Sample code for 30+ languages & platforms
Delphi ActiveX

Get E-way Bill System Access Token

See more HTTP Misc Examples

Sends a request to get an E-way bill system access token.

Chilkat Delphi ActiveX Downloads

Delphi ActiveX
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
pubkey: TPublicKey;
password: WideString;
rsa: TChilkatRsa;
encPassword: WideString;
prng: TChilkatPrng;
app_key: WideString;
encAppKey: WideString;
jsonBody: TChilkatJsonObject;
http: TChilkatHttp;
resp: TChilkatHttpResponse;
respStatusCode: Integer;
json: TChilkatJsonObject;
status: Integer;
sbError: TChilkatStringBuilder;
authToken: WideString;
crypt: TChilkatCrypt2;
bdSek: TChilkatBinData;
jsonEwayAuth: TChilkatJsonObject;
fac: TCkFileAccess;

begin
success := 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First load the public key provided by the E-way bill System
pubkey := TPublicKey.Create(Self);
success := pubkey.LoadFromFile('qa_data/pem/eway_publickey.pem');
if (success = 0) then
  begin
    Memo1.Lines.Add(pubkey.LastErrorText);
    Exit;
  end;

// Encrypt the password using the RSA public key provided by eway..
password := 'my_wepgst_password';
rsa := TChilkatRsa.Create(Self);
rsa.Charset := 'utf-8';
rsa.EncodingMode := 'base64';

success := rsa.UsePublicKey(pubkey.ControlInterface);
if (success = 0) then
  begin
    Memo1.Lines.Add(rsa.LastErrorText);
    Exit;
  end;

// Returns the encrypted password as base64 (because the EncodingMode = "base64")
encPassword := rsa.EncryptStringENC(password,0);
if (rsa.LastMethodSuccess = 0) then
  begin
    Memo1.Lines.Add(rsa.LastErrorText);
    Exit;
  end;

// Generate a random app_key.  This should be 32 bytes (us-ascii chars)
// We need 32 bytes because we'll be doing 256-bit AES ECB encryption, and 32 bytes = 256 bits.
prng := TChilkatPrng.Create(Self);
// Generate a random string containing some numbers, uppercase, and lowercase.
app_key := prng.RandomString(32,1,1,1);

Memo1.Lines.Add('app_key = ' + app_key);

// RSA encrypt the app_key.
encAppKey := rsa.EncryptStringENC(app_key,0);
if (rsa.LastMethodSuccess = 0) then
  begin
    Memo1.Lines.Add(rsa.LastErrorText);
    Exit;
  end;

// Prepare the JSON body for the HTTP POST that gets the access token.
jsonBody := TChilkatJsonObject.Create(Self);
jsonBody.UpdateString('action','ACCESSTOKEN');
// Use your username instead of "09ABDC24212B1FK".
jsonBody.UpdateString('username','09ABDC24212B1FK');
jsonBody.UpdateString('password',encPassword);
jsonBody.UpdateString('app_key',encAppKey);

http := TChilkatHttp.Create(Self);

// Add required headers.
// Use your ewb-user-id instead of "03AEXPR16A9M010"
http.SetRequestHeader('ewb-user-id','03AEXPR16A9M010');
// The Gstin should be the same as the username in the jsonBody above.
http.SetRequestHeader('Gstin','09ABDC24212B1FK');
http.Accept := 'application/json';

// POST the JSON...
resp := TChilkatHttpResponse.Create(Self);
success := http.HttpJson('POST','http://ewb.wepgst.com/api/Authenticate',jsonBody.ControlInterface,'application/json',resp.ControlInterface);
if (success = 0) then
  begin
    Memo1.Lines.Add(http.LastErrorText);
    Exit;
  end;

respStatusCode := resp.StatusCode;
Memo1.Lines.Add('response status code =' + IntToStr(respStatusCode));
Memo1.Lines.Add('response body:');
Memo1.Lines.Add(resp.BodyStr);

if (respStatusCode <> 200) then
  begin
    Memo1.Lines.Add('Failed in some unknown way.');
    Exit;
  end;

// When the response status code = 200, we'll have either
// success response like this:
//  {"status":"1","authtoken":"...","sek":"..."}
// 
// or a failed response like this:
// 
// {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}

// Load the response body into a JSON object.
json := TChilkatJsonObject.Create(Self);
json.Load(resp.BodyStr);

status := json.IntOf('status');
Memo1.Lines.Add('status = ' + IntToStr(status));

if (status <> 1) then
  begin
    // Failed.  Base64 decode the error
    // {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}
    // For an invalid password, the error is: {"errorCodes":"108"}
    sbError := TChilkatStringBuilder.Create(Self);
    json.StringOfSb('error',sbError.ControlInterface);
    sbError.Decode('base64','utf-8');
    Memo1.Lines.Add('error: ' + sbError.GetAsString());
    Exit;
  end;

// At this point, we know the request was entirely successful.
authToken := json.StringOf('authtoken');

// Decrypt the sek key using our app_key.
crypt := TChilkatCrypt2.Create(Self);
crypt.CryptAlgorithm := 'aes';
crypt.CipherMode := 'ecb';
crypt.KeyLength := 256;
crypt.SetEncodedKey(app_key,'us-ascii');
crypt.EncodingMode := 'base64';

bdSek := TChilkatBinData.Create(Self);
bdSek.AppendEncoded(json.StringOf('sek'),'base64');
crypt.DecryptBd(bdSek.ControlInterface);

// bdSek now contains the decrypted symmetric encryption key...
// We'll use it to encrypt the JSON payloads we send.

// Let's persist our authtoken and decrypted sek (symmetric encryption key).
// To send EWAY requests (such as to create an e-way bill), we'll just load 
// and use these pre-obtained credentials.
jsonEwayAuth := TChilkatJsonObject.Create(Self);
jsonEwayAuth.UpdateString('authToken',authToken);
jsonEwayAuth.UpdateString('decryptedSek',bdSek.GetEncoded('base64'));
jsonEwayAuth.EmitCompact := 0;

fac := TCkFileAccess.Create(Self);
fac.WriteEntireTextFile('qa_data/tokens/ewayAuth.json',jsonEwayAuth.Emit(),'utf-8',0);

Memo1.Lines.Add('Saved:');
Memo1.Lines.Add(jsonEwayAuth.Emit());

// Sample output:
// {
//   "authToken": "IBTeFtxNfVurg71LTzZ2r0xK7",
//   "decryptedSek": "5g1TyTie7yoslU3DrbYATa7mWyPazlODE7cEh5Vy4Ho="
// 
end;