|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Belgium eHealth Platform - checkAccessControlSee more Belgian eHealth Platform ExamplesDemonstrates the checkAccessControl operation of PlatformIntegrationConsumerTest, which requires an X.509 certificate and signature. This tests the validity of your certificate and signature.Note: This example requires Chilkat v11.0.0 or greater. For more information, see https://www.ehealth.fgov.be/ehealthplatform/nl/beveiliging-van-webservices#1
load ./chilkat.dll set success 0 # This example assumes the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # Provide a certificate + private key. # Note: If your certificate + private key is located on a hardware token or smartcard, you can call a different function to load from smartcard.. set cert [new_CkCert] set success [CkCert_LoadPfxFile $cert "SSIN=12345678.acc.p12" "p12_password"] if {$success == 0} then { puts [CkCert_lastErrorText $cert] delete_CkCert $cert exit } # Create the XML to be signed... set xmlToSign [new_CkXml] CkXml_put_Tag $xmlToSign "soapenv:Envelope" CkXml_AddAttribute $xmlToSign "xmlns:soapenv" "http://schemas.xmlsoap.org/soap/envelope/" CkXml_AddAttribute $xmlToSign "xmlns:urn" "urn:be:fgov:ehealth:platformintegrationconsumertest:v1" CkXml_AddAttribute $xmlToSign "xmlns:urn1" "urn:be:fgov:ehealth:platformintegrationconsumertest:types:v1" CkXml_UpdateAttrAt $xmlToSign "soapenv:Header|wsse:Security" 1 "xmlns:wsse" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" CkXml_UpdateAttrAt $xmlToSign "soapenv:Header|wsse:Security" 1 "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" CkXml_UpdateAttrAt $xmlToSign "soapenv:Header|wsse:Security|wsse:BinarySecurityToken" 1 "EncodingType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" CkXml_UpdateAttrAt $xmlToSign "soapenv:Header|wsse:Security|wsse:BinarySecurityToken" 1 "ValueType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" CkXml_UpdateAttrAt $xmlToSign "soapenv:Header|wsse:Security|wsse:BinarySecurityToken" 1 "wsu:Id" "X509-FC77E2C72083DA8E0F16711753508182856" # --------------------------------------------------------------------------------------------------------------- # A note about the Id's, such as X509-FC77E2C72083DA8E0F16711753508182856, TS-FC77E2C72083DA8E0F16711753508042855, etc. # These Id's simply need to be unique within the XML document. You don't need to generate new Id's every time. # You can use the same Id's in each XML document that is submitted. The purpose of each Id is to # match the XMLDsig Reference to the element in XML being referenced. # In other words, you could use the Id's "mickey_mouse", "donald_duck", and "goofy", and it would work perfectly OK, # as long as no other XML elements also use the Id's "mickey_mouse", "donald_duck", or "goofy" # --------------------------------------------------------------------------------------------------------------- set bdCert [new_CkBinData] CkCert_ExportCertDerBd $cert $bdCert CkXml_UpdateChildContent $xmlToSign "soapenv:Header|wsse:Security|wsse:BinarySecurityToken" [CkBinData_getEncoded $bdCert "base64"] CkXml_UpdateAttrAt $xmlToSign "soapenv:Header|wsse:Security|wsu:Timestamp" 1 "wsu:Id" "TS-FC77E2C72083DA8E0F16711753508042855" set dt [new_CkDateTime] CkDateTime_SetFromCurrentSystemTime $dt CkXml_UpdateChildContent $xmlToSign "soapenv:Header|wsse:Security|wsu:Timestamp|wsu:Created" [CkDateTime_getAsTimestamp $dt 0] CkDateTime_AddSeconds $dt 3600 CkXml_UpdateChildContent $xmlToSign "soapenv:Header|wsse:Security|wsu:Timestamp|wsu:Expires" [CkDateTime_getAsTimestamp $dt 0] CkDateTime_AddSeconds $dt -3600 CkXml_UpdateAttrAt $xmlToSign "soapenv:Body" 1 "wsu:Id" "id-FC77E2C72083DA8E0F16711753508182859" CkXml_UpdateAttrAt $xmlToSign "soapenv:Body" 1 "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" CkXml_UpdateChildContent $xmlToSign "soapenv:Body|urn:CheckAccessControlRequest|urn1:Message" "Hello World" # Create a timestamp with the current date/time in the following format: 2014-12-30T15:29:03.157+01:00 CkXml_UpdateChildContent $xmlToSign "soapenv:Body|urn:CheckAccessControlRequest|urn1:Timestamp" [CkDateTime_getAsTimestamp $dt 1] set gen [new_CkXmlDSigGen] CkXmlDSigGen_put_SigLocation $gen "soapenv:Envelope|soapenv:Header|wsse:Security|wsse:BinarySecurityToken" CkXmlDSigGen_put_SigLocationMod $gen 1 CkXmlDSigGen_put_SigId $gen "SIG-FC77E2C72083DA8E0F16711753508252860" CkXmlDSigGen_put_SigNamespacePrefix $gen "ds" CkXmlDSigGen_put_SigNamespaceUri $gen "http://www.w3.org/2000/09/xmldsig#" CkXmlDSigGen_put_SignedInfoPrefixList $gen "soapenv urn urn1" CkXmlDSigGen_put_IncNamespacePrefix $gen "ec" CkXmlDSigGen_put_IncNamespaceUri $gen "http://www.w3.org/2001/10/xml-exc-c14n#" CkXmlDSigGen_put_SignedInfoCanonAlg $gen "EXCL_C14N" CkXmlDSigGen_put_SignedInfoDigestMethod $gen "sha256" # Set the KeyInfoId before adding references.. CkXmlDSigGen_put_KeyInfoId $gen "KI-FC77E2C72083DA8E0F16711753508182857" # -------- Reference 1 -------- CkXmlDSigGen_AddSameDocRef $gen "TS-FC77E2C72083DA8E0F16711753508042855" "sha256" "EXCL_C14N" "wsse soapenv urn urn1" "" # -------- Reference 2 -------- CkXmlDSigGen_AddSameDocRef $gen "id-FC77E2C72083DA8E0F16711753508182859" "sha256" "EXCL_C14N" "urn urn1" "" # -------- Reference 3 -------- CkXmlDSigGen_AddSameDocRef $gen "X509-FC77E2C72083DA8E0F16711753508182856" "sha256" "EXCL_C14N" "_EMPTY_" "" CkXmlDSigGen_SetX509Cert $gen $cert 1 CkXmlDSigGen_put_KeyInfoType $gen "Custom" # Create the custom KeyInfo XML.. set xmlCustomKeyInfo [new_CkXml] CkXml_put_Tag $xmlCustomKeyInfo "wsse:SecurityTokenReference" CkXml_AddAttribute $xmlCustomKeyInfo "wsu:Id" "STR-FC77E2C72083DA8E0F16711753508182858" CkXml_UpdateAttrAt $xmlCustomKeyInfo "wsse:Reference" 1 "URI" "#X509-FC77E2C72083DA8E0F16711753508182856" CkXml_UpdateAttrAt $xmlCustomKeyInfo "wsse:Reference" 1 "ValueType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" CkXml_put_EmitXmlDecl $xmlCustomKeyInfo 0 CkXmlDSigGen_put_CustomKeyInfoXml $gen [CkXml_getXml $xmlCustomKeyInfo] # Load XML to be signed... set sbXml [new_CkStringBuilder] CkXml_GetXmlSb $xmlToSign $sbXml CkXmlDSigGen_put_Behaviors $gen "IndentedSignature" # Sign the XML... set success [CkXmlDSigGen_CreateXmlDSigSb $gen $sbXml] if {$success == 0} then { puts [CkXmlDSigGen_lastErrorText $gen] delete_CkCert $cert delete_CkXml $xmlToSign delete_CkBinData $bdCert delete_CkDateTime $dt delete_CkXmlDSigGen $gen delete_CkXml $xmlCustomKeyInfo delete_CkStringBuilder $sbXml exit } # ----------------------------------------------- # Send the signed XML... set http [new_CkHttp] set success [CkHttp_SetSslClientCert $http $cert] if {$success == 0} then { puts [CkHttp_lastErrorText $http] delete_CkCert $cert delete_CkXml $xmlToSign delete_CkBinData $bdCert delete_CkDateTime $dt delete_CkXmlDSigGen $gen delete_CkXml $xmlCustomKeyInfo delete_CkStringBuilder $sbXml delete_CkHttp $http exit } CkHttp_SetRequestHeader $http "Content-Type" "text/xml" # Change to services.ehealth.fgov.be for the production environment. set resp [new_CkHttpResponse] set success [CkHttp_HttpSb $http "POST" "https://services-acpt.ehealth.fgov.be/PlatformIntegrationConsumerTest/v1" $sbXml "utf-8" "application/xml" $resp] if {$success == 0} then { puts [CkHttp_lastErrorText $http] delete_CkCert $cert delete_CkXml $xmlToSign delete_CkBinData $bdCert delete_CkDateTime $dt delete_CkXmlDSigGen $gen delete_CkXml $xmlCustomKeyInfo delete_CkStringBuilder $sbXml delete_CkHttp $http delete_CkHttpResponse $resp exit } puts [CkHttpResponse_bodyStr $resp] puts "response status code = [CkHttpResponse_get_StatusCode $resp]" # A successful response is a 200 status code, with this sample response: # <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> # <soapenv:Header xmlns:v1="urn:be:fgov:ehealth:platformintegrationconsumertest:v1" xmlns:v11="urn:be:fgov:ehealth:platformintegrationconsumertest:types:v1"/> # <soapenv:Body xmlns:ic="urn:be:fgov:ehealth:platformintegrationconsumertest:v1" xmlns:type="urn:be:fgov:ehealth:platformintegrationconsumertest:types:v1"> # <ic:CheckAccessControlResponse> # <type:Message>Hello World</type:Message> # <type:Timestamp>2023-09-28T22:17:26.643+02:00</type:Timestamp> # <type:AuthenticatedConsumer>CN="SSIN=aaaaaa", OU=eHealth-platform Belgium, OU=bbbb, OU="SSIN=aaaaaaa", O=Federal Government, C=BE</type:AuthenticatedConsumer> # </ic:CheckAccessControlResponse> # </soapenv:Body> # </soapenv:Envelope> delete_CkCert $cert delete_CkXml $xmlToSign delete_CkBinData $bdCert delete_CkDateTime $dt delete_CkXmlDSigGen $gen delete_CkXml $xmlCustomKeyInfo delete_CkStringBuilder $sbXml delete_CkHttp $http delete_CkHttpResponse $resp |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.