PureBasic
PureBasic
Sign ITIDA JSON and Send to ETA (Egypt Tax Authority) Portal
See more Egypt ITIDA Examples
Demonstrates how to ITIDA canonicalize JSON, create signature, and send to the ETA Portal.Chilkat PureBasic Downloads
IncludeFile "CkJsonObject.pb"
IncludeFile "CkHttpRequest.pb"
IncludeFile "CkHttp.pb"
IncludeFile "CkCrypt2.pb"
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkHttpResponse.pb"
IncludeFile "CkCert.pb"
Procedure ChilkatExample()
success.i = 0
; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
crypt.i = CkCrypt2::ckCreate()
If crypt.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkCrypt2::setCkVerboseLogging(crypt, 1)
cert.i = CkCert::ckCreate()
If cert.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkCert::setCkVerboseLogging(cert, 1)
; Set the smart card PIN, which will be needed for signing.
CkCert::setCkSmartCardPin(cert, "12345678")
; There are many ways to load the certificate.
; This example was created for a customer using an ePass2003 USB token.
; Assuming the USB token is the only source of a hardware-based private key..
success = CkCert::ckLoadFromSmartcard(cert,"")
If success = 0
Debug CkCert::ckLastErrorText(cert)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; Tell the crypt class to use this cert.
success = CkCrypt2::ckSetSigningCert(crypt,cert)
If success = 0
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
cmsOptions.i = CkJsonObject::ckCreate()
If cmsOptions.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Setting "DigestData" causes OID 1.2.840.113549.1.7.5 (digestData) to be used.
CkJsonObject::ckUpdateBool(cmsOptions,"DigestData",1)
CkJsonObject::ckUpdateBool(cmsOptions,"OmitAlgorithmIdNull",1)
; Indicate that we are passing normal JSON and we want Chilkat do automatically
; do the ITIDA JSON canonicalization:
CkJsonObject::ckUpdateBool(cmsOptions,"CanonicalizeITIDA",1)
CkCrypt2::setCkCmsOptions(crypt, CkJsonObject::ckEmit(cmsOptions))
; The CadesEnabled property applies to all methods that create CMS/PKCS7 signatures.
; To create a CAdES-BES signature, set this property equal to true.
CkCrypt2::setCkCadesEnabled(crypt, 1)
CkCrypt2::setCkHashAlgorithm(crypt, "sha256")
jsonSigningAttrs.i = CkJsonObject::ckCreate()
If jsonSigningAttrs.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::ckUpdateInt(jsonSigningAttrs,"contentType",1)
CkJsonObject::ckUpdateInt(jsonSigningAttrs,"signingTime",1)
CkJsonObject::ckUpdateInt(jsonSigningAttrs,"messageDigest",1)
CkJsonObject::ckUpdateInt(jsonSigningAttrs,"signingCertificateV2",1)
CkCrypt2::setCkSigningAttributes(crypt, CkJsonObject::ckEmit(jsonSigningAttrs))
; By default, all the certs in the chain of authentication are included in the signature.
; If desired, we can choose to only include the signing certificate:
CkCrypt2::setCkIncludeCertChain(crypt, 0)
; Pass a JSON document such as the following. Chilkat will do the ITIDA canonicalization.
; (It is the canonicalized JSON that gets signed.)
; Note: The JSON should NOT begin with "{ "documents" : [ ..."
; {
; "issuer":{
; "address":{
; "branchID":"0",
; "country":"EG",
; "regionCity":"Cairo",
; "postalCode":"",
; "buildingNumber":"0",
; "street":"123rd Street",
; "governate":"GOVERNATE"
; },
; "type":"B",
; "id":"209999899",
; "name":"Xyz SAE"
; },
; "receiver":{
; "address":{
; "country":"EG",
; "regionCity":"CAIRO",
; "postalCode":"11435",
; "buildingNumber":"0",
; "street":"Autostrad Road Abc",
; "governate":"GOVERNATE"
; },
; "type":"B",
; "id":"999999999",
; "name":"XYZ EGYPT FOR TRADE"
; },
; "documentType":"I",
; "documentTypeVersion":"1.0",
; "dateTimeIssued":"2020-11-15T11:04:53Z",
; "taxpayerActivityCode":"1073",
; "internalID":"ZZZZ999",
; "purchaseOrderReference":"2009199918",
; "salesOrderReference":"",
; "payment":{
; "bankName":"",
; "bankAddress":"",
; "bankAccountNo":"",
; "bankAccountIBAN":"",
; "swiftCode":"",
; "terms":""
; },
; "delivery":{
; "approach":"",
; "packaging":"",
; "dateValidity":"",
; "exportPort":"",
; "countryOfOrigin":"EG",
; "grossWeight":0,
; "netWeight":0,
; "terms":""
; },
; "invoiceLines":[
; {
; "description":"CDM Widget 48GX99X12BA",
; "itemType":"GS1",
; "itemCode":"7622213335056",
; "unitType":"CS",
; "quantity":1.00,
; "unitValue":{
; "currencySold":"EGP",
; "amountEGP":588.67,
; "amountSold":0,
; "currencyExchangeRate":0
; },
; "salesTotal":588.67,
; "total":603.97,
; "valueDifference":0,
; "totalTaxableFees":0,
; "netTotal":529.8,
; "itemsDiscount":0,
; "discount":{
; "rate":10.00,
; "amount":58.87
; },
; "taxableItems":[
; {
; "taxType":"T1",
; "amount":74.17,
; "subType":"No sub",
; "rate":14.00
; }
; ],
; "internalCode":"9099994"
; }
; ],
; "totalSales":588.67,
; "totalSalesAmount":588.67,
; "totalDiscountAmount":58.87,
; "netAmount":529.80,
; "taxTotals":[
; {
; "taxType":"T1",
; "amount":74.17
; }
; ],
; "extraDiscountAmount":0,
; "totalItemsDiscountAmount":0,
; "totalAmount":603.97,
; }
; Create the CAdES-BES signature.
CkCrypt2::setCkEncodingMode(crypt, "base64")
; Make sure we sign the utf-8 byte representation of the JSON string
CkCrypt2::setCkCharset(crypt, "utf-8")
jsonInvoice.s = "{ ... }"
sigBase64.s = CkCrypt2::ckSignStringENC(crypt,jsonInvoice)
If CkCrypt2::ckLastMethodSuccess(crypt) = 0
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(cmsOptions)
CkJsonObject::ckDispose(jsonSigningAttrs)
ProcedureReturn
EndIf
Debug "Base64 signature:"
Debug sigBase64
; Insert the base64 signature into the JSON to be sent
json.i = CkJsonObject::ckCreate()
If json.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::ckLoad(json,jsonInvoice)
CkJsonObject::ckUpdateString(json,"signatures[0].signatureType","I")
CkJsonObject::ckUpdateString(json,"signatures[0].value",sigBase64)
CkJsonObject::setCkEmitCompact(json, 1)
; Wrap the JSON in {"documents":[ ... ]}
sbToSend.i = CkStringBuilder::ckCreate()
If sbToSend.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkStringBuilder::ckAppend(sbToSend,"{" + Chr(34) + "documents" + Chr(34) + ":[")
CkStringBuilder::ckAppend(sbToSend,CkJsonObject::ckEmit(json))
CkStringBuilder::ckAppend(sbToSend,"]}")
; ------------------------------------------------------------------------
; Get an access token using our client ID and client secret key
clientId.s = "abc999ff-1234"
clientSecretKey.s = "123fff22-1234-abcd"
http.i = CkHttp::ckCreate()
If http.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Causes the Authorization: Basic header to be added..
CkHttp::setCkLogin(http, clientId)
CkHttp::setCkPassword(http, clientSecretKey)
CkHttp::setCkBasicAuth(http, 1)
req.i = CkHttpRequest::ckCreate()
If req.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkHttpRequest::setCkHttpVerb(req, "POST")
CkHttpRequest::setCkPath(req, "/connect/token")
CkHttpRequest::setCkContentType(req, "application/x-www-form-urlencoded")
CkHttpRequest::ckAddParam(req,"grant_type","client_credentials")
CkHttpRequest::ckAddHeader(req,"Connection","close")
CkHttp::setCkAccept(http, "application/json")
resp.i = CkHttpResponse::ckCreate()
If resp.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkHttp::ckHttpReq(http,"https://id.preprod.eta.gov.eg/connect/token",req,resp)
If success = 0
Debug CkHttp::ckLastErrorText(http)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(cmsOptions)
CkJsonObject::ckDispose(jsonSigningAttrs)
CkJsonObject::ckDispose(json)
CkStringBuilder::ckDispose(sbToSend)
CkHttp::ckDispose(http)
CkHttpRequest::ckDispose(req)
CkHttpResponse::ckDispose(resp)
ProcedureReturn
EndIf
CkHttp::ckCloseAllConnections(http)
Debug "Response status code: " + Str(CkHttpResponse::ckStatusCode(resp))
Debug "Response body:"
Debug CkHttpResponse::ckBodyStr(resp)
If CkHttpResponse::ckStatusCode(resp) <> 200
Debug "Failed."
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(cmsOptions)
CkJsonObject::ckDispose(jsonSigningAttrs)
CkJsonObject::ckDispose(json)
CkStringBuilder::ckDispose(sbToSend)
CkHttp::ckDispose(http)
CkHttpRequest::ckDispose(req)
CkHttpResponse::ckDispose(resp)
ProcedureReturn
EndIf
jsonToken.i = CkJsonObject::ckCreate()
If jsonToken.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkJsonObject::ckLoad(jsonToken,CkHttpResponse::ckBodyStr(resp))
accessToken.s = CkJsonObject::ckStringOf(jsonToken,"access_token")
Debug "access_token = " + accessToken
; ------------------------------------------------------------------------
; Submit the signed JSON to the ETA (Egypt Tax Authority) Portal
; No longer sending basic authentication...
CkHttp::setCkLogin(http, "")
CkHttp::setCkPassword(http, "")
CkHttp::setCkBasicAuth(http, 0)
; Setting the AuthToken property causes the "Authorization: Bearer <token>" header to be added to each request.
CkHttp::setCkAuthToken(http, accessToken)
url.s = "https://api.preprod.invoicing.eta.gov.eg/api/v1/documentsubmissions"
jsonStr.s = CkStringBuilder::ckGetAsString(sbToSend)
success = CkHttp::ckHttpStr(http,"POST",url,jsonStr,"utf-8","application/json; charset=utf-8",resp)
If success = 0
Debug CkHttp::ckLastErrorText(http)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(cmsOptions)
CkJsonObject::ckDispose(jsonSigningAttrs)
CkJsonObject::ckDispose(json)
CkStringBuilder::ckDispose(sbToSend)
CkHttp::ckDispose(http)
CkHttpRequest::ckDispose(req)
CkHttpResponse::ckDispose(resp)
CkJsonObject::ckDispose(jsonToken)
ProcedureReturn
EndIf
Debug "Response status code: " + Str(CkHttpResponse::ckStatusCode(resp))
Debug "Response body:"
Debug CkHttpResponse::ckBodyStr(resp)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(cmsOptions)
CkJsonObject::ckDispose(jsonSigningAttrs)
CkJsonObject::ckDispose(json)
CkStringBuilder::ckDispose(sbToSend)
CkHttp::ckDispose(http)
CkHttpRequest::ckDispose(req)
CkHttpResponse::ckDispose(resp)
CkJsonObject::ckDispose(jsonToken)
ProcedureReturn
EndProcedure