(C++) HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <CkCert.h>
#include <CkXml.h>
#include <CkXmlDSigGen.h>
#include <CkStringBuilder.h>
#include <CkHttp.h>
#include <CkHttpResponse.h>

void ChilkatSample(void)
    {
    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // 

    // ------------------------------------
    // Step 1: Load the signing certificate
    // ------------------------------------
    CkCert cert;
    bool success = cert.LoadFromSmartcard("");
    if (success == false) {
        std::cout << cert.lastErrorText() << "\r\n";
        return;
    }

    // ---------------------------------------
    // Step 2: Build the SOAP XML to be signed
    // ---------------------------------------

    CkXml xml;
    xml.put_Tag("SOAP-ENV:Envelope");
    xml.AddAttribute("xmlns:SOAP-ENV","http://schemas.xmlsoap.org/soap/envelope/");
    xml.AddAttribute("xmlns:web","http://www.example.com/webservice/");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:ds","http://www.w3.org/2000/09/xmldsig#");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:xenc","http://www.w3.org/2001/04/xmlenc#");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"SOAP-ENV:mustUnderstand","1");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"A1","");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"EncodingType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"wsu:Id","x509cert00");
    xml.UpdateChildContent("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",cert.getEncoded());
    xml.UpdateAttrAt("SOAP-ENV:Body",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Body",true,"wsu:Id","TheBody");
    xml.UpdateChildContent("SOAP-ENV:Body|web:MyRequest|web:Parameter","MyValue");

    // ---------------------------------------
    // Step 3: Sign the XML
    // ---------------------------------------

    CkXmlDSigGen gen;

    gen.put_SigLocation("SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security");
    gen.put_SigLocationMod(0);
    gen.put_SigNamespacePrefix("ds");
    gen.put_SigNamespaceUri("http://www.w3.org/2000/09/xmldsig#");
    gen.put_SignedInfoPrefixList("ds wsu xenc SOAP-ENV ");
    gen.put_IncNamespacePrefix("c14n");
    gen.put_IncNamespaceUri("http://www.w3.org/2001/10/xml-exc-c14n#");
    gen.put_SignedInfoCanonAlg("EXCL_C14N");
    gen.put_SignedInfoDigestMethod("sha1");

    // -------- Reference 1 --------
    gen.AddSameDocRef("TheBody","sha1","EXCL_C14N","wsu SOAP-ENV","");

    gen.SetX509Cert(cert,true);

    gen.put_KeyInfoType("Custom");

    // Create the custom KeyInfo XML..
    CkXml xmlCustomKeyInfo;
    xmlCustomKeyInfo.put_Tag("wsse:SecurityTokenReference");
    xmlCustomKeyInfo.put_Content("5");
    xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"URI","#x509cert00");
    xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509");

    xmlCustomKeyInfo.put_EmitXmlDecl(false);
    gen.put_CustomKeyInfoXml(xmlCustomKeyInfo.getXml());

    // Load XML to be signed...
    CkStringBuilder sbXml;
    xml.put_EmitXmlDecl(false);
    xml.GetXmlSb(sbXml);

    gen.put_Behaviors("IndentedSignature");

    // Sign the XML...
    success = gen.CreateXmlDSigSb(sbXml);
    if (success != true) {
        std::cout << gen.lastErrorText() << "\r\n";
        return;
    }

    // ---------------------------------------------------------
    // Step 4: Send the HTTP POST containing the Signed SOAP XML
    // ---------------------------------------------------------

    CkHttp http;

    http.SetRequestHeader("SOAPAction","\"http://www.example.com/MyWebService\"");
    http.SetRequestHeader("Host","www.example.com");
    http.SetRequestHeader("Content-Type","text/xml; charset=utf-8");

    CkHttpResponse *resp = http.PTextSb("POST","https://example.com/MyWebService",sbXml,"utf-8","text/xml; charset=utf-8",false,false);
    if (http.get_LastMethodSuccess() == false) {
        std::cout << http.lastErrorText() << "\r\n";
        return;
    }

    std::cout << resp->get_StatusCode() << "\r\n";
    std::cout << resp->bodyStr() << "\r\n";
    delete resp;

    std::cout << "Finished." << "\r\n";
    }