Sample code for 30+ languages & platforms
Unicode C

Get E-way Bill System Access Token

See more HTTP Misc Examples

Sends a request to get an E-way bill system access token.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkPublicKeyW.h>
#include <C_CkRsaW.h>
#include <C_CkPrngW.h>
#include <C_CkJsonObjectW.h>
#include <C_CkHttpW.h>
#include <C_CkHttpResponseW.h>
#include <C_CkStringBuilderW.h>
#include <C_CkCrypt2W.h>
#include <C_CkBinDataW.h>
#include <C_CkFileAccessW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkPublicKeyW pubkey;
    const wchar_t *password;
    HCkRsaW rsa;
    const wchar_t *encPassword;
    HCkPrngW prng;
    const wchar_t *app_key;
    const wchar_t *encAppKey;
    HCkJsonObjectW jsonBody;
    HCkHttpW http;
    HCkHttpResponseW resp;
    int respStatusCode;
    HCkJsonObjectW json;
    int status;
    HCkStringBuilderW sbError;
    const wchar_t *authToken;
    HCkCrypt2W crypt;
    HCkBinDataW bdSek;
    HCkJsonObjectW jsonEwayAuth;
    HCkFileAccessW fac;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // First load the public key provided by the E-way bill System
    pubkey = CkPublicKeyW_Create();
    success = CkPublicKeyW_LoadFromFile(pubkey,L"qa_data/pem/eway_publickey.pem");
    if (success == FALSE) {
        wprintf(L"%s\n",CkPublicKeyW_lastErrorText(pubkey));
        CkPublicKeyW_Dispose(pubkey);
        return;
    }

    // Encrypt the password using the RSA public key provided by eway..
    password = L"my_wepgst_password";
    rsa = CkRsaW_Create();
    CkRsaW_putCharset(rsa,L"utf-8");
    CkRsaW_putEncodingMode(rsa,L"base64");

    success = CkRsaW_UsePublicKey(rsa,pubkey);
    if (success == FALSE) {
        wprintf(L"%s\n",CkRsaW_lastErrorText(rsa));
        CkPublicKeyW_Dispose(pubkey);
        CkRsaW_Dispose(rsa);
        return;
    }

    // Returns the encrypted password as base64 (because the EncodingMode = "base64")
    encPassword = CkRsaW_encryptStringENC(rsa,password,FALSE);
    if (CkRsaW_getLastMethodSuccess(rsa) == FALSE) {
        wprintf(L"%s\n",CkRsaW_lastErrorText(rsa));
        CkPublicKeyW_Dispose(pubkey);
        CkRsaW_Dispose(rsa);
        return;
    }

    // Generate a random app_key.  This should be 32 bytes (us-ascii chars)
    // We need 32 bytes because we'll be doing 256-bit AES ECB encryption, and 32 bytes = 256 bits.
    prng = CkPrngW_Create();
    // Generate a random string containing some numbers, uppercase, and lowercase.
    app_key = CkPrngW_randomString(prng,32,TRUE,TRUE,TRUE);

    wprintf(L"app_key = %s\n",app_key);

    // RSA encrypt the app_key.
    encAppKey = CkRsaW_encryptStringENC(rsa,app_key,FALSE);
    if (CkRsaW_getLastMethodSuccess(rsa) == FALSE) {
        wprintf(L"%s\n",CkRsaW_lastErrorText(rsa));
        CkPublicKeyW_Dispose(pubkey);
        CkRsaW_Dispose(rsa);
        CkPrngW_Dispose(prng);
        return;
    }

    // Prepare the JSON body for the HTTP POST that gets the access token.
    jsonBody = CkJsonObjectW_Create();
    CkJsonObjectW_UpdateString(jsonBody,L"action",L"ACCESSTOKEN");
    // Use your username instead of "09ABDC24212B1FK".
    CkJsonObjectW_UpdateString(jsonBody,L"username",L"09ABDC24212B1FK");
    CkJsonObjectW_UpdateString(jsonBody,L"password",encPassword);
    CkJsonObjectW_UpdateString(jsonBody,L"app_key",encAppKey);

    http = CkHttpW_Create();

    // Add required headers.
    // Use your ewb-user-id instead of "03AEXPR16A9M010"
    CkHttpW_SetRequestHeader(http,L"ewb-user-id",L"03AEXPR16A9M010");
    // The Gstin should be the same as the username in the jsonBody above.
    CkHttpW_SetRequestHeader(http,L"Gstin",L"09ABDC24212B1FK");
    CkHttpW_putAccept(http,L"application/json");

    // POST the JSON...
    resp = CkHttpResponseW_Create();
    success = CkHttpW_HttpJson(http,L"POST",L"http://ewb.wepgst.com/api/Authenticate",jsonBody,L"application/json",resp);
    if (success == FALSE) {
        wprintf(L"%s\n",CkHttpW_lastErrorText(http));
        CkPublicKeyW_Dispose(pubkey);
        CkRsaW_Dispose(rsa);
        CkPrngW_Dispose(prng);
        CkJsonObjectW_Dispose(jsonBody);
        CkHttpW_Dispose(http);
        CkHttpResponseW_Dispose(resp);
        return;
    }

    respStatusCode = CkHttpResponseW_getStatusCode(resp);
    wprintf(L"response status code =%d\n",respStatusCode);
    wprintf(L"response body:\n");
    wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));

    if (respStatusCode != 200) {
        wprintf(L"Failed in some unknown way.\n");
        CkPublicKeyW_Dispose(pubkey);
        CkRsaW_Dispose(rsa);
        CkPrngW_Dispose(prng);
        CkJsonObjectW_Dispose(jsonBody);
        CkHttpW_Dispose(http);
        CkHttpResponseW_Dispose(resp);
        return;
    }

    // When the response status code = 200, we'll have either
    // success response like this:
    //  {"status":"1","authtoken":"...","sek":"..."}
    // 
    // or a failed response like this:
    // 
    // {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}

    // Load the response body into a JSON object.
    json = CkJsonObjectW_Create();
    CkJsonObjectW_Load(json,CkHttpResponseW_bodyStr(resp));

    status = CkJsonObjectW_IntOf(json,L"status");
    wprintf(L"status = %d\n",status);

    if (status != 1) {
        // Failed.  Base64 decode the error
        // {"status":"0","error":"eyJlcnJvckNvZGVzIjoiMTA4In0="}
        // For an invalid password, the error is: {"errorCodes":"108"}
        sbError = CkStringBuilderW_Create();
        CkJsonObjectW_StringOfSb(json,L"error",sbError);
        CkStringBuilderW_Decode(sbError,L"base64",L"utf-8");
        wprintf(L"error: %s\n",CkStringBuilderW_getAsString(sbError));
        CkPublicKeyW_Dispose(pubkey);
        CkRsaW_Dispose(rsa);
        CkPrngW_Dispose(prng);
        CkJsonObjectW_Dispose(jsonBody);
        CkHttpW_Dispose(http);
        CkHttpResponseW_Dispose(resp);
        CkJsonObjectW_Dispose(json);
        CkStringBuilderW_Dispose(sbError);
        return;
    }

    // At this point, we know the request was entirely successful.
    authToken = CkJsonObjectW_stringOf(json,L"authtoken");

    // Decrypt the sek key using our app_key.
    crypt = CkCrypt2W_Create();
    CkCrypt2W_putCryptAlgorithm(crypt,L"aes");
    CkCrypt2W_putCipherMode(crypt,L"ecb");
    CkCrypt2W_putKeyLength(crypt,256);
    CkCrypt2W_SetEncodedKey(crypt,app_key,L"us-ascii");
    CkCrypt2W_putEncodingMode(crypt,L"base64");

    bdSek = CkBinDataW_Create();
    CkBinDataW_AppendEncoded(bdSek,CkJsonObjectW_stringOf(json,L"sek"),L"base64");
    CkCrypt2W_DecryptBd(crypt,bdSek);

    // bdSek now contains the decrypted symmetric encryption key...
    // We'll use it to encrypt the JSON payloads we send.

    // Let's persist our authtoken and decrypted sek (symmetric encryption key).
    // To send EWAY requests (such as to create an e-way bill), we'll just load 
    // and use these pre-obtained credentials.
    jsonEwayAuth = CkJsonObjectW_Create();
    CkJsonObjectW_UpdateString(jsonEwayAuth,L"authToken",authToken);
    CkJsonObjectW_UpdateString(jsonEwayAuth,L"decryptedSek",CkBinDataW_getEncoded(bdSek,L"base64"));
    CkJsonObjectW_putEmitCompact(jsonEwayAuth,FALSE);

    fac = CkFileAccessW_Create();
    CkFileAccessW_WriteEntireTextFile(fac,L"qa_data/tokens/ewayAuth.json",CkJsonObjectW_emit(jsonEwayAuth),L"utf-8",FALSE);

    wprintf(L"Saved:\n");
    wprintf(L"%s\n",CkJsonObjectW_emit(jsonEwayAuth));

    // Sample output:
    // {
    //   "authToken": "IBTeFtxNfVurg71LTzZ2r0xK7",
    //   "decryptedSek": "5g1TyTie7yoslU3DrbYATa7mWyPazlODE7cEh5Vy4Ho="
    // 


    CkPublicKeyW_Dispose(pubkey);
    CkRsaW_Dispose(rsa);
    CkPrngW_Dispose(prng);
    CkJsonObjectW_Dispose(jsonBody);
    CkHttpW_Dispose(http);
    CkHttpResponseW_Dispose(resp);
    CkJsonObjectW_Dispose(json);
    CkStringBuilderW_Dispose(sbError);
    CkCrypt2W_Dispose(crypt);
    CkBinDataW_Dispose(bdSek);
    CkJsonObjectW_Dispose(jsonEwayAuth);
    CkFileAccessW_Dispose(fac);

    }