Sample code for 30+ languages & platforms
Delphi DLL

Hungary NAV Token Exchange

See more Hungary NAV Invoicing Examples

Demonstrates the tokenExchange request for the Hungarian NAV Online Invoicing System REST API v2.0.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, CkDateTime, Prng, HttpResponse, StringBuilder, Xml, Crypt2;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
crypt: HCkCrypt2;
dtNow: HCkDateTime;
myPassword: PWideChar;
passwordHash: PWideChar;
prng: HCkPrng;
sbRequestId: HCkStringBuilder;
signatureKey: PWideChar;
sbFinalHashBase: HCkStringBuilder;
numReplaced: Integer;
requestSignature: PWideChar;
xml: HCkXml;
http: HCkHttp;
endpoint: PWideChar;
resp: HCkHttpResponse;
respXml: HCkXml;
TokenExchangeResponse_xmlns: PWideChar;
TokenExchangeResponse_xmlns_ns2: PWideChar;
requestId: PWideChar;
timestamp: PWideChar;
requestVersion: PWideChar;
headerVersion: PWideChar;
funcCode: PWideChar;
softwareId: PWideChar;
softwareName: PWideChar;
softwareOperation: PWideChar;
softwareMainVersion: PWideChar;
softwareDevName: PWideChar;
softwareDevContact: PWideChar;
softwareDevCountryCode: PWideChar;
softwareDevTaxNumber: PWideChar;
encodedExchangeToken: PWideChar;
tokenValidityFrom: PWideChar;
tokenValidityTo: PWideChar;

begin
success := False;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Build the following XML:

// Use this online tool to generate code from sample XML: 
// Generate Code to Create XML

// <?xml version="1.0" encoding="UTF-8"?>
// <TokenExchangeRequest xmlns="http://schemas.nav.gov.hu/OSA/2.0/api">
// 	<header>
// 		<requestId>RID896801578348</requestId>
// 		<timestamp>2019-09-11T10:55:31.440Z</timestamp>
// 		<requestVersion>2.0</requestVersion>
// 		<headerVersion>1.0</headerVersion>
// 	</header>
// 	<user>
// 		<login>lwilsmn0uqdxe6u</login>
// 		<passwordHash>2F43840A882CFDB7DB0FEC07D419D030D864B47B6B541DC280EF81B937B7A176E33C052B0D26638CC18A7A2C08D8D311733078A774BF43F6CA57FE8CD74DC28E</passwordHash>
// 		<taxNumber>11111111</taxNumber>
// 		<requestSignature>B4B5E0F197BFFD3DF69BCC98D3BE775F65FD5445EEF95C9D6B6C59425F2B81C4F6DA1FD563B0C7E7D98AF1E1725E5C63C2803B5D3A93D1C02ED354AC92F2CC94</requestSignature>
// 		<!--<signKey>ac-ac3a-7f661bff7d342N43CYX4U9FG</signKey>-->
// 	</user>
// 	<software>
// 		<softwareId>123456789123456789</softwareId>
// 		<softwareName>string</softwareName>
// 		<softwareOperation>LOCAL_SOFTWARE</softwareOperation>
// 		<softwareMainVersion>string</softwareMainVersion>
// 		<softwareDevName>string</softwareDevName>
// 		<softwareDevContact>string</softwareDevContact>
// 		<softwareDevCountryCode>HU</softwareDevCountryCode>
// 		<softwareDevTaxNumber>string</softwareDevTaxNumber>
// 	</software>
// </TokenExchangeRequest>

crypt := CkCrypt2_Create();

dtNow := CkDateTime_Create();
CkDateTime_SetFromCurrentSystemTime(dtNow);
Memo1.Lines.Add(CkDateTime__getAsTimestamp(dtNow,False));

// The hash algorithm for the password is SHA512 (not SHA3-512).
CkCrypt2_putHashAlgorithm(crypt,'sha512');
CkCrypt2_putEncodingMode(crypt,'hex');
myPassword := 'my-password';
passwordHash := CkCrypt2__hashStringENC(crypt,myPassword);

// Generate a random request ID like "RID215118906689"
prng := CkPrng_Create();
sbRequestId := CkStringBuilder_Create();
CkStringBuilder_Append(sbRequestId,'RID');
CkStringBuilder_Append(sbRequestId,CkPrng__randomString(prng,12,True,False,False));
Memo1.Lines.Add('generated requestId = ' + CkStringBuilder__getAsString(sbRequestId));

// Calculate the requestSignature
CkCrypt2_putHashAlgorithm(crypt,'sha3-512');
signatureKey := 'ce-8f5e-215119fa7dd621DLMRHRLH2S';

sbFinalHashBase := CkStringBuilder_Create();

// First append the timestamp because we are going to remove certain chars/parts.
CkStringBuilder_Append(sbFinalHashBase,CkDateTime__getAsTimestamp(dtNow,False));
numReplaced := CkStringBuilder_Replace(sbFinalHashBase,'Z','');
numReplaced := CkStringBuilder_Replace(sbFinalHashBase,'-','');
numReplaced := CkStringBuilder_Replace(sbFinalHashBase,':','');
numReplaced := CkStringBuilder_Replace(sbFinalHashBase,'T','');

// Prepend the requestId and append the signatureKey
CkStringBuilder_Prepend(sbFinalHashBase,CkStringBuilder__getAsString(sbRequestId));
CkStringBuilder_Append(sbFinalHashBase,signatureKey);

requestSignature := CkCrypt2__hashStringENC(crypt,CkStringBuilder__getAsString(sbFinalHashBase));

xml := CkXml_Create();
CkXml_putTag(xml,'TokenExchangeRequest');
CkXml_AddAttribute(xml,'xmlns','http://schemas.nav.gov.hu/OSA/2.0/api');
CkXml_UpdateChildContent(xml,'header|requestId',CkStringBuilder__getAsString(sbRequestId));
CkXml_UpdateChildContent(xml,'header|timestamp',CkDateTime__getAsTimestamp(dtNow,False));
CkXml_UpdateChildContent(xml,'header|requestVersion','2.0');
CkXml_UpdateChildContent(xml,'header|headerVersion','1.0');
CkXml_UpdateChildContent(xml,'user|login','lwilsmn0uqdxe6u');
CkXml_UpdateChildContent(xml,'user|passwordHash',passwordHash);
CkXml_UpdateChildContent(xml,'user|taxNumber','11111111');
CkXml_UpdateChildContent(xml,'user|requestSignature',requestSignature);
CkXml_UpdateChildContent(xml,'software|softwareId','123456789123456789');
CkXml_UpdateChildContent(xml,'software|softwareName','string');
CkXml_UpdateChildContent(xml,'software|softwareOperation','LOCAL_SOFTWARE');
CkXml_UpdateChildContent(xml,'software|softwareMainVersion','string');
CkXml_UpdateChildContent(xml,'software|softwareDevName','string');
CkXml_UpdateChildContent(xml,'software|softwareDevContact','string');
CkXml_UpdateChildContent(xml,'software|softwareDevCountryCode','HU');
CkXml_UpdateChildContent(xml,'software|softwareDevTaxNumber','string');

// POST the XML to https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange
http := CkHttp_Create();
CkHttp_putAccept(http,'application/xml');
endpoint := 'https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange';
resp := CkHttpResponse_Create();
success := CkHttp_HttpStr(http,'POST',endpoint,CkXml__getXml(xml),'utf-8','application/xml',resp);
if (success = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

Memo1.Lines.Add('Response status code = ' + IntToStr(CkHttpResponse_getStatusCode(resp)));

respXml := CkXml_Create();
CkXml_LoadXml(respXml,CkHttpResponse__bodyStr(resp));
Memo1.Lines.Add('Response body:');
Memo1.Lines.Add(CkXml__getXml(respXml));

// Save our exchange token to a file to be used for subsequent requests.
CkXml_SaveXml(respXml,'qa_data/tokens/nav_exchange_token.xml');

// The result looks like this:

// <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
// <TokenExchangeResponse xmlns="http://schemas.nav.gov.hu/OSA/2.0/api" xmlns:ns2="http://schemas.nav.gov.hu/OSA/2.0/data">
//     <header>
//         <requestId>RID789246611489</requestId>
//         <timestamp>2020-03-25T14:14:36Z</timestamp>
//         <requestVersion>2.0</requestVersion>
//         <headerVersion>1.0</headerVersion>
//     </header>
//     <result>
//         <funcCode>OK</funcCode>
//     </result>
//     <software>
//         <softwareId>123456789123456789</softwareId>
//         <softwareName>string</softwareName>
//         <softwareOperation>LOCAL_SOFTWARE</softwareOperation>
//         <softwareMainVersion>string</softwareMainVersion>
//         <softwareDevName>string</softwareDevName>
//         <softwareDevContact>string</softwareDevContact>
//         <softwareDevCountryCode>HU</softwareDevCountryCode>
//         <softwareDevTaxNumber>string</softwareDevTaxNumber>
//     </software>
//     <encodedExchangeToken>2lR5v57Tl ... 9n4tIWCYgjKQ==</encodedExchangeToken>
//     <tokenValidityFrom>2020-03-25T15:14:36.987+01:00</tokenValidityFrom>
//     <tokenValidityTo>2020-03-25T15:19:36.987+01:00</tokenValidityTo>
// </TokenExchangeResponse>

// Use this online tool to generate parsing code from sample XML: 
// Generate Parsing Code from XML

TokenExchangeResponse_xmlns := CkXml__getAttrValue(respXml,'xmlns');
TokenExchangeResponse_xmlns_ns2 := CkXml__getAttrValue(respXml,'xmlns:ns2');
requestId := CkXml__getChildContent(respXml,'header|requestId');
timestamp := CkXml__getChildContent(respXml,'header|timestamp');
requestVersion := CkXml__getChildContent(respXml,'header|requestVersion');
headerVersion := CkXml__getChildContent(respXml,'header|headerVersion');
funcCode := CkXml__getChildContent(respXml,'result|funcCode');
softwareId := CkXml__getChildContent(respXml,'software|softwareId');
softwareName := CkXml__getChildContent(respXml,'software|softwareName');
softwareOperation := CkXml__getChildContent(respXml,'software|softwareOperation');
softwareMainVersion := CkXml__getChildContent(respXml,'software|softwareMainVersion');
softwareDevName := CkXml__getChildContent(respXml,'software|softwareDevName');
softwareDevContact := CkXml__getChildContent(respXml,'software|softwareDevContact');
softwareDevCountryCode := CkXml__getChildContent(respXml,'software|softwareDevCountryCode');
softwareDevTaxNumber := CkXml__getChildContent(respXml,'software|softwareDevTaxNumber');
encodedExchangeToken := CkXml__getChildContent(respXml,'encodedExchangeToken');
tokenValidityFrom := CkXml__getChildContent(respXml,'tokenValidityFrom');
tokenValidityTo := CkXml__getChildContent(respXml,'tokenValidityTo');

CkCrypt2_Dispose(crypt);
CkDateTime_Dispose(dtNow);
CkPrng_Dispose(prng);
CkStringBuilder_Dispose(sbRequestId);
CkStringBuilder_Dispose(sbFinalHashBase);
CkXml_Dispose(xml);
CkHttp_Dispose(http);
CkHttpResponse_Dispose(resp);
CkXml_Dispose(respXml);

end;