• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Consuming WebServices in combination with oAuth2.0

Cecil

17+ years progress programming and still learning.
#1
Working on a new project that requires consuming WebServices (WSDL, not REST). However, I need to include some extra information in the HTTP Headers for the access token. But the ABL does not expose any methods with adding extra HTTP headers.

Apart from using sockets or OPENEDGE.HTTP.NET.PL and posting the SOAP payload myself, what are the alternatives??
 

Cecil

17+ years progress programming and still learning.
#3
Since the ABL does not support the SSL client certificate I use the .NET HttpWebRequest object. Obviously our client is running on Windoze.

On Solaris we use wget.

Can you explain a bit more about SSL client Certificate support issue, is that about using CA x.509 certificates??

Do you have any sample ABL code which uses NET HttpWebRequest>
 
#4
The ABl (at least with OE 11.6) does not support the SSL client certificate except for WebService calls. With standard HTTPS get and post requests you cannot use it. Here @ my employer we all login to our Windows 7 systems with a smartcard. During login to Windows the SSL client certificate residing on the smartcard is copied into Windows certificate store. Our single-sign-on infrastructure is based in CAs SiteMinder and each web server requests the SSL client certificate to be present for authentication.

Code:
define input authenticationUrl  as character   no-undo.  /* Authentication URL */
define input hostName           as character   no-undo.  /* Name of the host (DNS alias) */

define variable cookieContainer   as class CookieContainer    no-undo.
define variable cookieCollection  as class CookieCollection   no-undo.
define variable cookie            as class Cookie             no-undo.
define variable requestUri        as class Uri                no-undo.
define variable request           as class HttpWebRequest     no-undo.
define variable response          as class HttpWebResponse    no-undo.
define variable responseReader    as class StreamReader       no-undo.
define variable enumHelper1       as class System.Enum        no-undo.
define variable enumHelper2       as class System.Enum        no-undo.
define variable certificate        as class auth.ClientCertificate  no-undo.
define variable issoEndpoint       as class auth.ISSOEndpoint       no-undo.
define variable xmlContent         as longchar    no-undo.
define variable contentType        as character   no-undo.
define variable statusCode         as character   no-undo.
define variable statusDescription  as character   no-undo.
define variable debugFileName      as character   no-undo.
define variable cookieCount        as integer     no-undo.
define variable okay               as logical     no-undo.
/* Get the certificate */
assign certificate = auth.ClientCertificate:getInstance ( ).
assign x509Certificate = certificate:getCetificate ( ).
/* The Cookie container which will hold the C<X>SESSION cookie */
assign cookieContainer = new CookieContainer ( ).
/* Security protocols */
assign enumHelper1 = Progress.Util.EnumHelper:or ( SecurityProtocolType:Tls, SecurityProtocolType:Tls11 ).
assign enumHelper2 = Progress.Util.EnumHelper:or ( cast ( enumHelper1, SecurityProtocolType ), SecurityProtocolType:Tls12 ).
assign ServicePointManager:SecurityProtocol = cast ( enumHelper2, SecurityProtocolType ).
/* This is the request */
assign requestUri = new Uri ( issoEndPointURL )
       request    = cast ( WebRequest:Create ( requestUri ), HttpWebRequest ).
assign request:Method            = 'GET'
       request:AllowAutoRedirect = true
       request:CookieContainer   = cookieContainer.
/* Add the certificate to the request */
request:ClientCertificates:Add ( x509Certificate ).
           
/* This is the response */
assign response = cast ( request:GetResponse ( ), HttpWebResponse ).
/* Check the HTTP status code whether the reqeust succeeded */
assign statusCode = response:StatusCode:ToString ( ).
/* Fetch the response in any case */
assign responseReader = new StreamReader ( response:GetResponseStream ( ), Encoding:ASCII ).
assign xmlContent = responseReader:ReadToEnd ( ).
HTH - RealHeavyDude.
 
#5
Ooops, forgot

Code:
using System.*.
using System.Text.*.
using System.IO.*.
using System.Net.*.
using System.Security.Cryptography.X509Certificates.*.
using System.Security.Cryptography.*.
 

Cecil

17+ years progress programming and still learning.
#6
:(
1516091659739.png
Is there something extra I need to add to the assemblies .xml file?

I've added Sytem,Security just to "suck it and see", but that did not work.
 
#7
The auth.ClientCertificate is a class which I developed to wrap the logic which fetches the SSL certificate from the Windows certificate store. I did not include it. Do you need a sample on how to get the certificate from the Windows certificate store?