Sample code for 30+ languages & platforms
Node.js

Get E-way Bill System Access Token

See more HTTP Misc Examples

Sends a request to get an E-way bill system access token.

Chilkat Node.js Downloads

Node.js
NODEJS_PRELUDE

function chilkatExample() {

    var success = false;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // First load the public key provided by the E-way bill System
    var pubkey = new chilkat.PublicKey();
    success = pubkey.LoadFromFile("qa_data/pem/eway_publickey.pem");
    if (success == false) {
        console.log(pubkey.LastErrorText);
        return;
    }

    // Encrypt the password using the RSA public key provided by eway..
    var password = "my_wepgst_password";
    var rsa = new chilkat.Rsa();
    rsa.Charset = "utf-8";
    rsa.EncodingMode = "base64";

    success = rsa.UsePublicKey(pubkey);
    if (success == false) {
        console.log(rsa.LastErrorText);
        return;
    }

    // Returns the encrypted password as base64 (because the EncodingMode = "base64")
    var encPassword = rsa.EncryptStringENC(password,false);
    if (rsa.LastMethodSuccess == false) {
        console.log(rsa.LastErrorText);
        return;
    }

    // Generate a random app_key.  This should be 32 bytes (us-ascii chars)
    // We need 32 bytes because we'll be doing 256-bit AES ECB encryption, and 32 bytes = 256 bits.
    var prng = new chilkat.Prng();
    // Generate a random string containing some numbers, uppercase, and lowercase.
    var app_key = prng.RandomString(32,true,true,true);

    console.log("app_key = " + app_key);

    // RSA encrypt the app_key.
    var encAppKey = rsa.EncryptStringENC(app_key,false);
    if (rsa.LastMethodSuccess == false) {
        console.log(rsa.LastErrorText);
        return;
    }

    // Prepare the JSON body for the HTTP POST that gets the access token.
    var jsonBody = new chilkat.JsonObject();
    jsonBody.UpdateString("action","ACCESSTOKEN");
    // Use your username instead of "09ABDC24212B1FK".
    jsonBody.UpdateString("username","09ABDC24212B1FK");
    jsonBody.UpdateString("password",encPassword);
    jsonBody.UpdateString("app_key",encAppKey);

    var http = new chilkat.Http();

    // Add required headers.
    // Use your ewb-user-id instead of "03AEXPR16A9M010"
    http.SetRequestHeader("ewb-user-id","03AEXPR16A9M010");
    // The Gstin should be the same as the username in the jsonBody above.
    http.SetRequestHeader("Gstin","09ABDC24212B1FK");
    http.Accept = "application/json";

    // POST the JSON...
    var resp = new chilkat.HttpResponse();
    success = http.HttpJson("POST","http://ewb.wepgst.com/api/Authenticate",jsonBody,"application/json",resp);
    if (success == false) {
        console.log(http.LastErrorText);
        return;
    }

    var respStatusCode = resp.StatusCode;
    console.log("response status code =" + respStatusCode);
    console.log("response body:");
    console.log(resp.BodyStr);

    if (respStatusCode !== 200) {
        console.log("Failed in some unknown way.");
        return;
    }

    // When the response status code = 200, we'll have either
    // success response like this:
    //  {"status":"1","authtoken":"...","sek":"..."}
    // 
    // or a failed response like this:
    // 
    // {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}

    // Load the response body into a JSON object.
    var json = new chilkat.JsonObject();
    json.Load(resp.BodyStr);

    var status = json.IntOf("status");
    console.log("status = " + status);

    if (status !== 1) {
        // Failed.  Base64 decode the error
        // {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}
        // For an invalid password, the error is: {"errorCodes":"108"}
        var sbError = new chilkat.StringBuilder();
        json.StringOfSb("error",sbError);
        sbError.Decode("base64","utf-8");
        console.log("error: " + sbError.GetAsString());
        return;
    }

    // At this point, we know the request was entirely successful.
    var authToken = json.StringOf("authtoken");

    // Decrypt the sek key using our app_key.
    var crypt = new chilkat.Crypt2();
    crypt.CryptAlgorithm = "aes";
    crypt.CipherMode = "ecb";
    crypt.KeyLength = 256;
    crypt.SetEncodedKey(app_key,"us-ascii");
    crypt.EncodingMode = "base64";

    var bdSek = new chilkat.BinData();
    bdSek.AppendEncoded(json.StringOf("sek"),"base64");
    crypt.DecryptBd(bdSek);

    // bdSek now contains the decrypted symmetric encryption key...
    // We'll use it to encrypt the JSON payloads we send.

    // Let's persist our authtoken and decrypted sek (symmetric encryption key).
    // To send EWAY requests (such as to create an e-way bill), we'll just load 
    // and use these pre-obtained credentials.
    var jsonEwayAuth = new chilkat.JsonObject();
    jsonEwayAuth.UpdateString("authToken",authToken);
    jsonEwayAuth.UpdateString("decryptedSek",bdSek.GetEncoded("base64"));
    jsonEwayAuth.EmitCompact = false;

    var fac = new chilkat.FileAccess();
    fac.WriteEntireTextFile("qa_data/tokens/ewayAuth.json",jsonEwayAuth.Emit(),"utf-8",false);

    console.log("Saved:");
    console.log(jsonEwayAuth.Emit());

    // Sample output:
    // {
    //   "authToken": "IBTeFtxNfVurg71LTzZ2r0xK7",
    //   "decryptedSek": "5g1TyTie7yoslU3DrbYATa7mWyPazlODE7cEh5Vy4Ho="
    // 

}

chilkatExample();