protected override object CreateIntermediateRequest(Stream encrypted, byte[] keyId, InputParameterData inputParameters) { Consult.RequestType1 request = new Consult.RequestType1(); request.CareReceiver = new Consult.CareReceiverIdType(); request.CareReceiver.Ssin = inputParameters.CareReceiverId.Ssin; request.CareReceiver.Mutuality = inputParameters.CareReceiverId.Mutuality; request.CareReceiver.RegNrWithMut = inputParameters.CareReceiverId.RegNrWithMut; request.AgreementStartDate = inputParameters.AgreementStartDate; request.SealedContent = ReadFully(encrypted); request.UnsealKeyId = Convert.ToBase64String(keyId); return request; }
protected override Tuple <Stream, Object> OnTransferEncrypted(Stream encrypted, Object parameters, ref byte[] keyId, ReadOnlyCollection <Recipient> recipients) { InputParameterData inputParameters = (InputParameterData)parameters; //construct the request from parameters and the encrypted message AskChap4MedicalAdvisorAgreementRequestType request = new AskChap4MedicalAdvisorAgreementRequestType(); request.CommonInput = inputParameters.CommonInput; request.RecordCommonInput = inputParameters.RecordCommonInput; request.CareReceiver = inputParameters.CareReceiverId; request.Request = new SecuredContentType(); request.Request.SecuredContent = ReadFully(encrypted); //Send the request and get the response. AskChap4MedicalAdvisorAgreementResponseType response; try { response = proxy.askChap4MedicalAdvisorAgreement(request); } catch (FaultException <SystemError> systemError) { String code = systemError.Detail.Nodes.Where(x => x.LocalName == "Code").Single().InnerText; String msg = systemError.Detail.Nodes.Where(x => x.LocalName == "Message").Single().InnerText; String id = systemError.Detail.Nodes.Where(x => x.LocalName == "Id").Single().InnerText; throw new InvalidOperationException(code + ": " + msg + " (" + id + ")"); } //Verify the response for errors, return an exception if found. if (response.Status.Code != "200" || response.ReturnInfo != null) { throw new AgreementException(response.Status, response.ReturnInfo, response.CommonOutput, response.RecordCommonOutput); } //Extract the non encrypted data and the encrypted steam OutputParameterData outputParameters = new OutputParameterData(response.CommonOutput, response.RecordCommonOutput); return(new Tuple <Stream, Object>(new MemoryStream(response.Response.SecuredContent), outputParameters)); }
protected override Tuple <Stream, object> OnTransferEncrypted(Stream encrypted, Object parameters, ref byte[] keyId, ReadOnlyCollection <Recipient> recipients) { if (!(parameters is InputParameterData)) { throw new ArgumentException("The parameters agrument must be a input parameter data", "parameters"); } InputParameterData inputParameters = (InputParameterData)parameters; //Create a new request, containing the unaddressed encrypted content. Object request = CreateIntermediateRequest(encrypted, keyId, inputParameters); X509Certificate2 sender; //send via the inner postmaster Tuple <Stream, Object> response = innerPostMaster.TransferAndDoCrypto(SerializeInMemory(request), parameters, new ReadOnlyCollection <Recipient>(mcnList.ToList <Recipient>()), out sender); //Prepare a new tuple with all the clear data (including the stream, since at this point it is clear data) OutputParameterData responseParameter = (OutputParameterData)response.Item2; responseParameter.ClearResponse = response.Item1; responseParameter.Sender = sender; return(new Tuple <Stream, Object>(null, responseParameter)); //stream nust be null, otherwise the postmaster will try to decrypt it. }
/// <summary> /// Communicates with the Chapter IV agreement consult service. /// </summary> /// <param name="kmehr">The request kmehr, that must be double encrypted</param> /// <param name="parameters">Additional information required, see Chapter IV documentation</param> /// <param name="sender">The certificate of the IO that sent the response</param> /// <returns>The response kmehr (item1) and additional information (item2)</returns> /// <exception cref="AgreementException">When the service returns a fault in the business message</exception> public Tuple <Stream, OutputParameterData> Transfer(Stream kmehr, InputParameterData parameters, out X509Certificate2 sender) { //Create the request with the KMEHR Object request = CreateBusinessRequest(kmehr, Self.Token.GetEncoded()); //Encrypte request and send, the response isn't encrypted on this level (but is on the second pass) Object response = TransferAndEncryptOnly(SerializeInMemory(request), (Object)parameters, new ReadOnlyCollection <Recipient>(ioList.ToList <Recipient>())); //Convert the response OutputParameterData responseParameter = (OutputParameterData)response; //Get the sender and remove it from teh response parameter sender = responseParameter.Sender; responseParameter.Sender = null; //desialize the response byte[] timestamp; byte[] kmehrResponse = ParseResponse(responseParameter.ClearResponse, out timestamp); //clear the (internal) input and return the response responseParameter.ClearResponse = null; responseParameter.Timestamp = timestamp; return(new Tuple <Stream, OutputParameterData>(new MemoryStream(kmehrResponse), responseParameter)); }
/// <summary> /// Communicates with the Chapter IV agreement consult service. /// </summary> /// <param name="kmehr">The request kmehr, that must be double encrypted</param> /// <param name="parameters">Additional information required, see Chapter IV documentation</param> /// <param name="sender">The certificate of the IO that sent the response</param> /// <returns>The response kmehr (item1) and additional information (item2)</returns> /// <exception cref="AgreementException">When the service returns a fault in the business message</exception> public Tuple<Stream, OutputParameterData> Transfer(Stream kmehr, InputParameterData parameters, out X509Certificate2 sender) { //Create the request with the KMEHR Object request = CreateBusinessRequest(kmehr, Self.Token.GetEncoded()); //Encrypte request and send, the response isn't encrypted on this level (but is on the second pass) Object response = TransferAndEncryptOnly(SerializeInMemory(request), (Object)parameters, new ReadOnlyCollection<Recipient>(ioList.ToList<Recipient>())); //Convert the response OutputParameterData responseParameter = (OutputParameterData)response; //Get the sender and remove it from teh response parameter sender = responseParameter.Sender; responseParameter.Sender = null; //desialize the response byte[] timestamp; byte[] kmehrResponse = ParseResponse(responseParameter.ClearResponse, out timestamp); //clear the (internal) input and return the response responseParameter.ClearResponse = null; responseParameter.Timestamp = timestamp; return new Tuple<Stream,OutputParameterData>(new MemoryStream(kmehrResponse), responseParameter); }
protected abstract Object CreateIntermediateRequest(Stream encrypted, byte[] keyId, InputParameterData inputParameters);
protected override object CreateIntermediateRequest(Stream encrypted, byte[] keyId, InputParameterData inputParameters) { Consult.RequestType1 request = new Consult.RequestType1(); request.CareReceiver = new Consult.CareReceiverIdType(); request.CareReceiver.Ssin = inputParameters.CareReceiverId.Ssin; request.CareReceiver.Mutuality = inputParameters.CareReceiverId.Mutuality; request.CareReceiver.RegNrWithMut = inputParameters.CareReceiverId.RegNrWithMut; request.AgreementStartDate = inputParameters.AgreementStartDate; request.SealedContent = ReadFully(encrypted); request.UnsealKeyId = Convert.ToBase64String(keyId); return(request); }
public void ConfigDoctorViaCode() { //Create SSOBinding var ssoBinding = new SsoBinding(); ssoBinding.Security.Mode = WSFederationHttpSecurityMode.Message; ssoBinding.Security.Message.IssuedKeyType = SecurityKeyType.AsymmetricKey; ssoBinding.Security.Message.NegotiateServiceCredential = false; ssoBinding.Security.Message.EstablishSecurityContext = false; ssoBinding.Security.Message.IssuerAddress = new EndpointAddress("https://wwwacc.ehealth.fgov.be/sts_1_1/SecureTokenService"); ssoBinding.Security.Message.IssuerBinding = new StsBinding(); XmlDocument doc = new XmlDocument(); doc.LoadXml("<saml:Attribute xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" AttributeNamespace=\"urn:be:fgov:identification-namespace\" AttributeName=\"urn:be:fgov:person:ssin\">" + "<saml:AttributeValue xsi:type=\"xs:string\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">79021802145</saml:AttributeValue>" + "</saml:Attribute>"); ssoBinding.Security.Message.TokenRequestParameters.Add(doc.DocumentElement); doc = new XmlDocument(); doc.LoadXml("<saml:Attribute xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" AttributeNamespace=\"urn:be:fgov:identification-namespace\" AttributeName=\"urn:be:fgov:ehealth:1.0:certificateholder:person:ssin\">" + "<saml:AttributeValue xsi:type=\"xs:string\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">79021802145</saml:AttributeValue>" + "</saml:Attribute>"); ssoBinding.Security.Message.TokenRequestParameters.Add(doc.DocumentElement); ssoBinding.Security.Message.ClaimTypeRequirements.Add(new ClaimTypeRequirement("{urn:be:fgov:identification-namespace}urn:be:fgov:person:ssin")); ssoBinding.Security.Message.ClaimTypeRequirements.Add(new ClaimTypeRequirement("{urn:be:fgov:identification-namespace}urn:be:fgov:ehealth:1.0:certificateholder:person:ssin")); ssoBinding.Security.Message.ClaimTypeRequirements.Add(new ClaimTypeRequirement("{urn:be:fgov:certified-namespace:ehealth}urn:be:fgov:person:ssin:doctor:boolean")); ssoBinding.Security.Message.ClaimTypeRequirements.Add(new ClaimTypeRequirement("{urn:be:fgov:certified-namespace:ehealth}urn:be:fgov:person:ssin:ehealth:1.0:doctor:nihii11")); //Creating basic https binding BasicHttpBinding httpsBinding = new BasicHttpBinding(); httpsBinding.Security.Mode = BasicHttpSecurityMode.Transport; //Create the Consult proxy Chap4AgreementConsultationPortTypeClient consult = new Chap4AgreementConsultationPortTypeClient(ssoBinding, new EndpointAddress("https://services-acpt.ehealth.fgov.be/ChapterIV/ChapterIVAgreementConsultation/v1")); consult.Endpoint.Behaviors.Remove<ClientCredentials>(); consult.Endpoint.Behaviors.Add(new SsoClientCredentials()); consult.Endpoint.Behaviors.Add(new SessionBehavior(session, TimeSpan.FromHours(1), typeof(MemorySessionCache), null)); consult.ClientCredentials.ClientCertificate.Certificate = auth; //must be put after the behavior //Create KGSS proxy KgssPortTypeClient kgss = new KgssPortTypeClient(httpsBinding, new EndpointAddress("https://services-acpt.ehealth.fgov.be/Kgss/v1")); //Create ETK Depot proxy EtkDepotPortTypeClient etkDepot = new EtkDepotPortTypeClient(httpsBinding, new EndpointAddress("https://services-acpt.ehealth.fgov.be/EtkDepot/v1")); //Create self SecurityInfo self = SecurityInfo.Create(sign, StoreLocation.CurrentUser, etkDepot); //Create Consult postmaster ConsultPostMaster postmaster = new ConsultPostMaster(self, consult, etkDepot, kgss); postmaster.VerifyEtk = false; //prepare the input InputParameterData parameters = new InputParameterData(); parameters.CommonInput = new CommonInputType(); parameters.CommonInput.Request = new RequestType1(); parameters.CommonInput.Request.IsTest = true; parameters.CommonInput.Origin = new OriginType(); parameters.CommonInput.Origin.Package = new PackageType(); parameters.CommonInput.Origin.Package.License = new LicenseType(); //parameters.CommonInput.Origin.Package.License.Username = "******"; //provide you own license //parameters.CommonInput.Origin.Package.License.Password = "******"; //provide your own password parameters.CommonInput.Origin.Package.License.Username = "******"; //provide you own license parameters.CommonInput.Origin.Package.License.Password = "******"; //provide your own password parameters.CommonInput.Origin.CareProvider = new CareProviderType(); parameters.CommonInput.Origin.CareProvider.Nihii = new NihiiType(); parameters.CommonInput.Origin.CareProvider.Nihii.Quality = "doctor"; parameters.CommonInput.Origin.CareProvider.Nihii.Value = new ValueRefString(); parameters.CommonInput.Origin.CareProvider.Nihii.Value.Value = "19997341001"; parameters.CommonInput.Origin.CareProvider.PhysicalPerson = new IdType(); parameters.CommonInput.Origin.CareProvider.PhysicalPerson.Ssin = new ValueRefString(); parameters.CommonInput.Origin.CareProvider.PhysicalPerson.Ssin.Value = "79021802145"; parameters.RecordCommonInput = new RecordCommonInputType(); parameters.RecordCommonInput.InputReferenceSpecified = true; parameters.RecordCommonInput.InputReference = 20101112100503; parameters.AgreementStartDate = new DateTime(2013, 04, 01, 0, 0, 0, DateTimeKind.Utc); parameters.CareReceiverId = new CareReceiverIdType(); parameters.CareReceiverId.Ssin = "01093008501"; //send the request X509Certificate2 sender; Tuple<Stream, OutputParameterData> response = postmaster.Transfer(new FileStream("request_consult_physician.xml", FileMode.Open), parameters, out sender); WriteFormattedXml(response.Item1); //Chech for business responses XmlDocument responseDoc = new XmlDocument(); XmlNamespaceManager nsmgr = new XmlNamespaceManager(responseDoc.NameTable); nsmgr.AddNamespace("ns", "http://www.ehealth.fgov.be/medicalagreement/core/v1"); nsmgr.AddNamespace("kmehr", "http://www.ehealth.fgov.be/standards/kmehr/schema/v1"); responseDoc.Load(response.Item1); XmlNodeList errorList = responseDoc.SelectNodes("/ns:kmehrresponse/ns:acknowledge/ns:error", nsmgr); if (errorList.Count > 0) { StringBuilder errorMsg = new StringBuilder(); foreach (XmlNode error in errorList) { errorMsg.Append(error.SelectSingleNode("./kmehr:cd", nsmgr).InnerText) .Append(": ") .Append(error.SelectSingleNode("./kmehr:description", nsmgr).InnerText) .Append(" (") .Append(error.SelectSingleNode("./kmehr:url", nsmgr).InnerText) .AppendLine(")"); } Assert.Inconclusive(errorMsg.ToString()); } }