protected override object CreateIntermediateRequest(Stream encrypted, byte[] keyId, InputParameterData inputParameters)
{
Consult.RequestType1 request = new Consult.RequestType1();
request.CareReceiver = new Consult.CareReceiverIdType();
request.CareReceiver.Ssin = inputParameters.CareReceiverId.Ssin;
request.CareReceiver.Mutuality = inputParameters.CareReceiverId.Mutuality;
request.CareReceiver.RegNrWithMut = inputParameters.CareReceiverId.RegNrWithMut;
request.AgreementStartDate = inputParameters.AgreementStartDate;
request.SealedContent = ReadFully(encrypted);
request.UnsealKeyId = Convert.ToBase64String(keyId);
return request;
}
protected override Tuple <Stream, Object> OnTransferEncrypted(Stream encrypted, Object parameters, ref byte[] keyId, ReadOnlyCollection <Recipient> recipients)
{
InputParameterData inputParameters = (InputParameterData)parameters;
//construct the request from parameters and the encrypted message
AskChap4MedicalAdvisorAgreementRequestType request = new AskChap4MedicalAdvisorAgreementRequestType();
request.CommonInput = inputParameters.CommonInput;
request.RecordCommonInput = inputParameters.RecordCommonInput;
request.CareReceiver = inputParameters.CareReceiverId;
request.Request = new SecuredContentType();
request.Request.SecuredContent = ReadFully(encrypted);
//Send the request and get the response.
AskChap4MedicalAdvisorAgreementResponseType response;
try
{
response = proxy.askChap4MedicalAdvisorAgreement(request);
}
catch (FaultException <SystemError> systemError)
{
String code = systemError.Detail.Nodes.Where(x => x.LocalName == "Code").Single().InnerText;
String msg = systemError.Detail.Nodes.Where(x => x.LocalName == "Message").Single().InnerText;
String id = systemError.Detail.Nodes.Where(x => x.LocalName == "Id").Single().InnerText;
throw new InvalidOperationException(code + ": " + msg + " (" + id + ")");
}
//Verify the response for errors, return an exception if found.
if (response.Status.Code != "200" || response.ReturnInfo != null)
{
throw new AgreementException(response.Status, response.ReturnInfo, response.CommonOutput, response.RecordCommonOutput);
}
//Extract the non encrypted data and the encrypted steam
OutputParameterData outputParameters = new OutputParameterData(response.CommonOutput, response.RecordCommonOutput);
return(new Tuple <Stream, Object>(new MemoryStream(response.Response.SecuredContent), outputParameters));
}
protected override Tuple <Stream, object> OnTransferEncrypted(Stream encrypted, Object parameters, ref byte[] keyId, ReadOnlyCollection <Recipient> recipients)
{
if (!(parameters is InputParameterData))
{
throw new ArgumentException("The parameters agrument must be a input parameter data", "parameters");
}
InputParameterData inputParameters = (InputParameterData)parameters;
//Create a new request, containing the unaddressed encrypted content.
Object request = CreateIntermediateRequest(encrypted, keyId, inputParameters);
X509Certificate2 sender;
//send via the inner postmaster
Tuple <Stream, Object> response = innerPostMaster.TransferAndDoCrypto(SerializeInMemory(request), parameters, new ReadOnlyCollection <Recipient>(mcnList.ToList <Recipient>()), out sender);
//Prepare a new tuple with all the clear data (including the stream, since at this point it is clear data)
OutputParameterData responseParameter = (OutputParameterData)response.Item2;
responseParameter.ClearResponse = response.Item1;
responseParameter.Sender = sender;
return(new Tuple <Stream, Object>(null, responseParameter)); //stream nust be null, otherwise the postmaster will try to decrypt it.
}
/// <summary>
/// Communicates with the Chapter IV agreement consult service.
/// </summary>
/// <param name="kmehr">The request kmehr, that must be double encrypted</param>
/// <param name="parameters">Additional information required, see Chapter IV documentation</param>
/// <param name="sender">The certificate of the IO that sent the response</param>
/// <returns>The response kmehr (item1) and additional information (item2)</returns>
/// <exception cref="AgreementException">When the service returns a fault in the business message</exception>
public Tuple <Stream, OutputParameterData> Transfer(Stream kmehr, InputParameterData parameters, out X509Certificate2 sender)
{
//Create the request with the KMEHR
Object request = CreateBusinessRequest(kmehr, Self.Token.GetEncoded());
//Encrypte request and send, the response isn't encrypted on this level (but is on the second pass)
Object response = TransferAndEncryptOnly(SerializeInMemory(request), (Object)parameters, new ReadOnlyCollection <Recipient>(ioList.ToList <Recipient>()));
//Convert the response
OutputParameterData responseParameter = (OutputParameterData)response;
//Get the sender and remove it from teh response parameter
sender = responseParameter.Sender;
responseParameter.Sender = null;
//desialize the response
byte[] timestamp;
byte[] kmehrResponse = ParseResponse(responseParameter.ClearResponse, out timestamp);
//clear the (internal) input and return the response
responseParameter.ClearResponse = null;
responseParameter.Timestamp = timestamp;
return(new Tuple <Stream, OutputParameterData>(new MemoryStream(kmehrResponse), responseParameter));
}
/// <summary>
/// Communicates with the Chapter IV agreement consult service.
/// </summary>
/// <param name="kmehr">The request kmehr, that must be double encrypted</param>
/// <param name="parameters">Additional information required, see Chapter IV documentation</param>
/// <param name="sender">The certificate of the IO that sent the response</param>
/// <returns>The response kmehr (item1) and additional information (item2)</returns>
/// <exception cref="AgreementException">When the service returns a fault in the business message</exception>
public Tuple<Stream, OutputParameterData> Transfer(Stream kmehr, InputParameterData parameters, out X509Certificate2 sender)
{
//Create the request with the KMEHR
Object request = CreateBusinessRequest(kmehr, Self.Token.GetEncoded());
//Encrypte request and send, the response isn't encrypted on this level (but is on the second pass)
Object response = TransferAndEncryptOnly(SerializeInMemory(request), (Object)parameters, new ReadOnlyCollection<Recipient>(ioList.ToList<Recipient>()));
//Convert the response
OutputParameterData responseParameter = (OutputParameterData)response;
//Get the sender and remove it from teh response parameter
sender = responseParameter.Sender;
responseParameter.Sender = null;
//desialize the response
byte[] timestamp;
byte[] kmehrResponse = ParseResponse(responseParameter.ClearResponse, out timestamp);
//clear the (internal) input and return the response
responseParameter.ClearResponse = null;
responseParameter.Timestamp = timestamp;
return new Tuple<Stream,OutputParameterData>(new MemoryStream(kmehrResponse), responseParameter);
}
protected abstract Object CreateIntermediateRequest(Stream encrypted, byte[] keyId, InputParameterData inputParameters);
protected abstract Object CreateIntermediateRequest(Stream encrypted, byte[] keyId, InputParameterData inputParameters);
protected override object CreateIntermediateRequest(Stream encrypted, byte[] keyId, InputParameterData inputParameters)
{
Consult.RequestType1 request = new Consult.RequestType1();
request.CareReceiver = new Consult.CareReceiverIdType();
request.CareReceiver.Ssin = inputParameters.CareReceiverId.Ssin;
request.CareReceiver.Mutuality = inputParameters.CareReceiverId.Mutuality;
request.CareReceiver.RegNrWithMut = inputParameters.CareReceiverId.RegNrWithMut;
request.AgreementStartDate = inputParameters.AgreementStartDate;
request.SealedContent = ReadFully(encrypted);
request.UnsealKeyId = Convert.ToBase64String(keyId);
return(request);
}
public void ConfigDoctorViaCode()
{
//Create SSOBinding
var ssoBinding = new SsoBinding();
ssoBinding.Security.Mode = WSFederationHttpSecurityMode.Message;
ssoBinding.Security.Message.IssuedKeyType = SecurityKeyType.AsymmetricKey;
ssoBinding.Security.Message.NegotiateServiceCredential = false;
ssoBinding.Security.Message.EstablishSecurityContext = false;
ssoBinding.Security.Message.IssuerAddress = new EndpointAddress("https://wwwacc.ehealth.fgov.be/sts_1_1/SecureTokenService");
ssoBinding.Security.Message.IssuerBinding = new StsBinding();
XmlDocument doc = new XmlDocument();
doc.LoadXml("<saml:Attribute xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" AttributeNamespace=\"urn:be:fgov:identification-namespace\" AttributeName=\"urn:be:fgov:person:ssin\">" +
"<saml:AttributeValue xsi:type=\"xs:string\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">79021802145</saml:AttributeValue>" +
"</saml:Attribute>");
ssoBinding.Security.Message.TokenRequestParameters.Add(doc.DocumentElement);
doc = new XmlDocument();
doc.LoadXml("<saml:Attribute xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" AttributeNamespace=\"urn:be:fgov:identification-namespace\" AttributeName=\"urn:be:fgov:ehealth:1.0:certificateholder:person:ssin\">" +
"<saml:AttributeValue xsi:type=\"xs:string\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">79021802145</saml:AttributeValue>" +
"</saml:Attribute>");
ssoBinding.Security.Message.TokenRequestParameters.Add(doc.DocumentElement);
ssoBinding.Security.Message.ClaimTypeRequirements.Add(new ClaimTypeRequirement("{urn:be:fgov:identification-namespace}urn:be:fgov:person:ssin"));
ssoBinding.Security.Message.ClaimTypeRequirements.Add(new ClaimTypeRequirement("{urn:be:fgov:identification-namespace}urn:be:fgov:ehealth:1.0:certificateholder:person:ssin"));
ssoBinding.Security.Message.ClaimTypeRequirements.Add(new ClaimTypeRequirement("{urn:be:fgov:certified-namespace:ehealth}urn:be:fgov:person:ssin:doctor:boolean"));
ssoBinding.Security.Message.ClaimTypeRequirements.Add(new ClaimTypeRequirement("{urn:be:fgov:certified-namespace:ehealth}urn:be:fgov:person:ssin:ehealth:1.0:doctor:nihii11"));
//Creating basic https binding
BasicHttpBinding httpsBinding = new BasicHttpBinding();
httpsBinding.Security.Mode = BasicHttpSecurityMode.Transport;
//Create the Consult proxy
Chap4AgreementConsultationPortTypeClient consult = new Chap4AgreementConsultationPortTypeClient(ssoBinding, new EndpointAddress("https://services-acpt.ehealth.fgov.be/ChapterIV/ChapterIVAgreementConsultation/v1"));
consult.Endpoint.Behaviors.Remove<ClientCredentials>();
consult.Endpoint.Behaviors.Add(new SsoClientCredentials());
consult.Endpoint.Behaviors.Add(new SessionBehavior(session, TimeSpan.FromHours(1), typeof(MemorySessionCache), null));
consult.ClientCredentials.ClientCertificate.Certificate = auth; //must be put after the behavior
//Create KGSS proxy
KgssPortTypeClient kgss = new KgssPortTypeClient(httpsBinding, new EndpointAddress("https://services-acpt.ehealth.fgov.be/Kgss/v1"));
//Create ETK Depot proxy
EtkDepotPortTypeClient etkDepot = new EtkDepotPortTypeClient(httpsBinding, new EndpointAddress("https://services-acpt.ehealth.fgov.be/EtkDepot/v1"));
//Create self
SecurityInfo self = SecurityInfo.Create(sign, StoreLocation.CurrentUser, etkDepot);
//Create Consult postmaster
ConsultPostMaster postmaster = new ConsultPostMaster(self, consult, etkDepot, kgss);
postmaster.VerifyEtk = false;
//prepare the input
InputParameterData parameters = new InputParameterData();
parameters.CommonInput = new CommonInputType();
parameters.CommonInput.Request = new RequestType1();
parameters.CommonInput.Request.IsTest = true;
parameters.CommonInput.Origin = new OriginType();
parameters.CommonInput.Origin.Package = new PackageType();
parameters.CommonInput.Origin.Package.License = new LicenseType();
//parameters.CommonInput.Origin.Package.License.Username = "******"; //provide you own license
//parameters.CommonInput.Origin.Package.License.Password = "******"; //provide your own password
parameters.CommonInput.Origin.Package.License.Username = "******"; //provide you own license
parameters.CommonInput.Origin.Package.License.Password = "******"; //provide your own password
parameters.CommonInput.Origin.CareProvider = new CareProviderType();
parameters.CommonInput.Origin.CareProvider.Nihii = new NihiiType();
parameters.CommonInput.Origin.CareProvider.Nihii.Quality = "doctor";
parameters.CommonInput.Origin.CareProvider.Nihii.Value = new ValueRefString();
parameters.CommonInput.Origin.CareProvider.Nihii.Value.Value = "19997341001";
parameters.CommonInput.Origin.CareProvider.PhysicalPerson = new IdType();
parameters.CommonInput.Origin.CareProvider.PhysicalPerson.Ssin = new ValueRefString();
parameters.CommonInput.Origin.CareProvider.PhysicalPerson.Ssin.Value = "79021802145";
parameters.RecordCommonInput = new RecordCommonInputType();
parameters.RecordCommonInput.InputReferenceSpecified = true;
parameters.RecordCommonInput.InputReference = 20101112100503;
parameters.AgreementStartDate = new DateTime(2013, 04, 01, 0, 0, 0, DateTimeKind.Utc);
parameters.CareReceiverId = new CareReceiverIdType();
parameters.CareReceiverId.Ssin = "01093008501";
//send the request
X509Certificate2 sender;
Tuple<Stream, OutputParameterData> response = postmaster.Transfer(new FileStream("request_consult_physician.xml", FileMode.Open), parameters, out sender);
WriteFormattedXml(response.Item1);
//Chech for business responses
XmlDocument responseDoc = new XmlDocument();
XmlNamespaceManager nsmgr = new XmlNamespaceManager(responseDoc.NameTable);
nsmgr.AddNamespace("ns", "http://www.ehealth.fgov.be/medicalagreement/core/v1");
nsmgr.AddNamespace("kmehr", "http://www.ehealth.fgov.be/standards/kmehr/schema/v1");
responseDoc.Load(response.Item1);
XmlNodeList errorList = responseDoc.SelectNodes("/ns:kmehrresponse/ns:acknowledge/ns:error", nsmgr);
if (errorList.Count > 0)
{
StringBuilder errorMsg = new StringBuilder();
foreach (XmlNode error in errorList)
{
errorMsg.Append(error.SelectSingleNode("./kmehr:cd", nsmgr).InnerText)
.Append(": ")
.Append(error.SelectSingleNode("./kmehr:description", nsmgr).InnerText)
.Append(" (")
.Append(error.SelectSingleNode("./kmehr:url", nsmgr).InnerText)
.AppendLine(")");
}
Assert.Inconclusive(errorMsg.ToString());
}
}
