Issue
I've been handed a project that involves creating a SOAP API call to Lufthansa's myIdTravel API. (Including the Lufthansa company name here in case anyone with specific experience with the Lufthansa API can jump in. All the API information is public knowledge, and I have obfuscated any private info, like "password".)
While I have plenty of ReST API experience using OAuth2, I have no SOAP experience at all, and I am finding the experience quite frustrating.
I was provided, by Lufthansa, a client.pfx file, and the following example SOAP XML body:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ser="http://service.login.myidtravel.com"
xmlns:bos="http://bos.login.myidtravel.com"
xmlns:ser1="http://service.wsgateway-v2.myidtravel.lhsystems.com">
<soapenv:Header/>
<soapenv:Body>
<ser:StaffProfilesUploadRequest ac="YY">
<ser:updateRecord>
<ser:employee ptc="ZEA" lastname="Test" firstname="emp" middlename="midd" salutation="MR" title="Dr." gender="M" laborGroup="pilot" dob="1990-01-01">
<bos:employment eID="uploadTest" doj="2000-01-01" />
<bos:accounting costCenter="123" />
<bos:contact emailAddress="abc@myidtravel.com" phone1="1234" phone2="23456" mobileNumber="545454"/>
<bos:entitled-person ptc="ZSP" lastname="test" firstname="entit" middlename="spouse" salutation="MR" dob="1995-01-01" externalPersonID="2" />
<bos:employment-status startDate="2000-01-01" status="retired"/>
</ser:employee>
</ser:updateRecord>
</ser:StaffProfilesUploadRequest>
</soapenv:Body>
</soapenv:Envelope>
Through trial and error, I have come up with the following C# code, that is at least contacting the API, but is returning a "500 internal server error"
. It is also using XML tailored to my specific needs.
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create("https://integration.myidtravel.com/services/Gateway_V2");
request.Method = "POST";
request.ContentType = "text/xml;charset=\"utf-8\"";
request.Accept = "text/xml, application/xhtml+xml, */*";
var cert = new X509Certificate2(@"C:\client.pfx", "password");
request.ClientCertificates.Add(cert);
XmlDocument xml = new XmlDocument();
xml.LoadXml(
@"<soapenv:Envelope xmlns:soapenv='http://schemas.xmlsoap.org/soap/envelope/' xmlns:ser='http://service.login.myidtravel.com' xmlns:bos='http://bos.login.myidtravel.com'>
<soapenv:Header>
</soapenv:Header>
<soapenv:Body>
<ser:StaffProfilesUploadRequest ac='XX'>
<ser:updateRecord>
<ser:employee ptc='ZEA' lastname='Wallace' firstname='Kirby' middlename='L.' dob='1999-01-01'>
<bos:employment eID='123456'/>
</ser:employee>
</ser:updateRecord>
</ser:StaffProfilesUploadRequest>
</soapenv:Body>
</soapenv:Envelope>"
);
using (Stream stream = request.GetRequestStream()) {
xml.Save(stream);
}
using (StreamReader reader = new StreamReader(request.GetResponse().GetResponseStream())) { // <--- ERROR HERE
string response = reader.ReadToEnd();
}
By the time the error is thrown on request.GetReponse()
, the cert
is loaded and appears to be a valid X509 cert. cert.Thumbprint, cert.PrivateKey
, cert.PublicKey
, cert.NotBefore
, and cert.NotAfter
(and all other properties) seem to have valid values in them.
But the API is returning 500 Internal Server Error
upon .GetResponse()
.
What steps am I missing, or what else do I need to do?
Solution
In case my unusual situation helps anyone else, let me explain what caused this. I do not know the steps needed to fix it, but I do know what caused it and worked around it.
By looking at the response headers and certificates provided by SoapUI, I discovered that my company is doing something on the network that stripped off my SSL certificate, and substituted an SSL cert of their own. So, my request was arriving at the remote API minus the SSL it was supposed to provide for the Mutual Authentication handshake.
Hope that helps someone else in the future. Especially if you are working behind a company firewall.
Answered By - KWallace Answer Checked By - Senaida (PHPFixing Volunteer)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.