public static string CallCreate(ChannelFactory <Resource> resourceFactory, Uri thisUrl, string smlDomain, int assuranceLevel, CreateRequest request, IMessageMetadata messageMetadata) { STARTLibrary.accesspointService.Resource ws = null; try { var serviceMetadata = !string.IsNullOrEmpty(smlDomain) ? ServiceMetadata.FromSml(smlDomain, request) : ServiceMetadata.FromKnownEndpoint(resourceFactory); //NOTE: if you want to debug and send to "wrong" address, change below: //var test1 = ServiceMetadata.FromSml(smlDomain, request); //henter metadata fra SML //var test2 = ServiceMetadata.FromKnownEndpoint(resourceFactory); //var test3 = new ServiceMetadata() // { // Address = new Uri("https://ehf.fylkesmannen.no/oxalis"), //factory.Endpoint.Address.Uri, // Certificate = resourceFactory.Credentials.ServiceCertificate.DefaultCertificate // }; //serviceMetadata = test1; if (serviceMetadata.Certificate == null) { throw new ArgumentException("Certificate required (both for custom validation and for authenticationMode \"MutualCertificate\")."); } SetExpectedServiceCertificate(resourceFactory, serviceMetadata.Certificate); X509Certificate2 clientCertificate = resourceFactory.Credentials.ClientCertificate.Certificate; Saml2SecurityToken token = AccessPointToken.ClaimsToSaml2SenderVouchesToken( AccessPointToken.MakeClaims(request.SenderIdentifier.Value, assuranceLevel), thisUrl.AbsoluteUri, clientCertificate); //NOTE: changed when upgrading to .NET 4.5: //ws = resourceFactory.CreateChannelWithIssuedToken(new EndpointAddress(thisUrl, resourceFactory.Endpoint.Address.Identity), token); ws = resourceFactory.CreateChannelWithIssuedToken(token, new EndpointAddress(thisUrl, resourceFactory.Endpoint.Address.Identity)); var response = ws.Create(request); return("Document sent."); } catch (Exception exception) { throw exception; } finally { if (ws is IDisposable) { (ws as IDisposable).Dispose(); } }; }
public static string CallCreate(ChannelFactory <STARTLibrary.accesspointService.Resource> resourceFactory, Uri thisUrl, string smlDomain, int assuranceLevel, CreateRequest request) { STARTLibrary.accesspointService.Resource ws = null; Helper help = new Helper(); try { ServiceMetadata metadata = !string.IsNullOrEmpty(smlDomain) ? ServiceMetadata.FromSml(smlDomain, request) : ServiceMetadata.FromKnownEndpoint(resourceFactory); if (metadata.Certificate == null) { throw new ArgumentException("Certificate required (both for custom validation and for authenticationMode \"MutualCertificate\")."); } SetExpectedServiceCertificateNew(resourceFactory, metadata.Certificate); X509Certificate2 clientCertificate = resourceFactory.Credentials.ClientCertificate.Certificate; Saml2SecurityToken token = AccessPointToken.ClaimsToSaml2SenderVouchesToken( AccessPointToken.MakeClaims(request.SenderIdentifier.Value, assuranceLevel), thisUrl.AbsoluteUri, clientCertificate); ws = resourceFactory.CreateChannelWithIssuedToken(new EndpointAddress(thisUrl, resourceFactory.Endpoint.Address.Identity), token); ws.Create(request); return("Document sent."); } catch (Exception) { throw help.MakePeppolException("bden:ServerError", "ServerError"); } finally { if (ws is IDisposable) { (ws as IDisposable).Dispose(); } }; }
/// <summary> /// Use this method if you want to send to a custom access-point (debug) /// </summary> /// <param name="createRequest">SOAP-request to send to accesspoint</param> /// <param name="sender">sender-id, sample:9908:974763907</param> /// <param name="receiver">receiver-id, sample:9908:974763907</param> /// <param name="serviceMetadata">Servicemetadata containing endpoint and certificates</param> /// <returns></returns> public SendResult SendDocument(CreateRequest createRequest, string sender, string receiver, ServiceMetadata serviceMetadata) { var start = DateTime.Now; try { Log.Info("Start SendInvoice..."); if (serviceMetadata == null) { throw new ArgumentNullException("serviceMetadata", "serviceMetadata cannot be null"); } if (serviceMetadata.Certificate == null) { throw new ArgumentException("Certificate required (both for custom validation and for authenticationMode \"MutualCertificate\")."); } if (string.IsNullOrEmpty(sender)) { throw new ArgumentNullException("sender", "sender cannot be null. samlpevalue: 9908:974763907"); } if (string.IsNullOrEmpty(receiver)) { throw new ArgumentNullException("receiver", "receiver cannot be null. samlpevalue: 9908:974763907"); } //Recreating channelfactory... this is resource-intensive, and should be cached. recreating since certificate is readonly after channel is open. Log.InfoFormat("Recreating channelfactory for ep {0} using certificate {1}", serviceMetadata.Address.AbsoluteUri, serviceMetadata.Certificate.FriendlyName); _channelFactory = Utilities.CreateResourceChannelFactory <Resource>(_peppolEndpointName, _clientCertificate, _serviceCertificate); //1. Her angir vi at vi forventer at servicen vi kontakter har følgande sertifikat (f.eks. EVRY sitt) if (_channelFactory.Credentials == null) { throw new Exception("_channelFactory.Credentials was null.."); } //Her setter vi channelfactory sitt sertifikat til sertfikatet vi henta fra AP (f.eks. EVRY sitt): _channelFactory.Credentials.ServiceCertificate.DefaultCertificate = new X509Certificate2(serviceMetadata.Certificate); //Slår på custom validator for sertifikatet fra eksternt aksesspunkt: _channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom; _channelFactory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; _channelFactory.Credentials.ServiceCertificate.Authentication.CustomCertificateValidator = new CertificateValidator { ExpectedCertificate = serviceMetadata.Certificate, ExpectedIssuer = CertificateIssuer.AccessPointCA, RevocationMode = X509RevocationMode.NoCheck }; //2. set identity til SERVER. gjær nokon endringar på channelfactory sitt endpoint (createDnsIdentity basert på dns i sertifikat) var dnsName = serviceMetadata.Certificate.GetNameInfo(X509NameType.SimpleName, false); if (string.IsNullOrEmpty(dnsName)) { throw new Exception("Could not resolve dnsName for certificate.."); } //Her endrer vi adressen til channelfactory til å gå mot gitt aksesspunkt: _channelFactory.Endpoint.Address = new EndpointAddress(_channelFactory.Endpoint.Address.Uri, EndpointIdentity.CreateDnsIdentity(dnsName), _channelFactory.Endpoint.Address.Headers); //set identity til CLIENT (oss), og create token: Log.Info("Creating token.."); var thisUrl = serviceMetadata.Address; //_channelFactory.Endpoint.Address.Uri; X509Certificate2 clientCertificate = _channelFactory.Credentials.ClientCertificate.Certificate; ClaimsIdentity myOwnClaims = AccessPointToken.MakeClaims(createRequest.SenderIdentifier.Value, AssuranceLevel); Saml2SecurityToken token = AccessPointToken.ClaimsToSaml2SenderVouchesToken(myOwnClaims, thisUrl.AbsoluteUri, clientCertificate); //åpner proxy: Log.Info("Creating proxy on channelFactory with issuedToken..."); var proxy = _channelFactory.CreateChannelWithIssuedToken(token, new EndpointAddress(thisUrl, _channelFactory.Endpoint.Address.Identity)); Log.Info("Proxy created ok."); //kaller service: Log.Info("Calling service"); var response = proxy.Create(createRequest); var sendResult = new SendResult() { MessageId = createRequest.MessageIdentifier, Response = response, TimeSpent = DateTime.Now.Subtract(start) }; Log.InfoFormat("response OK. Message {0} sent OK!", sendResult.MessageId); return(sendResult); } catch (Exception exception) { Log.Error("Error when sending invoice.."); Log.Error(exception); throw; } }