Sample code for 30+ languages & platforms
JavaScript

Get E-way Bill System Access Token

See more HTTP Misc Examples

Sends a request to get an E-way bill system access token.
Note
This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.
JavaScript
var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First load the public key provided by the E-way bill System
var pubkey = new CkPublicKey();
success = pubkey.LoadFromFile("qa_data/pem/eway_publickey.pem");
if (success == false) {
    console.log(pubkey.LastErrorText);
    return;
}

// Encrypt the password using the RSA public key provided by eway..
var password = "my_wepgst_password";
var rsa = new CkRsa();
rsa.Charset = "utf-8";
rsa.EncodingMode = "base64";

success = rsa.UsePublicKey(pubkey);
if (success == false) {
    console.log(rsa.LastErrorText);
    return;
}

// Returns the encrypted password as base64 (because the EncodingMode = "base64")
var encPassword = rsa.EncryptStringENC(password,false);
if (rsa.LastMethodSuccess == false) {
    console.log(rsa.LastErrorText);
    return;
}

// Generate a random app_key.  This should be 32 bytes (us-ascii chars)
// We need 32 bytes because we'll be doing 256-bit AES ECB encryption, and 32 bytes = 256 bits.
var prng = new CkPrng();
// Generate a random string containing some numbers, uppercase, and lowercase.
var app_key = prng.RandomString(32,true,true,true);

console.log("app_key = " + app_key);

// RSA encrypt the app_key.
var encAppKey = rsa.EncryptStringENC(app_key,false);
if (rsa.LastMethodSuccess == false) {
    console.log(rsa.LastErrorText);
    return;
}

// Prepare the JSON body for the HTTP POST that gets the access token.
var jsonBody = new CkJsonObject();
jsonBody.UpdateString("action","ACCESSTOKEN");
// Use your username instead of "09ABDC24212B1FK".
jsonBody.UpdateString("username","09ABDC24212B1FK");
jsonBody.UpdateString("password",encPassword);
jsonBody.UpdateString("app_key",encAppKey);

var http = new CkHttp();

// Add required headers.
// Use your ewb-user-id instead of "03AEXPR16A9M010"
http.SetRequestHeader("ewb-user-id","03AEXPR16A9M010");
// The Gstin should be the same as the username in the jsonBody above.
http.SetRequestHeader("Gstin","09ABDC24212B1FK");
http.Accept = "application/json";

// POST the JSON...
var resp = new CkHttpResponse();
success = http.HttpJson("POST","http://ewb.wepgst.com/api/Authenticate",jsonBody,"application/json",resp);
if (success == false) {
    console.log(http.LastErrorText);
    return;
}

var respStatusCode = resp.StatusCode;
console.log("response status code =" + respStatusCode);
console.log("response body:");
console.log(resp.BodyStr);

if (respStatusCode !== 200) {
    console.log("Failed in some unknown way.");
    return;
}

// When the response status code = 200, we'll have either
// success response like this:
//  {"status":"1","authtoken":"...","sek":"..."}
// 
// or a failed response like this:
// 
// {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}

// Load the response body into a JSON object.
var json = new CkJsonObject();
json.Load(resp.BodyStr);

var status = json.IntOf("status");
console.log("status = " + status);

if (status !== 1) {
    // Failed.  Base64 decode the error
    // {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}
    // For an invalid password, the error is: {"errorCodes":"108"}
    var sbError = new CkStringBuilder();
    json.StringOfSb("error",sbError);
    sbError.Decode("base64","utf-8");
    console.log("error: " + sbError.GetAsString());
    return;
}

// At this point, we know the request was entirely successful.
var authToken = json.StringOf("authtoken");

// Decrypt the sek key using our app_key.
var crypt = new CkCrypt2();
crypt.CryptAlgorithm = "aes";
crypt.CipherMode = "ecb";
crypt.KeyLength = 256;
crypt.SetEncodedKey(app_key,"us-ascii");
crypt.EncodingMode = "base64";

var bdSek = new CkBinData();
bdSek.AppendEncoded(json.StringOf("sek"),"base64");
crypt.DecryptBd(bdSek);

// bdSek now contains the decrypted symmetric encryption key...
// We'll use it to encrypt the JSON payloads we send.

// Let's persist our authtoken and decrypted sek (symmetric encryption key).
// To send EWAY requests (such as to create an e-way bill), we'll just load 
// and use these pre-obtained credentials.
var jsonEwayAuth = new CkJsonObject();
jsonEwayAuth.UpdateString("authToken",authToken);
jsonEwayAuth.UpdateString("decryptedSek",bdSek.GetEncoded("base64"));
jsonEwayAuth.EmitCompact = false;

var fac = new CkFileAccess();
fac.WriteEntireTextFile("qa_data/tokens/ewayAuth.json",jsonEwayAuth.Emit(),"utf-8",false);

console.log("Saved:");
console.log(jsonEwayAuth.Emit());

// Sample output:
// {
//   "authToken": "IBTeFtxNfVurg71LTzZ2r0xK7",
//   "decryptedSek": "5g1TyTie7yoslU3DrbYATa7mWyPazlODE7cEh5Vy4Ho="
//