How to add WS security element to SOAP request on powershell? - web-services

I got pretty standard powershell script that sends request to web service:
$ws = New-WebServiceProxy -uri "http://server:7801/path/service?wsdl"
$ws | get-member -type method
$ws.service.OverloadDefinitions
$header = New-Object Microsoft.PowerShell.Commands.NewWebserviceProxy.AutogeneratedTypes.WebServiceProxy1801_service_wsdl.header
$data = New-Object Microsoft.PowerShell.Commands.NewWebserviceProxy.AutogeneratedTypes.WebServiceProxy1801_esb_service_wsdl.data
# $header
# $data
$header.channel = ...
$data.Password = ...
$bar = $ws.service($header, $data)
It works fine, and now I want to add oasis ws-security component to the request's SOAP header:
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>Yolo McSwaggen</wsse:Username>
</wsse:UsernameToken>
</wsse:Security>
How do I do it?

Related

How to specify basic authentication in PL/SQL SOAP WSDL web service call

I am trying to call an Oracle Fusion Cloud web service from an Oracle Applications EBS server using PL/SQL. I can perform the web service call successfully from SOAPUI, however in SOAPUI the authentication (basic authentication) is specified in a separate window. My intention is to use the working SOAP envelope from SOAPUI, but how can I specify the web service basic authentication in PL/SQL (Oracle 11g)?
From google it looks like the basic authentication can be included in the SOAP envelope's header. However all the examples refer to http://docs.oasis-open.org which is a website that I don't know whether I can trust especially when it uses http and requires PasswordText as part of their url. See this example:
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-9419978" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Username>admin</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">admin</wsse:Password></wsse:UsernameToken></wsse:Security>
</soapenv:Header>
The dba also had to setup an ACL and a wallet (without a password).
The code I have at the moment is:
create or replace PROCEDURE p_soap_request(p_username IN VARCHAR2, p_password IN VARCHAR2
--, p_proxy IN VARCHAR2
) IS
soap_request VARCHAR2(30000);
soap_respond CLOB;
http_req utl_http.req;
http_resp utl_http.resp;
resp XMLType;
soap_err exception;
v_code VARCHAR2(200);
v_msg VARCHAR2(1800);
v_len number;
v_txt Varchar2(32767);
BEGIN
-- UTL_HTTP.SET_PROXY(p_proxy);
-- Define the SOAP request according the the definition of the web service being called
soap_request:= '<?xml version = "1.0" encoding = "UTF-8"?>'||
'<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">'||
' <SOAP-ENV:Body>'||
' <m:DownloadRequest xmlns:m="http://www.website.net/messages/GetDetails">'||
' <m:UserName>'||p_username||'</m:UserName>'||
' <m:Password>'||p_password||'</m:Password>'||
' </m:DownloadRequest>'||
' </SOAP-ENV:Body>'||
'</SOAP-ENV:Envelope>';
http_req:= utl_http.begin_request
( 'http://www.website.net/webservices/GetDetailsService.asmx'
, 'POST'
, 'HTTP/1.1'
);
utl_http.set_header(http_req, 'Content-Type', 'text/xml');
utl_http.set_header(http_req, 'Content-Length', length(soap_request));
utl_http.set_header(http_req, 'Download', ''); -- header requirements of particular web service
utl_http.write_text(http_req, soap_request);
http_resp:= utl_http.get_response(http_req);
utl_http.get_header_by_name(http_resp, 'Content-Length', v_len, 1); -- Obtain the length of the response
FOR i in 1..CEIL(v_len/32767) -- obtain response in 32K blocks just in case it is greater than 32K
LOOP
utl_http.read_text(http_resp, v_txt, case when i < CEIL(v_len/32767) then 32767 else mod(v_len,32767) end);
soap_respond := soap_respond || v_txt; -- build up CLOB
END LOOP;
utl_http.end_response(http_resp);
resp:= XMLType.createXML(soap_respond); -- Convert CLOB to XMLTYPE
END;
I'm not sure what to replace <m:DownloadRequest xmlns:m="http://www.website.net/messages/GetDetails"> with for my server. Also not sure how to specify the wallet.
My SOAPUI envelope is:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://xmlns.oracle.com/apps/financials/commonModules/shared/model/erpIntegrationService/types/">
<soapenv:Header/>
<soapenv:Body>
<typ:submitESSJobRequest>
<typ:jobPackageName>/oracle/apps/ess/financials/commonModules/shared/common/interfaceLoader</typ:jobPackageName>
<typ:jobDefinitionName>InterfaceLoaderController</typ:jobDefinitionName>
<!--Zero or more repetitions:-->
<typ:paramList>15</typ:paramList><!--GL Costing-->
<typ:paramList>17518</typ:paramList><!--UCM File Number-->
<typ:paramList>N</typ:paramList>
<typ:paramList>N</typ:paramList>
<typ:paramList>#NULL</typ:paramList>
</typ:submitESSJobRequest>
</soapenv:Body>
</soapenv:Envelope>
The SOAP WSDL url is:
https://your.domain.fin.region.oraclecloud.com:443/publicFinancialCommonErpIntegration/ErpIntegrationService?WSDL

Finally got it working with this code:
declare
l_envelope varchar2(32767);
l_http_request utl_http.req;
l_http_response utl_http.resp;
begin
utl_http.set_wallet
(
'file:/oracle/db/11.2.0/admin/EBST/wallet'
,'walletpassword'
);
l_envelope := '<?xml version="1.0"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://xmlns.oracle.com/apps/financials/commonModules/shared/model/erpIntegrationService/types/">
<soapenv:Header/>
<soapenv:Body>
<typ:submitESSJobRequest>
<typ:jobPackageName>/oracle/apps/ess/financials/commonModules/shared/common/interfaceLoader</typ:jobPackageName>
<typ:jobDefinitionName>InterfaceLoaderController</typ:jobDefinitionName>
<!--Zero or more repetitions:-->
<typ:paramList>15</typ:paramList><!--GL Costing-->
<typ:paramList>17518</typ:paramList><!--UCM File Number-->
<typ:paramList>N</typ:paramList>
<typ:paramList>N</typ:paramList>
<typ:paramList>#NULL</typ:paramList>
</typ:submitESSJobRequest>
</soapenv:Body>
</soapenv:Envelope>';
-- dbms_output.put_line(l_envelope);
l_http_request := utl_http.begin_request
(
'https://username:password#yourdomain.com:443/publicFinancialCommonErpIntegration/ErpIntegrationService?WSDL',
'POST',
'HTTP/1.1'
);
utl_http.set_header(l_http_request, 'Content-Type', 'text/xml');
utl_http.set_header(l_http_request, 'Content-Length', length(l_envelope));
utl_http.set_header(l_http_request, 'SOAPAction', 'http://xmlns.oracle.com/apps/financials/commonModules/shared/model/erpIntegrationService/submitESSJobRequest');
utl_http.write_text(l_http_request, l_envelope);
l_http_response := utl_http.get_response(l_http_request);
utl_http.read_text(l_http_response, l_envelope);
utl_http.end_response(l_http_response);
end;

django get data response from specific ip

I am working on an API integration. I am using django==1.10.5 and python34. The app involves sending request from my server to another server which is connected through a VPN.
password = "xxxxxxxxxxxxxxxxx"
spid = "xxxxxxxxxxxxxxxxx"
serviceid = "xxxxxxxxxxxxxxxxx"
sendershortcode = "xxxxxxxxxxxxxxxxx"
initiator = "xxxxxxxxxxxxxxxxx"
initiator_password = "xxxxxxxxxxxxxxxxx"
recieveridentifier = "xxxxxxxxxxxxxxxxx"
body = """<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:req="http://api-v1.gen.mm.vodafone.com/mminterface/request">
<soapenv:Header>
<tns:RequestSOAPHeader xmlns:tns="http://www.huawei.com/schema/osg/common/v2_1">
<tns:spId>"""+spid+"""</tns:spId>
<tns:serviceId>"""+serviceid+"""</tns:serviceId>
<tns:spPassword>"""+encoded_password+"""</tns:spPassword>
<tns:timeStamp>"""+reqTime+"""</tns:timeStamp>
</tns:RequestSOAPHeader>
</soapenv:Header>
<soapenv:Body>
<req:RequestMsg>
<![CDATA[<?xml version="1.0" encoding="UTF-8"?>
<request xmlns="http://api-v1.gen.mm.vodafone.com/mminterface/request">
<Transaction>
<CommandID>SalaryPayment</CommandID>
<LanguageCode></LanguageCode>
<OriginatorConversationID>"""+originator+"""</OriginatorConversationID>
<ConversationID></ConversationID>
<Remark></Remark>
<Parameters>
<Parameter>
<Key>Amount</Key>
<Value>200</Value>
</Parameter>
</Parameters>
<ReferenceData>
<ReferenceItem>
<Key>QueueTimeoutURL</Key>
<Value>http://138.197.41.74:80/user/test/</Value>
</ReferenceItem>
</ReferenceData>
<Timestamp>"""+reqTime+"""</Timestamp>
</Transaction>
<Identity>
<Caller>
<CallerType>2</CallerType>
<ThirdPartyID>broker_4</ThirdPartyID>
<Password>k+JtvqNV3eg=</Password>
<CheckSum>CheckSum0</CheckSum>
<ResultURL>http://138.197.41.74:80/results/B2C/</ResultURL>
</Caller>
<Initiator>
<IdentifierType>11</IdentifierType>
<Identifier>"""+initiator+"""</Identifier>
<SecurityCredential>YwBlXbjEFjh/UQ0cZhrk+4X9TxAIc3z8zf4rXZRZRLW32cm+c/lJYQ3ZFVThna+41x8EukAHZhuR44QiF5J1GF/9QaYwK1i1rIX2i/Fa9bRJ4fn/REYd/vE1/pUPn4GnfLib151RYQyO7KsLipLFk8Hr9SYq62MSrOxgyAd1bJXQ4SdEJwk0LtCZSTWBaZySbPJt/P0FBfG71kLkrP0P0pn1cuuuJoA3KJ5+RuX5WpsXR0HFFyyJFEwAlQ9oSmKW5fzCwEKMaKTKgScfyDXmhuiFZvrSmdV3H0o4Hhl17IQR8M1fwIk9JfxrSUqVRBrEqVKJrOOlSF/T7xLJTo0fpQ==</SecurityCredential>
<ShortCode>777133</ShortCode>
</Initiator>
<PrimaryParty>
<IdentifierType>4</IdentifierType>
<Identifier>777133</Identifier>
<ShortCode>777133</ShortCode>
</PrimaryParty>
<ReceiverParty>
<IdentifierType>1</IdentifierType>
<Identifier>"""+recieveridentifier+"""</Identifier>
<ShortCode>ShortCode1</ShortCode>
</ReceiverParty>
<AccessDevice>
<IdentifierType>1</IdentifierType>
<Identifier>Identifier3</Identifier>
</AccessDevice>
</Identity>
<KeyOwner>1</KeyOwner>
</request>]]></req:RequestMsg>
</soapenv:Body>
</soapenv:Envelope>"""
headers = {'content-type': 'Content-Type: text/xml; charset=utf-8'}
url = "http://xxx.xxx.xxxx.xxx:xxxx/mminterface/request"
response = requests.post(url=url, headers = headers, data = body)
#print (response.content)
respO = xmltodict.parse(response.content)
myresponse = json.dumps(respO)
This code works fine i am able to get a respose from the other server.
My question is the other server is sending some other data which am getting when i tcpdup response i.e. tcpdump -A -s 0 'src xxx.xxx.xxx.xxx and tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
From doing this am getting this content.
<?xml version='1.0' encoding='UTF-8'?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<res:ResultMsg xmlns:res="http://api-v1.gen.mm.vodafone.com/mminterface/result">
<![CDATA[<?xml version="1.0" encoding="UTF-8"?>
<Result xmlns="http://api-v1.gen.mm.vodafone.com/mminterface/result">
<ResultType>0</ResultType>
<ResultCode>0</ResultCode>
<ResultDesc>The service request has been accepted successfully.</ResultDesc>
<OriginatorConversationID>Z8MPEFVZ</OriginatorConversationID>
<ConversationID>AG_20170508_00006c8d2d96c6efbeab</ConversationID>
<TransactionID>LE80192FMG</TransactionID>
<ResultParameters>
<ResultParameter>
<Key>TransactionReceipt</Key>
<Value>LE80192FMG</Value>
</ResultParameter>
<ResultParameter>
<Key>TransactionAmount</Key>
<Value>200</Value></ResultParameter>
<ResultParameter>
<Key>B2CWorkingAccountAvailableFunds</Key>
<Value>0.00</Value>
</ResultParameter>
<ResultParameter>
<Key>B2CUtilityAccountAvailableFunds</Key>
<Value>5508.00</Value>
</ResultParameter>
<ResultParameter>
<Key>TransactionCompletedDateTime</Key>
<Value>08.05.2017 09:37:07</Value>
</ResultParameter>
<ResultParameter>
<Key>ReceiverPartyPublicName</Key>
<Value>254703381233</Value>
</ResultParameter>
<ResultParameter>
<Key>B2CChargesPaidAccountAvailableFu 06:38:49.685570 IP 196-201-214-127.safaricom.co.ke.60575 > mambowallet.http: Flags [P.], seq 1380:1741, ack 1, win 4380, length 361 ..gP...5 ..nds</Key>
<Value>-275.00</Value>
</ResultParameter>
<ResultParameter>
<Key>B2CRecipientIsRegisteredCustomer</Key>
<Value>N</Value></ResultParameter>
</ResultParameters>
<ReferenceData><ReferenceItem>
<Key>QueueTimeoutURL</Key>
<Value>http://138.197.41.74:80/user/test/</Value>
</ReferenceItem>
</ReferenceData>
</Result>]]>
</res:ResultMsg>
</soapenv:Body> </soapenv:Envelope>
Can someone help how i can get this content on the django view?
tcpdump image

you can do a tcpdump inside your python code using subprocess:
from subprocess import check_output
out = check_output(['tcpdump','args'])
you get the response in out and then you can work with it. for example:
out = check_output(['tcpdump', 'ether[0] & 1 = 0 and ip[16] >= 224'])
and you need to be root also

Sharepoint Office 365 OAuth Service authentication to list.asmx

I´m trying to access Sharepoint list data in Office 365 from an external website. I registered my app in Azure Active Directory and I've done all the process of creating and trusting a certifacte and getting the access token.
Add-Type -Path ".\Microsoft.IdentityModel.Clients.ActiveDirectory.dll"
$authenticationContext = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext -ArgumentList "https://login.microsoftonline.com/{myTenantId}/", $false
$cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$cer.Import(".\WithPrivateKey.pfx", "privateKey", [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::MachineKeySet)
$clientAssertion = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.ClientAssertionCertificate -ArgumentList "{myClientId}", $cer
$authenticationResult = $authenticationContext.AcquireToken("https://{tenantName}.sharepoint.com", $clientAssertion)
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization", "Bearer " + $authenticationResult.AccessToken)
I can successfully call to Sharepoint REST Api by presenting the access token in request headers.
$response = Invoke-RestMethod -Uri https://{myTenantName}.sharepoint.com/sites/devSite/_vti_bin/ListData.svc/TestList -Method Get -Headers $headers
However I can't do the same to access asmx endpoints, such as Lists.asmx, whenever I try to call any method on those services I get 401 UNAUTHORIZED
$body = '<?xml version="1.0" encoding="utf-8"?>
<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope">
<soap12:Body>
<GetList xmlns="http://schemas.microsoft.com/sharepoint/soap/">
<listName>TestList</listName>
</GetList>
</soap12:Body>
</soap12:Envelope>'
$response = Invoke-WebRequest -Uri https://{myTenantName}.sharepoint.com/sites/site/_vti_bin/Lists.asmx -Method Post -ContentType 'application/soap+xml' -Headers $headers -Body $body

After sometime digging into the .net Sharepoint client sdk, I found how SharepointOnlineCredential class does it, thus allowing access to Sharepoint SOAP Services.
So, as said already by Fei Xue, the Azure AD token is not valid to access Sharepoint SOAP services (althoug the token is valid to allows access to REST services...). To access Sharepoint Online services, you will need to use some sort of claims authentication, either by requesting user consent or by directly using a known user and password.
As we can't use the .net SDK in our php app, we have investigated how the SDK creates the requests to get authenticated when using user credentials directly:
First send your authentication credentials as a SAML-WSSecurity POST request to the authentication endpoint https://login.microsoftonline.com/rst2.srf:
POST https://login.microsoftonline.com/rst2.srf
Content-Type: application/soap+xml; charset=utf-8
Content-Length: [calculate]
Host: login.microsoftonline.com
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
<S:Header>
<wsa:Action S:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action>
<wsa:To S:mustUnderstand="1">https://login.microsoftonline.com/rst2.srf</wsa:To>
<ps:AuthInfo xmlns:ps="http://schemas.microsoft.com/LiveID/SoapServices/v1" Id="PPAuthInfo">
<ps:BinaryVersion>5</ps:BinaryVersion>
<ps:HostingApp>Managed IDCRL</ps:HostingApp>
</ps:AuthInfo>
<wsse:Security>
<wsse:UsernameToken wsu:Id="user">
<wsse:Username>[user]</wsse:Username>
<wsse:Password>[password]</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</S:Header>
<S:Body>
<wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" Id="RST0">
<wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>sharepoint.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsp:PolicyReference URI="MBI"></wsp:PolicyReference>
</wst:RequestSecurityToken>
</S:Body>
</S:Envelope>
The response, in xml format, will come with the security token in it:
....
<wst:RequestedSecurityToken>
<wsse:BinarySecurityToken Id="Compact0">t=EwA4A06hBwAUNfDkMme61kIdXqvj9tWnUbHtXWEAAREB5clgLb8J/VvxRFIKLUnd9SRyoBHmTHFk0viit2FMlGXak5NJKJhicT8MiZmgA2HoTrJM1EgXCNUpmWqrX1LQRNfs0PHEV4XncjI9lnphsSTiFSCDjmdCKtW4TmV8n18xJHvBtDUWdvCT2lBti8/gf1oiqD5lQBPtxr+d4OwNtJHADEKpC/YIoatcKqgxI480tlWOZHpEL1wifo5EDMDRRc985ObMCZ31fPdSpA7WIbDzlZYX9ou6Cq7EybrIHsAcr5cPIJ8y0FRUacma9+dMxqr/lILAIyAYz/GdTNffa2Q3zJOSWW5RcnigtCApHgf83HjW8DqC6NgTrXs6rpUDZgAACC/4JZlSLB3JCALIntkKmNtRl2JLvwUljkXrP5jg5ipK/J/fGF3oc46aP/YT3VnrrD6TCV5ZECki5ycYZ6JR5RDK6OSqI9c5FDfFS/YmSCcdcaJ1cG2Ug3Oz3w14mznYGwmvrgyGvw35aoyjnKZALw8OQ2Ddi97gbe03L4rrM7CxTGwEPgoKCK7USkwxZT+myLJASVhd29+eNsTqd7wuphhLrzbgYZ+7swlJb3oIJw/2T7YvJ4fTPByaLxGaBt7iry74aSh/RnXdH3snOQnsr63bXqqoDJGcj7A3aIpElw2LlW2/PGh84zke3corp2q/jg7PEKCnV8PYN2xiwSfqY9vNCny14xhHEPsK8FWDBOPDpgeC18qz+FpTN0rGUMXl20bxJGxGqnQ+s8k0Gu9yTxoZKWPSeVihJk6qUQo6KJb/NE/QRco94QDUjMYi+gccGN0D1ouUe+O0fb0InXeM+98qfXJLQAjoUtgS8rRJUAqFk5XVwebGbx0ICRv3Q/wiJ7T5yUryMBTtwbaGf/07QuGTv9CW2UTsV9zT1nMSRDfUpelZrgZt6huLnDRLC8yVHfXjndMwONdymxWcD9sLb8EcNmTUFHDfBrv8XFb50PNJAV4qvK8CgVmWu2C2GWXoZfYkaR6o6jpliQdT5NcNnb9wNy36OqDnIWl0ZNM1SOzVX0yQOLeaf8+1bslaafyYMAbhcAI=&p=
</wsse:BinarySecurityToken>
</wst:RequestedSecurityToken>
...
Then using the security token extracted from the previous response, you need to send a GET request to your tenant credentials endpoint: https://yourtenantname.sharepoint.com/_vti_bin/idcrl.svc/
You will need to send an Authorization header with the format: BPOSIDCRL + space + token. Like:
GET https://yourtenantname/_vti_bin/idcrl.svc/
Host: yourtenant.sharepoint.com
Authorization: BPOSIDCRL t=EwA4A06hBwAUNfDkMme61kIdXqvj9tWnUbHtXWEAAREB5clgLb8J/VvxRFIKLUnd9SRyoBHmTHFk0viit2FMlGXak5NJKJhicT8MiZmgA2HoTrJM1EgXCNUpmWqrX1LQRNfs0PHEV4XncjI9lnphsSTiFSCDjmdCKtW4TmV8n18xJHvBtDUWdvCT2lBti8
The response to this request will set a cookie that we need to capture and use in our next requests to the soap services:
Set-Cookie: SPOIDCRL=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VHJ1ZSwwaC5mfG1lbWJlcnNoaXB8MTAwMzdmZmU5NTc2YzdlZUBsaXZlLmNvbSwwIy5mfG1lbWJlcnNoaXB8Y2xvdWRAYXNlbWJsaWFkZXYub25taWNyb3NvZnQuY29tLDEzMTAxMjE4ODQ0Mzc0NDcxMjsxMzA5NTg5NTQ0NTAwMDAwMDAsRmFsc2UsUCtRcmlFSFRkRnZCNkJEREZFek1mK3RVaGlzZTZtdnl1R0N4aXpjaWpyRUdxZk1BN1RpdTJNdGN0VE42TVNjdi9Cbjd2OXRxS2VPaTBzWTdlTnRqNkFESmRubFM2S0ttVjdoeHRWNjdtY3FlQVQzYWJGeDFEVFd5dEJsOWZ3MDJkZ2JTakV3eUM3WTRIWXg0ek5UYUtvUTZacGFXR0NjZ0svZEtEbloya3ozdGFBblVPM1gvUkxBeUorYkZac2RGclBCRGF4aDNTMGpBTml2VTBzb0pJR0FFRmdsQzVaMWhxU28rekZFMU5UV01oMXphMjNPYUU0TjJUNHVjd1BlaEREKzR4Ry9yMWdXMC9zOWdTaGxTMlc1U29iVDhTY2NyYi80aG9Xb1Y2TWxva0t1bXBNOWc4cCtxb0xFL3dtaElDUm9MRGhQSXR1anhoSjlqb2lZY1RBPT0saHR0cHM6Ly9hc2VtYmxpYWRldi5zaGFyZXBvaW50LmNvbS9fdnRpX2Jpbi9pZGNybC5zdmMvPC9TUD4=; path=/; secure; HttpOnly
Finally by attaching this cookie to every request to Sharepoint Services we get authenticated responses:
POST https://yourtenantname.sharepoint.com/_vti_bin/Lists.asmx HTTP/1.1
Host: yourtenantname.sharepoint.com
Content-Type: application/soap+xml; charset=utf-8
Content-Length: [calculate]
Cookie: SPOIDCRL=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VHJ1ZSwwaC5mfG1lbWJlcnNoaXB8MTAwMzdmZmU5NTc2YzdlZUBsaXZlLmNvbSwwIy5mfG1lbWJlcnNoaXB8Y2xvdWRAYXNlbWJsaWFkZXYub25taWNyb3NvZnQuY29tLDEzMTAxMjExNjM5MjM3NTM1ODsxMzA5NTg5NTQ0NTAwMDAwMDAsRmFsc2UsdEFEQUZZSnZiMFF6cWxFSFlKOGRPN1d1cnJ5RzJvcGxTelBueWFMUzhrNitjenBGT0JVK292M1VkSWhydGU3TXFMOHRJaFFzazRrNHd5REFqMklDUDcyMWpES3hKWmZRZjdaUlZQeisrUi92c09Qak13em5ITkg4bHVEQXdKcVlLdE16NStoaU84cUtTRzNZWEJYbWF4SDk1cDZtSDlaMVRzaFVDRXZMZ3ZIbkt6aWlPclh4UDE2RDBmZHlTRWxsU0Radmt2Tkg0UHBLT2VGbjI5S25qSk9veDVha21TZVlIbTY2ZnF5S0tpOUJmMHdjRmlyelNRZzBWZTc4NW1JZ1ZaQUY2VTArVEI0QVRvVXRVVFFqTnd4ODJEZE9jbWlqQ25NUTUzUHUrWEFIT25lenFVb1dPTXovVWk5V2VSTUMvMWZiOUpsUmZMNlZaNjNaZDRVazB3PT0saHR0cHM6Ly9hc2VtYmxpYWRldi5zaGFyZXBvaW50LmNvbS9fdnRpX2Jpbi9pZGNybC5zdmMvPC9TUD4=; path=/; secure; HttpOnly
<?xml version="1.0" encoding="utf-8"?>
<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope">
<soap12:Body>
<GetListCollection xmlns="http://schemas.microsoft.com/sharepoint/soap/" />
</soap12:Body>
</soap12:Envelope>

The token get from Azure AD by ADAL only used for the Office 365 REST API(Code above using OAuth2.0 which get an JSON Wet Token for the REST API). This token doesn't work for the SharePoint web service.
To use the SharePoint web service, we need to authenticate the SharePoint with
SharePoint Claims Authentication. More detail about SharePoint authentication you can refer to the links below:
https://msdn.microsoft.com/en-us/library/hh147177.aspx#SPO_RA_OverviewSPAuthentication

Mule https call with string payload with query string and HTTP POST method

I am new to ESB mule. I have tried to reach https url using ESB mule.
For my request i have to build the URL and POST content.
Building URL -
I have prepared the value and set it in the java string. This was mapped in the config file using - setInvocationProperty.
Post content :
Post content is the string message.
When i run the program i am getting error message saying
The request signature we calculated does not match the signature you provided
In my java file, i have lines to print the query string value and the payload in console.
When I hit the url with post content written in console using postman chrome extension, i am getting successful response.
But with ESB mule i could not get the successful response.
Could you please show some light to fix this issue ?
Here I have pasted my ESB mule configuration file content.
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:wmq="http://www.mulesoft.org/schema/mule/ee/wmq" xmlns:metadata="http://www.mulesoft.org/schema/mule/metadata" xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/ee/wmq http://www.mulesoft.org/schema/mule/ee/wmq/current/mule-wmq-ee.xsd">
<http:listener-config name="HTTP_Listener_Configuration" host="localhost" port="8084" basePath="/mule" doc:name="HTTP Listener Configuration"/>
<http:request-config name="HTTP_Request_Configuration" host="mws.amazonservices.com" port="443" doc:name="HTTP Request Configuration" protocol="HTTPS" >
<http:proxy host="proxy.aaa.com" port="8080" username="John" password="pass"/>
</http:request-config>
<flow name="secondflowFlow">
<http:listener config-ref="HTTP_Listener_Configuration" path="/" doc:name="HTTP"/>
<custom-transformer class="com.mule.URLBuilding.BuildURL" doc:name="Java"/>
<set-payload value="#[message.payloadAs(java.lang.String)]" doc:name="Set Payload"/>
<http:request config-ref="HTTP_Request_Configuration" method="POST" path="/Products/2011-10-01" doc:name="Amazon_Call_HTTPS">
<http:request-builder>
<http:query-param paramName="MarketplaceId" value="#[flowVars.strMarketplaceId]"/>
<http:query-param paramName="ASINList.ASIN.1" value="#[flowVars.strASINListASIN1]"/>
<http:query-param paramName="AWSAccessKeyId" value="#[flowVars.strAWSAccessKeyId]"/>
<http:query-param paramName="Action" value="#[flowVars.strAction]"/>
<http:query-param paramName="SellerId" value="#[flowVars.strSellerId]"/>
<http:query-param paramName="MWSAuthToken" value="#[flowVars.strMWSAuthToken]"/>
<http:query-param paramName="SignatureVersion" value="2"/>
<http:query-param paramName="Timestamp" value="#[flowVars.strtimestamp]"/>
<http:query-param paramName="Version" value="#[flowVars.strVersion]"/>
<http:query-param paramName="Signature" value="#[flowVars.strsignature]"/>
<http:query-param paramName="SignatureMethod" value="#[flowVars.strSignatureMethod]"/>
</http:request-builder>
<http:success-status-code-validator values="0..599"/>
</http:request>
</flow>
</mule>

Amazon MWS SubmitFeed Updating stock quantity

I'm having problems with a stock quantity update feed using Amazon MWS. My Feed is submitted and processed, but I get errors, however if I submit the same XML via the scratchpad, the inventory updates are accepted and processed.
(merchant id starred out deliberately)
Submission and response below:
<AmazonEnvelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="amzn-envelope.xsd">
<Header>
<DocumentVersion>1.01</DocumentVersion>
<MerchantIdentifier>************</MerchantIdentifier>
</Header>
<MessageType>Inventory</MessageType>
<Message>
<MessageID>1</MessageID>
<OperationType>Update</OperationType>
<Inventory>
<SKU>BUS999904</SKU>
<Quantity>269</Quantity>
</Inventory>
</Message>
<Message>
<MessageID>2</MessageID>
<OperationType>Update</OperationType>
<Inventory>
<SKU>PROBS-HO-01</SKU>
<Quantity>137</Quantity>
</Inventory>
</Message>
And the response:
<?xml version="1.0" encoding="UTF-8"?>
<AmazonEnvelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="amzn-envelope.xsd">
<Header>
<DocumentVersion>1.02</DocumentVersion>
<MerchantIdentifier>M_ONTRACKSCO_1106147</MerchantIdentifier>
</Header>
<MessageType>ProcessingReport</MessageType>
<Message>
<MessageID>1</MessageID>
<ProcessingReport>
<DocumentTransactionID>54774016520</DocumentTransactionID>
<StatusCode>Complete</StatusCode>
<ProcessingSummary>
<MessagesProcessed>2</MessagesProcessed>
<MessagesSuccessful>0</MessagesSuccessful>
<MessagesWithError>2</MessagesWithError>
<MessagesWithWarning>0</MessagesWithWarning>
</ProcessingSummary>
<Result>
<MessageID>1</MessageID>
<ResultCode>Error</ResultCode>
<ResultMessageCode>25</ResultMessageCode>
<ResultDescription>We are unable to process the XML feed because one or more items are invalid. Please re-submit the feed. </ResultDescription>
</Result>
<Result>
<MessageID>2</MessageID>
<ResultCode>Error</ResultCode>
<ResultMessageCode>25</ResultMessageCode>
<ResultDescription>We are unable to process the XML feed because one or more items are invalid. Please re-submit the feed.</ResultDescription>
</Result>
</ProcessingReport>
</Message>
Any help anyone can give, or pointers/examples of valid stock update feeds would be most welcome.
Thanks.

I finally worked it out - I had the incorrect feed type in my post. It should have been set to _POST_INVENTORY_AVAILABILITY_DATA_.

Your XML seems to be missing </AmazonEnvelope> at the end of the feed, but that could easily be an error in pasting it here. Once I added that, I was able to validate your XML against my copy of the XSDs. Other than that, my inventory feed only differs in one way: I have an additional <FulfillmentLatency>1</FulfillmentLatency> following right after each Quanitity, which is not mandatory according to the XSDs.

Amazon MWS Update Inventory Stock Sample Code:
<?php
/**********************************************************
* Update inventory stock through amazon mws api
*
***********************************************************/
$sku1 = '10101-AM';
$quantity1 = '9';
$leadTimeToShip1 = '7';
//amazon mws credentials
$amazonSellerId = 'xxxxxx';
$amazonMWSAuthToken = 'xxxxxx';
$amazonAWSAccessKeyId = 'xxxxxx';
$amazonSecretKey = 'xxxxxx';
$amazonMarketPlaceId = 'xxxxxx';
$param = array();
$param['AWSAccessKeyId'] = $amazonAWSAccessKeyId;
$param['Action'] = 'SubmitFeed';
$param['Merchant'] = $amazonSellerId;
$param['MWSAuthToken'] = $amazonMWSAuthToken;
$param['FeedType'] = '_POST_INVENTORY_AVAILABILITY_DATA_';
$param['SignatureMethod'] = 'HmacSHA256';
$param['SignatureVersion'] = '2';
$param['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
$param['Version'] = '2009-01-01';
$param['MarketplaceIdList.Id.1'] = $amazonMarketPlaceId;
$param['PurgeAndReplace'] = 'false';
$secret = $amazonSecretKey;
$url = array();
foreach ($param as $key => $val) {
$key = str_replace("%7E", "~", rawurlencode($key));
$val = str_replace("%7E", "~", rawurlencode($val));
$url[] = "{$key}={$val}";
}
$amazon_feed = '<?xml version="1.0" encoding="utf-8"?>
<AmazonEnvelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="amzn-envelope.xsd">
<Header>
<DocumentVersion>1.01</DocumentVersion>
<MerchantIdentifier>'.$amazonSellerId.'</MerchantIdentifier>
</Header>
<MessageType>Inventory</MessageType>
<Message>
<MessageID>1</MessageID>
<OperationType>Update</OperationType>
<Inventory>
<SKU>'.$sku1.'</SKU>
<Quantity>'.$quantity1.'</Quantity>
<FulfillmentLatency>'.$leadTimeToShip1.'</FulfillmentLatency>
</Inventory>
</Message>
</AmazonEnvelope>';
//echo $amazon_feed;exit;
sort($url);
$arr = implode('&', $url);
$sign = 'POST' . "\n";
$sign .= 'mws.amazonservices.com' . "\n";
$sign .= '/Feeds/'.$param['Version'].'' . "\n";
$sign .= $arr;
$signature = hash_hmac("sha256", $sign, $secret, true);
$httpHeader = array();
$httpHeader[] = 'Transfer-Encoding: chunked';
$httpHeader[] = 'Content-Type: application/xml';
$httpHeader[] = 'Content-MD5: ' . base64_encode(md5($amazon_feed, true));
//$httpHeader[] = 'x-amazon-user-agent: MyScriptName/1.0';
$httpHeader[] = 'Expect:';
$httpHeader[] = 'Accept:';
$signature = urlencode(base64_encode($signature));
$link = "https://mws.amazonservices.com/Feeds/".$param['Version']."?";
$link .= $arr . "&Signature=" . $signature;
$ch = curl_init($link);
curl_setopt($ch, CURLOPT_HTTPHEADER, $httpHeader);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $amazon_feed);
$response = curl_exec($ch);
$info = curl_getinfo($ch);
$errors=curl_error($ch);
curl_close($ch);
echo '<pre>';
print_r($response); //xml response
?>