','\'http://www.example.com/MyWebService\'');
$http->SetRequestHeader('Host','www.example.com');
$http->SetRequestHeader('Content-Type','text/xml; charset=utf-8');

$resp = new CkHttpResponse();
$success = $http->HttpSb('POST','https://example.com/MyWebService',$sbXml,'utf-8','text/xml; charset=utf-8',$resp);
if ($success == false) {
    print $http->lastErrorText() . "\n";
    exit;
}

print $resp->get_StatusCode() . "\n";
print $resp->bodyStr() . "\n";

print 'Finished.' . "\n";

?>