(C++) Get E-way Bill System Access Token

Sends a request to get an E-way bill system access token.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <CkPublicKey.h>
#include <CkRsa.h>
#include <CkPrng.h>
#include <CkJsonObject.h>
#include <CkHttp.h>
#include <CkHttpResponse.h>
#include <CkStringBuilder.h>
#include <CkCrypt2.h>
#include <CkBinData.h>
#include <CkFileAccess.h>

void ChilkatSample(void)
    {
    //  This example requires the Chilkat API to have been previously unlocked.
    //  See Global Unlock Sample for sample code.

    //  First load the public key provided by the E-way bill System
    CkPublicKey pubkey;
    bool success = pubkey.LoadFromFile("qa_data/pem/eway_publickey.pem");
    if (success != true) {
        std::cout << pubkey.lastErrorText() << "\r\n";
        return;
    }

    //  Encrypt the password using the RSA public key provided by eway..
    const char *password = "my_wepgst_password";
    CkRsa rsa;
    rsa.put_Charset("utf-8");
    rsa.put_EncodingMode("base64");

    success = rsa.ImportPublicKeyObj(pubkey);
    if (success != true) {
        std::cout << rsa.lastErrorText() << "\r\n";
        return;
    }

    //  Returns the encrypted password as base64 (because the EncodingMode = "base64")
    const char *encPassword = rsa.encryptStringENC(password,false);
    if (rsa.get_LastMethodSuccess() != true) {
        std::cout << rsa.lastErrorText() << "\r\n";
        return;
    }

    //  Generate a random app_key.  This should be 32 bytes (us-ascii chars)
    //  We need 32 bytes because we'll be doing 256-bit AES ECB encryption, and 32 bytes = 256 bits.
    CkPrng prng;
    //  Generate a random string containing some numbers, uppercase, and lowercase.
    const char *app_key = prng.randomString(32,true,true,true);

    std::cout << "app_key = " << app_key << "\r\n";

    //  RSA encrypt the app_key.
    const char *encAppKey = rsa.encryptStringENC(app_key,false);
    if (rsa.get_LastMethodSuccess() != true) {
        std::cout << rsa.lastErrorText() << "\r\n";
        return;
    }

    //  Prepare the JSON body for the HTTP POST that gets the access token.
    CkJsonObject jsonBody;
    jsonBody.UpdateString("action","ACCESSTOKEN");
    //  Use your username instead of "09ABDC24212B1FK".
    jsonBody.UpdateString("username","09ABDC24212B1FK");
    jsonBody.UpdateString("password",encPassword);
    jsonBody.UpdateString("app_key",encAppKey);

    CkHttp http;

    //  Add required headers.
    //  Use your ewb-user-id instead of "03AEXPR16A9M010"
    http.SetRequestHeader("ewb-user-id","03AEXPR16A9M010");
    //  The Gstin should be the same as the username in the jsonBody above.
    http.SetRequestHeader("Gstin","09ABDC24212B1FK");
    http.put_Accept("application/json");

    //  POST the JSON...
    CkHttpResponse *resp = http.PostJson2("http://ewb.wepgst.com/api/Authenticate","application/json",jsonBody.emit());
    if (http.get_LastMethodSuccess() != true) {
        std::cout << http.lastErrorText() << "\r\n";
        return;
    }

    int respStatusCode = resp->get_StatusCode();
    std::cout << "response status code =" << respStatusCode << "\r\n";
    std::cout << "response body:" << "\r\n";
    std::cout << resp->bodyStr() << "\r\n";

    if (respStatusCode != 200) {
        delete resp;
        std::cout << "Failed in some unknown way." << "\r\n";
        return;
    }

    //  When the response status code = 200, we'll have either
    //  success response like this:
    //   {"status":"1","authtoken":"...","sek":"..."}
    // 
    //  or a failed response like this:
    // 
    //  {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}

    //  Load the response body into a JSON object.
    CkJsonObject json;
    json.Load(resp->bodyStr());
    delete resp;

    int status = json.IntOf("status");
    std::cout << "status = " << status << "\r\n";

    if (status != 1) {
        //  Failed.  Base64 decode the error
        // {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}
        //  For an invalid password, the error is: {"errorCodes":"108"}
        CkStringBuilder sbError;
        json.StringOfSb("error",sbError);
        sbError.Decode("base64","utf-8");
        std::cout << "error: " << sbError.getAsString() << "\r\n";
        return;
    }

    //  At this point, we know the request was entirely successful.
    const char *authToken = json.stringOf("authtoken");

    //  Decrypt the sek key using our app_key.
    CkCrypt2 crypt;
    crypt.put_CryptAlgorithm("aes");
    crypt.put_CipherMode("ecb");
    crypt.put_KeyLength(256);
    crypt.SetEncodedKey(app_key,"us-ascii");
    crypt.put_EncodingMode("base64");

    CkBinData bdSek;
    bdSek.AppendEncoded(json.stringOf("sek"),"base64");
    crypt.DecryptBd(bdSek);

    //  bdSek now contains the decrypted symmetric encryption key...
    //  We'll use it to encrypt the JSON payloads we send.

    //  Let's persist our authtoken and decrypted sek (symmetric encryption key).
    //  To send EWAY requests (such as to create an e-way bill), we'll just load
    //  and use these pre-obtained credentials.
    CkJsonObject jsonEwayAuth;
    jsonEwayAuth.UpdateString("authToken",authToken);
    jsonEwayAuth.UpdateString("decryptedSek",bdSek.getEncoded("base64"));
    jsonEwayAuth.put_EmitCompact(false);

    CkFileAccess fac;
    fac.WriteEntireTextFile("qa_data/tokens/ewayAuth.json",jsonEwayAuth.emit(),"utf-8",false);

    std::cout << "Saved:" << "\r\n";
    std::cout << jsonEwayAuth.emit() << "\r\n";

    //  Sample output:
    //  {
    //    "authToken": "IBTeFtxNfVurg71LTzZ2r0xK7",
    //    "decryptedSek": "5g1TyTie7yoslU3DrbYATa7mWyPazlODE7cEh5Vy4Ho="
    //  }
    }