call Ms.com WS without WSE

  • Thread starter Thread starter casey chesnut
  • Start date Start date
C

casey chesnut

full framework if you dont want to install WSE.
or compact framework where it doesnt exist.
casey
----------------------------------------------------------------------------
------
//SecurityHeader.cs
using System;
using System.Xml;
using System.Xml.Serialization;
using System.Web.Services.Protocols;
using System.Text;

/*
//outgoing SoapHeader will look something like this
<wsse:Security soap:mustUnderstand="1"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">
<wsse:UsernameToken
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"
wsu:Id="SecurityToken-9cda5cb3-f5c6-4ddf-b9fa-30ff0bcc97f5">
<wsse:Username>PZh3EOz8/GWV+PQel2OaZtrNv2x3/dBk</wsse:Username>
<wsse:Password
Type="wsse:PasswordDigest">aDmrV1Ek7pHKnFGiuc/WLQJMoiY=</wsse:Password>
<wsse:Nonce>rXl+0wUmcdMNbeMFmqGDiw==</wsse:Nonce>
<wsu:Created>2003-07-23T19:51:24Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>

//add public member to the auto gen'd webReference proxy
public bNb.WebServices.SecurityHeader securityHeader;

//add to WebMethod that will be called on auto gen'd webReference proxy
[System.Web.Services.Protocols.SoapHeaderAttribute("securityHeader")]

//change client code to set UsernameToken info
webReference.securityHeader = new bNb.WebServices.SecurityHeader();
webReference.securityHeader.UsernameToken.SetUserPass(username, password,
PasswordOption.SendHashed);

//Guid and Sha1 wrapper classes are needed based on platform:
//FULL FRAMEWORK
//guid = System.Guid.NewGuid();
//System.Security.Cryptography.SHA1CryptoServiceProvider sha1 = new
// System.Security.Cryptography.SHA1CryptoServiceProvider();
//bHash = sha1.ComputeHash(buffer);
//COMPACT FRAMEWORK
//guid - http://smartdevices.microsoftdev.com/Learn/Articles/507.aspx
//sha1 - http://www.learnmobile.net/MobileClient/Tutorials/cfWSE/
*/

namespace bNb
{
[XmlRoot(Namespace=NsConstants.wsse, ElementName="Security")]
public class SecurityHeader : SoapHeader
{
public SecurityHeader()
{
this.MustUnderstand = true;
this.UsernameToken = new UsernameToken();
}

[XmlElement(Namespace=NsConstants.wsse)]
public UsernameToken UsernameToken;
}

public class UsernameToken
{
public UsernameToken() {}

public void SetUserPass(string username, string password, PasswordOption
passType)
{
this.Username = username;

System.Guid g = Guid.NewGuid();
this.Id = "SecurityToken-" + g.ToString("D");

if(passType == PasswordOption.SendNone)
{
this.Password = null;
}

this.Password = new Password();

if(passType == PasswordOption.SendPlainText)
{
this.Password.Type = "wsse:PasswordText";
this.Password.Text = password;
}

if(passType == PasswordOption.SendHashed)
{
this.Password.Type = "wsse:PasswordDigest";

DateTime dtCreated = DateTime.UtcNow;
this.Created = XmlConvert.ToString(dtCreated, "yyyy-MM-ddTHH:mm:ssZ");
byte [] baCreated = Encoding.UTF8.GetBytes(this.Created);

//TODO crypto strength random number generator
this.Nonce = new Nonce();
Random r = new Random(Environment.TickCount);
byte [] baNonce = new byte[20];
r.NextBytes(baNonce);
this.Nonce.Text = Convert.ToBase64String(baNonce, 0, baNonce.Length);

byte [] baPassword = Encoding.UTF8.GetBytes(password);

int baDigestLength = baNonce.Length + baCreated.Length +
baPassword.Length;
byte [] baDigest = new byte[baDigestLength];
Array.Copy(baNonce, 0, baDigest, 0, baNonce.Length);
Array.Copy(baCreated, 0, baDigest, baNonce.Length, baCreated.Length);
Array.Copy(baPassword, 0, baDigest, baNonce.Length + baCreated.Length,
baPassword.Length);
byte [] hash = Sha1.ComputeHash(baDigest);

this.Password.Text = Convert.ToBase64String(hash, 0, hash.Length);
}
}

//required
[XmlElement(Namespace=NsConstants.wsse)]
public string Username;
[XmlAttribute(Namespace=NsConstants.wsu)]
public string Id;

//optional
[XmlElement(Namespace=NsConstants.wsse)]
public Password Password;
[XmlElement(Namespace=NsConstants.wsse)]
public Nonce Nonce;
[XmlElement(Namespace=NsConstants.wsu)]
public string Created;
}

public class Nonce
{
public Nonce(){}

[XmlText()]
public string Text;
//TODO handle hexEncode scenario
[XmlAttribute()]
public string EncodingType;
}

public class Password
{
public Password() {}

[XmlText()]
public string Text;
[XmlAttribute()]
public string Type;
}

public class NsConstants
{
public const string wsse = "http://schemas.xmlsoap.org/ws/2002/07/secext";
public const string wsu = "http://schemas.xmlsoap.org/ws/2002/07/utility";
}

public enum PasswordOption
{
SendHashed,
SendNone,
SendPlainText,
}

public enum EncodingType
{
Base64Binary,
HexBinary,
}
}
 
Back
Top