Sample code for 30+ languages & platforms
CkPython

HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat CkPython Downloads

CkPython
import sys
import chilkat

success = False

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# See HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

# ------------------------------------
# Step 1: Load the signing certificate
# ------------------------------------
cert = chilkat.CkCert()
success = cert.LoadFromSmartcard("")
if (success == False):
    print(cert.lastErrorText())
    sys.exit()

# ---------------------------------------
# Step 2: Build the SOAP XML to be signed
# ---------------------------------------

xml = chilkat.CkXml()
xml.put_Tag("SOAP-ENV:Envelope")
xml.AddAttribute("xmlns:SOAP-ENV","http://schemas.xmlsoap.org/soap/envelope/")
xml.AddAttribute("xmlns:web","http://www.example.com/webservice/")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",True,"xmlns:ds","http://www.w3.org/2000/09/xmldsig#")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",True,"xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",True,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",True,"xmlns:xenc","http://www.w3.org/2001/04/xmlenc#")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",True,"SOAP-ENV:mustUnderstand","1")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",True,"A1","")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",True,"EncodingType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",True,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")
xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",True,"wsu:Id","x509cert00")
xml.UpdateChildContent("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",cert.getEncoded())
xml.UpdateAttrAt("SOAP-ENV:Body",True,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")
xml.UpdateAttrAt("SOAP-ENV:Body",True,"wsu:Id","TheBody")
xml.UpdateChildContent("SOAP-ENV:Body|web:MyRequest|web:Parameter","MyValue")

# ---------------------------------------
# Step 3: Sign the XML
# ---------------------------------------

gen = chilkat.CkXmlDSigGen()

gen.put_SigLocation("SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security")
gen.put_SigLocationMod(0)
gen.put_SigNamespacePrefix("ds")
gen.put_SigNamespaceUri("http://www.w3.org/2000/09/xmldsig#")
gen.put_SignedInfoPrefixList("ds wsu xenc SOAP-ENV ")
gen.put_IncNamespacePrefix("c14n")
gen.put_IncNamespaceUri("http://www.w3.org/2001/10/xml-exc-c14n#")
gen.put_SignedInfoCanonAlg("EXCL_C14N")
gen.put_SignedInfoDigestMethod("sha1")

# -------- Reference 1 --------
gen.AddSameDocRef("TheBody","sha1","EXCL_C14N","wsu SOAP-ENV","")

gen.SetX509Cert(cert,True)

gen.put_KeyInfoType("Custom")

# Create the custom KeyInfo XML..
xmlCustomKeyInfo = chilkat.CkXml()
xmlCustomKeyInfo.put_Tag("wsse:SecurityTokenReference")
xmlCustomKeyInfo.put_Content("5")
xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",True,"URI","#x509cert00")
xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",True,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")

xmlCustomKeyInfo.put_EmitXmlDecl(False)
gen.put_CustomKeyInfoXml(xmlCustomKeyInfo.getXml())

# Load XML to be signed...
sbXml = chilkat.CkStringBuilder()
xml.put_EmitXmlDecl(False)
xml.GetXmlSb(sbXml)

gen.put_Behaviors("IndentedSignature")

# Sign the XML...
success = gen.CreateXmlDSigSb(sbXml)
if (success == False):
    print(gen.lastErrorText())
    sys.exit()

# ---------------------------------------------------------
# Step 4: Send the HTTP POST containing the Signed SOAP XML
# ---------------------------------------------------------

http = chilkat.CkHttp()

http.SetRequestHeader("SOAPAction","\"http://www.example.com/MyWebService\"")
http.SetRequestHeader("Host","www.example.com")
http.SetRequestHeader("Content-Type","text/xml; charset=utf-8")

resp = chilkat.CkHttpResponse()
success = http.HttpSb("POST","https://example.com/MyWebService",sbXml,"utf-8","text/xml; charset=utf-8",resp)
if (success == False):
    print(http.lastErrorText())
    sys.exit()

print(str(resp.get_StatusCode()))
print(resp.bodyStr())

print("Finished.")