Sample code for 30+ languages & platforms
Swift

HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // See HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

    // ------------------------------------
    // Step 1: Load the signing certificate
    // ------------------------------------
    let cert = CkoCert()!
    success = cert.load(fromSmartcard: "")
    if success == false {
        print("\(cert.lastErrorText!)")
        return
    }

    // ---------------------------------------
    // Step 2: Build the SOAP XML to be signed
    // ---------------------------------------

    let xml = CkoXml()!
    xml.tag = "SOAP-ENV:Envelope"
    xml.addAttribute(name: "xmlns:SOAP-ENV", value: "http://schemas.xmlsoap.org/soap/envelope/")
    xml.addAttribute(name: "xmlns:web", value: "http://www.example.com/webservice/")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security", autoCreate: true, attrName: "xmlns:ds", attrValue: "http://www.w3.org/2000/09/xmldsig#")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security", autoCreate: true, attrName: "xmlns:wsse", attrValue: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security", autoCreate: true, attrName: "xmlns:wsu", attrValue: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security", autoCreate: true, attrName: "xmlns:xenc", attrValue: "http://www.w3.org/2001/04/xmlenc#")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security", autoCreate: true, attrName: "SOAP-ENV:mustUnderstand", attrValue: "1")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken", autoCreate: true, attrName: "A1", attrValue: "")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken", autoCreate: true, attrName: "EncodingType", attrValue: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken", autoCreate: true, attrName: "ValueType", attrValue: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken", autoCreate: true, attrName: "wsu:Id", attrValue: "x509cert00")
    xml.updateChildContent(tagPath: "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken", value: cert.getEncoded())
    xml.updateAttrAt(tagPath: "SOAP-ENV:Body", autoCreate: true, attrName: "xmlns:wsu", attrValue: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")
    xml.updateAttrAt(tagPath: "SOAP-ENV:Body", autoCreate: true, attrName: "wsu:Id", attrValue: "TheBody")
    xml.updateChildContent(tagPath: "SOAP-ENV:Body|web:MyRequest|web:Parameter", value: "MyValue")

    // ---------------------------------------
    // Step 3: Sign the XML
    // ---------------------------------------

    let gen = CkoXmlDSigGen()!

    gen.sigLocation = "SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security"
    gen.sigLocationMod = 0
    gen.sigNamespacePrefix = "ds"
    gen.sigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
    gen.signedInfoPrefixList = "ds wsu xenc SOAP-ENV "
    gen.incNamespacePrefix = "c14n"
    gen.incNamespaceUri = "http://www.w3.org/2001/10/xml-exc-c14n#"
    gen.signedInfoCanonAlg = "EXCL_C14N"
    gen.signedInfoDigestMethod = "sha1"

    // -------- Reference 1 --------
    gen.addSameDocRef(id: "TheBody", digestMethod: "sha1", canonMethod: "EXCL_C14N", prefixList: "wsu SOAP-ENV", refType: "")

    gen.setX509Cert(cert: cert, usePrivateKey: true)

    gen.keyInfoType = "Custom"

    // Create the custom KeyInfo XML..
    let xmlCustomKeyInfo = CkoXml()!
    xmlCustomKeyInfo.tag = "wsse:SecurityTokenReference"
    xmlCustomKeyInfo.content = "5"
    xmlCustomKeyInfo.updateAttrAt(tagPath: "wsse:Reference", autoCreate: true, attrName: "URI", attrValue: "#x509cert00")
    xmlCustomKeyInfo.updateAttrAt(tagPath: "wsse:Reference", autoCreate: true, attrName: "ValueType", attrValue: "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")

    xmlCustomKeyInfo.emitXmlDecl = false
    gen.customKeyInfoXml = xmlCustomKeyInfo.getXml()

    // Load XML to be signed...
    let sbXml = CkoStringBuilder()!
    xml.emitXmlDecl = false
    xml.getSb(sb: sbXml)

    gen.behaviors = "IndentedSignature"

    // Sign the XML...
    success = gen.createXmlDSigSb(sbXml: sbXml)
    if success == false {
        print("\(gen.lastErrorText!)")
        return
    }

    // ---------------------------------------------------------
    // Step 4: Send the HTTP POST containing the Signed SOAP XML
    // ---------------------------------------------------------

    let http = CkoHttp()!

    http.setRequestHeader(name: "SOAPAction", value: "\"http://www.example.com/MyWebService\"")
    http.setRequestHeader(name: "Host", value: "www.example.com")
    http.setRequestHeader(name: "Content-Type", value: "text/xml; charset=utf-8")

    let resp = CkoHttpResponse()!
    success = http.httpSb(verb: "POST", url: "https://example.com/MyWebService", sb: sbXml, charset: "utf-8", contentType: "text/xml; charset=utf-8", response: resp)
    if success == false {
        print("\(http.lastErrorText!)")
        return
    }

    print("\(resp.statusCode.intValue)")
    print("\(resp.bodyStr!)")

    print("Finished.")

}