/// <summary>
/// Default constructor
/// </summary>
/// <param name="environment">Swish environment to use</param>
/// <param name="P12CertificateCollectionBytes">The client P12 certificate as a byte array</param>
/// <param name="P12CertificateCollectionPassphrase">Password for certificate collection (can be null)</param>
/// <param name="merchantId">Swish Merchant ID</param>
public SwishClient(SwishEnvironment environment, byte[] P12CertificateCollectionBytes, string P12CertificateCollectionPassphrase, string merchantId)
{
Environment = environment;
MerchantId = merchantId;
var clientCerts = new X509Certificate2Collection();
clientCerts.Import(P12CertificateCollectionBytes, P12CertificateCollectionPassphrase ?? "", X509KeyStorageFlags.Exportable);
CreateClient(clientCerts);
}
/// <summary>
/// Default constructor
/// </summary>
/// <param name="environment">Swish environment to use</param>
/// <param name="P12CertificateCollectionBytes">The client P12 certificate as a byte array</param>
/// <param name="P12CertificateCollectionPassphrase">Password for certificate collection (can be null)</param>
/// <param name="merchantId">Swish Merchant ID</param>
public SwishClient(SwishEnvironment environment, byte[] P12CertificateCollectionBytes, string P12CertificateCollectionPassphrase, string merchantId)
{
Environment = environment;
MerchantId = merchantId;
/*
* var handler = new HttpClientHandler();
* handler.ClientCertificateOptions = ClientCertificateOption.Manual;
*
* var pkcs12Store = new Pkcs12Store(
* new MemoryStream(P12CertificateCollectionBytes),
* P12CertificateCollectionPassphrase.ToCharArray());
*
* var aliasesEnumerator = pkcs12Store.Aliases.GetEnumerator();
* aliasesEnumerator.MoveNext();
* var alias = aliasesEnumerator.Current as string;
*
* var chain = pkcs12Store.GetCertificateChain(alias);
*
* var privateKey = pkcs12Store.GetKey(alias);
*
* foreach (var cert in chain)
* {
* var c = Org.BouncyCastle.Security.DotNetUtilities.ToX509Certificate(cert.Certificate.CertificateStructure);
*
* var c2 = new X509Certificate2(c);
* try
* {
* c2.PrivateKey = Org.BouncyCastle.Security.DotNetUtilities.ToRSA(privateKey.Key as RsaPrivateCrtKeyParameters);
* }
* catch { }
*
* handler.ClientCertificates.Add(c2);
* }
*/
var clientCerts = new X509Certificate2Collection();
clientCerts.Import(P12CertificateCollectionBytes, P12CertificateCollectionPassphrase ?? "", X509KeyStorageFlags.Exportable);
var handler = new HttpClientHandler();
//handler.ClientCertificateOptions = ClientCertificateOption.Manual;
handler.ClientCertificates.AddRange(clientCerts);
handler.Credentials = null;
//CredentialCache s = null;
try
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
ServicePointManager.Expect100Continue = true;
}
catch { }
try
{
handler.SslProtocols = SslProtocols.Tls12;
}
catch { }
// assert CA certs in cert store, and get root CA
// var rootCertificate = AssertCertsInStore(clientCerts);
handler.ServerCertificateCustomValidationCallback = (_, __, ___, ____) =>
{
// for some reason, extracted test root certificate is not equal to the MSS server certificate
// so for now, accept all server certificates
// this should be fixed in the future
return(true);
//var x509ChainElement = chain.ChainElements.OfType<X509ChainElement>().LastOrDefault();
//if (x509ChainElement == null) return false;
//var c = x509ChainElement.Certificate;
//return c.Equals(rootCertificate);
};
_client = new HttpClient(handler);
}
/// <summary>
/// Initializes the swish client with initialized HttpClient
/// Only for testing purposes!
/// </summary>
/// <param name="httpClient">Initialized/mocked HttpClient</param>
/// <param name="merchantId">Merchant Id</param>
/// <param name="environment">Swish env to use</param>
public SwishClient(HttpClient httpClient, string merchantId, SwishEnvironment environment = SwishEnvironment.Test)
{
Environment = environment;
MerchantId = merchantId;
_client = httpClient;
}
