/// <summary> /// Returns servicemetadata from SML - Service Metadata Locator (lookup receiver, get AP-address and AP-certificates) /// See also http://www.peppol.eu/peppol_components/-transport-infrastructure/main-components/the-peppol-central-registry /// </summary> /// <param name="createRequest"></param> /// <returns>ServiceMetadata (address of access point and public server certificate)</returns> public ServiceMetadata GetServiceMetadataFromSML(CreateRequest createRequest) { try { if (createRequest == null) { throw new ArgumentNullException("createRequest", "createRequest cannot be null whne looking up servicemetadata"); } Log.InfoFormat("Looking up servicemetadata from request {0}", createRequest.MessageIdentifier); var metadata = ServiceMetadata.FromSml(DefaultSmlDomain, createRequest); Log.InfoFormat("Metadata lookup OK. Address: {0} Certificate: {1}", metadata.Address.AbsoluteUri, metadata.Certificate.FriendlyName); return(metadata); } catch (Exception exception) { Log.Error("Error getting servicemetadata from sml"); Log.Error(exception); throw; } }
/// <summary> /// Use this method if you want to send to a custom access-point (debug) /// </summary> /// <param name="createRequest">SOAP-request to send to accesspoint</param> /// <param name="sender">sender-id, sample:9908:974763907</param> /// <param name="receiver">receiver-id, sample:9908:974763907</param> /// <param name="serviceMetadata">Servicemetadata containing endpoint and certificates</param> /// <returns></returns> public SendResult SendDocument(CreateRequest createRequest, string sender, string receiver, ServiceMetadata serviceMetadata) { var start = DateTime.Now; try { Log.Info("Start SendInvoice..."); if (serviceMetadata == null) { throw new ArgumentNullException("serviceMetadata", "serviceMetadata cannot be null"); } if (serviceMetadata.Certificate == null) { throw new ArgumentException("Certificate required (both for custom validation and for authenticationMode \"MutualCertificate\")."); } if (string.IsNullOrEmpty(sender)) { throw new ArgumentNullException("sender", "sender cannot be null. samlpevalue: 9908:974763907"); } if (string.IsNullOrEmpty(receiver)) { throw new ArgumentNullException("receiver", "receiver cannot be null. samlpevalue: 9908:974763907"); } //Recreating channelfactory... this is resource-intensive, and should be cached. recreating since certificate is readonly after channel is open. Log.InfoFormat("Recreating channelfactory for ep {0} using certificate {1}", serviceMetadata.Address.AbsoluteUri, serviceMetadata.Certificate.FriendlyName); _channelFactory = Utilities.CreateResourceChannelFactory <Resource>(_peppolEndpointName, _clientCertificate, _serviceCertificate); //1. Her angir vi at vi forventer at servicen vi kontakter har følgande sertifikat (f.eks. EVRY sitt) if (_channelFactory.Credentials == null) { throw new Exception("_channelFactory.Credentials was null.."); } //Her setter vi channelfactory sitt sertifikat til sertfikatet vi henta fra AP (f.eks. EVRY sitt): _channelFactory.Credentials.ServiceCertificate.DefaultCertificate = new X509Certificate2(serviceMetadata.Certificate); //Slår på custom validator for sertifikatet fra eksternt aksesspunkt: _channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom; _channelFactory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; _channelFactory.Credentials.ServiceCertificate.Authentication.CustomCertificateValidator = new CertificateValidator { ExpectedCertificate = serviceMetadata.Certificate, ExpectedIssuer = CertificateIssuer.AccessPointCA, RevocationMode = X509RevocationMode.NoCheck }; //2. set identity til SERVER. gjær nokon endringar på channelfactory sitt endpoint (createDnsIdentity basert på dns i sertifikat) var dnsName = serviceMetadata.Certificate.GetNameInfo(X509NameType.SimpleName, false); if (string.IsNullOrEmpty(dnsName)) { throw new Exception("Could not resolve dnsName for certificate.."); } //Her endrer vi adressen til channelfactory til å gå mot gitt aksesspunkt: _channelFactory.Endpoint.Address = new EndpointAddress(_channelFactory.Endpoint.Address.Uri, EndpointIdentity.CreateDnsIdentity(dnsName), _channelFactory.Endpoint.Address.Headers); //set identity til CLIENT (oss), og create token: Log.Info("Creating token.."); var thisUrl = serviceMetadata.Address; //_channelFactory.Endpoint.Address.Uri; X509Certificate2 clientCertificate = _channelFactory.Credentials.ClientCertificate.Certificate; ClaimsIdentity myOwnClaims = AccessPointToken.MakeClaims(createRequest.SenderIdentifier.Value, AssuranceLevel); Saml2SecurityToken token = AccessPointToken.ClaimsToSaml2SenderVouchesToken(myOwnClaims, thisUrl.AbsoluteUri, clientCertificate); //åpner proxy: Log.Info("Creating proxy on channelFactory with issuedToken..."); var proxy = _channelFactory.CreateChannelWithIssuedToken(token, new EndpointAddress(thisUrl, _channelFactory.Endpoint.Address.Identity)); Log.Info("Proxy created ok."); //kaller service: Log.Info("Calling service"); var response = proxy.Create(createRequest); var sendResult = new SendResult() { MessageId = createRequest.MessageIdentifier, Response = response, TimeSpent = DateTime.Now.Subtract(start) }; Log.InfoFormat("response OK. Message {0} sent OK!", sendResult.MessageId); return(sendResult); } catch (Exception exception) { Log.Error("Error when sending invoice.."); Log.Error(exception); throw; } }
/// <summary> /// Returns servicemetadata NOT FROM SML, but from app.config. should only be used in debug when sending to a custom AP /// </summary> /// <returns>ServiceMetadata (address of access point and public server certificate)</returns> public ServiceMetadata GetServiceMetadataFromKnownEndpoint() { return(ServiceMetadata.FromKnownEndpoint(_channelFactory)); }