You need to sign in to do that
Don't have an account?
Marie-Charlotte D
Apex callout and wsse authentication
Hello,
I need to connect to an external site to send objects. I use the code below but I still get an error ("wsse authentication" required) .
Does somebody see the error?
Thank you for your help!
I need to connect to an external site to send objects. I use the code below but I still get an error ("wsse authentication" required) .
Does somebody see the error?
Thank you for your help!
String jsonLeads = JSON.serialize(leadToSend); String headerReq = createHeader(); Http http = new Http(); HttpRequest request = new HttpRequest(); request.setHeader('Authorization',headerReq); system.debug('header '+request.getHeader('Authorization')); request.setEndpoint('http://xxxx'); request.setMethod('POST'); request.setBody(jsonLeads); system.debug('request '+request); try{ HttpResponse response = http.send(request); if (response.getStatusCode() != 201) { System.debug('The status code returned was not expected: ' + response.getStatusCode() + ' ' + response.getStatus()+response.getBody()); } else { System.debug(response.getBody()); } }catch(System.CalloutException e) { system.debug(e); } } public static String createHeader(){ String token = 'xxxxxx'; String chars = '0123456789abcdef'; String nonce = ''; String dt = system.now()+'Z'; while (nonce.length() < 32) { Integer idx = Math.mod(Math.abs(Crypto.getRandomInteger()), chars.length()); nonce += chars.substring(idx, idx+1); } system.debug('nonce: '+nonce); String nonce64 = EncodingUtil.base64Encode(Blob.valueOf(nonce)); Blob target = Blob.valueOf(nonce+dt+token); Blob digestSha1 = Crypto.generateDigest('SHA1',target); String digest = EncodingUtil.base64Encode(digestSha1); String header = 'X-WSSE:UsernameToken Token="'+token+'",PasswordDigest="'+digest+'",Nonce="'+nonce64+'",Created="'+dt+'"'; return header; }
change this line
request.setHeader('Authorization',headerReq); to request.setHeader('X-WSSE',headerReq);
Then my code was able to authenticate
I'm trying to call an external service using Http request following the above code with your suggestion but i'm having authorization error 401. I think my header is wrong. Can you past your sample working code please.
Best regards
This a class that I made of copy and paste from forum - and is working fine towards an Emarsys integration.
public class WSSecurityUtil {
public class UsernameToken{
public String Username;
public String Password;
public String Nonce;
public String dt;
public String Digest;
public String Header;
public UsernameToken(String username,String password){
System.debug('WSSecurityUtil -Logger in med '+username+' - '+password);
this.Username = username;
this.Password = password;
this.Nonce = generateNounce();
this.dt = generateTimestamp();
this.Digest = generateDigest(Nonce,dt,Password);
this.Header = generateHeader(username,Digest,Nonce,dt);
}
/* Generate Nounce, random number base64 encoded */
public String generateNounce()
{
String nonce='';
String possible = '0123456789abcdef';
while (nonce.length() < 16) {
Integer i = Math.mod(Math.abs(Crypto.getRandomInteger()), possible.length());
nonce += possible.substring(i, i+1);
}
String nonce64 = EncodingUtil.convertToHex(Blob.valueOf(nonce));
return nonce64;
}
/* Generate timestamp in GMT. In Emarsys example with Z, work only without Z */
public String generateTimestamp()
{
Datetime dt = Datetime.now();
return dt.format('yyyy-MM-dd\'T\'HH:mm:ss');
//return Datetime.now().formatGmt('yyyy-MM-dd\'T\'HH:mm:ss\'Z\'');
//return dt.format('yyyy-MM-dd\'T\'HH:mm:ss\'Z\'');
}
/* Generate Digest */
public String generateDigest(String nonce,String dt, String key)
{
Blob shaOne = crypto.generateDigest('SHA1', blob.valueOf(nonce+dt+key));
String hexConv= encodingUtil.convertToHex(shaOne);
return EncodingUtil.base64Encode(blob.valueOf(hexConv));
}
/* Generate Header */
public String generateHeader(String Username,String Digest,String Nonce,String dt){
return 'X-WSSE: UsernameToken Username="'+Username+'",PasswordDigest="'+Digest+'",Nonce="'+Nonce+'",Created="'+dt+'"';
}
}
}
WSSecurityUtil.UsernameToken security = new WSSecurityUtil.UsernameToken( userName, key);
Header = security.header;
String headerReq = header;
Http http = new Http();
HttpRequest request = new HttpRequest();
request.setMethod(POST);
request.setHeader('X-WSSE',headerReq);
request.setHeader('Accept','text/html');
request.setHeader('Content-Type', 'application/json');
request.setEndpoint(endpoint);
request.setBody(jSON);
HttpResponse response = http.send(request);
thank you very much for your immediate support. Even in my case it was a problem related to date formatting. I finally solved using, for my time zone (italy), this date format: datetime.now().format('yyyy-MM-dd\'T\'HH:mm:ss\'+01:00\'');
Thank u