Sample code for 30+ languages & platforms
PHP ActiveX

Get E-way Bill System Access Token

See more HTTP Misc Examples

Sends a request to get an E-way bill system access token.

Chilkat PHP ActiveX Downloads

PHP ActiveX
<?php

$success = 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First load the public key provided by the E-way bill System
$pubkey = new COM("Chilkat.PublicKey");
$success = $pubkey->LoadFromFile('qa_data/pem/eway_publickey.pem');
if ($success == 0) {
    print $pubkey->LastErrorText . "\n";
    exit;
}

// Encrypt the password using the RSA public key provided by eway..
$password = 'my_wepgst_password';
$rsa = new COM("Chilkat.Rsa");
$rsa->Charset = 'utf-8';
$rsa->EncodingMode = 'base64';

$success = $rsa->UsePublicKey($pubkey);
if ($success == 0) {
    print $rsa->LastErrorText . "\n";
    exit;
}

// Returns the encrypted password as base64 (because the EncodingMode = "base64")
$encPassword = $rsa->encryptStringENC($password,0);
if ($rsa->LastMethodSuccess == 0) {
    print $rsa->LastErrorText . "\n";
    exit;
}

// Generate a random app_key.  This should be 32 bytes (us-ascii chars)
// We need 32 bytes because we'll be doing 256-bit AES ECB encryption, and 32 bytes = 256 bits.
$prng = new COM("Chilkat.Prng");
// Generate a random string containing some numbers, uppercase, and lowercase.
$app_key = $prng->randomString(32,1,1,1);

print 'app_key = ' . $app_key . "\n";

// RSA encrypt the app_key.
$encAppKey = $rsa->encryptStringENC($app_key,0);
if ($rsa->LastMethodSuccess == 0) {
    print $rsa->LastErrorText . "\n";
    exit;
}

// Prepare the JSON body for the HTTP POST that gets the access token.
$jsonBody = new COM("Chilkat.JsonObject");
$jsonBody->UpdateString('action','ACCESSTOKEN');
// Use your username instead of "09ABDC24212B1FK".
$jsonBody->UpdateString('username','09ABDC24212B1FK');
$jsonBody->UpdateString('password',$encPassword);
$jsonBody->UpdateString('app_key',$encAppKey);

$http = new COM("Chilkat.Http");

// Add required headers.
// Use your ewb-user-id instead of "03AEXPR16A9M010"
$http->SetRequestHeader('ewb-user-id','03AEXPR16A9M010');
// The Gstin should be the same as the username in the jsonBody above.
$http->SetRequestHeader('Gstin','09ABDC24212B1FK');
$http->Accept = 'application/json';

// POST the JSON...
$resp = new COM("Chilkat.HttpResponse");
$success = $http->HttpJson('POST','http://ewb.wepgst.com/api/Authenticate',$jsonBody,'application/json',$resp);
if ($success == 0) {
    print $http->LastErrorText . "\n";
    exit;
}

$respStatusCode = $resp->StatusCode;
print 'response status code =' . $respStatusCode . "\n";
print 'response body:' . "\n";
print $resp->BodyStr . "\n";

if ($respStatusCode != 200) {
    print 'Failed in some unknown way.' . "\n";
    exit;
}

// When the response status code = 200, we'll have either
// success response like this:
//  {"status":"1","authtoken":"...","sek":"..."}
// 
// or a failed response like this:
// 
// {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}

// Load the response body into a JSON object.
$json = new COM("Chilkat.JsonObject");
$json->Load($resp->BodyStr);

$status = $json->IntOf('status');
print 'status = ' . $status . "\n";

if ($status != 1) {
    // Failed.  Base64 decode the error
    // {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}
    // For an invalid password, the error is: {"errorCodes":"108"}
    $sbError = new COM("Chilkat.StringBuilder");
    $json->StringOfSb('error',$sbError);
    $sbError->Decode('base64','utf-8');
    print 'error: ' . $sbError->getAsString() . "\n";
    exit;
}

// At this point, we know the request was entirely successful.
$authToken = $json->stringOf('authtoken');

// Decrypt the sek key using our app_key.
$crypt = new COM("Chilkat.Crypt2");
$crypt->CryptAlgorithm = 'aes';
$crypt->CipherMode = 'ecb';
$crypt->KeyLength = 256;
$crypt->SetEncodedKey($app_key,'us-ascii');
$crypt->EncodingMode = 'base64';

$bdSek = new COM("Chilkat.BinData");
$bdSek->AppendEncoded($json->stringOf('sek'),'base64');
$crypt->DecryptBd($bdSek);

// bdSek now contains the decrypted symmetric encryption key...
// We'll use it to encrypt the JSON payloads we send.

// Let's persist our authtoken and decrypted sek (symmetric encryption key).
// To send EWAY requests (such as to create an e-way bill), we'll just load 
// and use these pre-obtained credentials.
$jsonEwayAuth = new COM("Chilkat.JsonObject");
$jsonEwayAuth->UpdateString('authToken',$authToken);
$jsonEwayAuth->UpdateString('decryptedSek',$bdSek->getEncoded('base64'));
$jsonEwayAuth->EmitCompact = 0;

$fac = new COM("Chilkat.FileAccess");
$fac->WriteEntireTextFile('qa_data/tokens/ewayAuth.json',$jsonEwayAuth->emit(),'utf-8',0);

print 'Saved:' . "\n";
print $jsonEwayAuth->emit() . "\n";

// Sample output:
// {
//   "authToken": "IBTeFtxNfVurg71LTzZ2r0xK7",
//   "decryptedSek": "5g1TyTie7yoslU3DrbYATa7mWyPazlODE7cEh5Vy4Ho="
// 

?>