import java.security.MessageDigest; import java.util.regex.*; import webservice.broadsoft.com.*; /** * Basic example of authentication against the BroadSoft OCI-P SOAP interface. * * The *ProvisioningService* classes have been generated with Axis 1.4 from * the WSDL generated by calling the following URL: * * http://ews.xdp.broadsoft.com/webservice/services/ProvisioningService?wsdl * */ public class BroadSoftAuthentication { private final static String ENDPOINT = "http://ews.xdp.broadsoft.com/webservice/services/ProvisioningService"; private final static String USER = "user@xdp.broadsoft.com"; private final static String PASS = "welcome1"; private final static long SESSION = System.currentTimeMillis(); public static void main(String[] args) throws Exception { BWProvisioningServiceServiceLocator locator = new BWProvisioningServiceServiceLocator(); BWProvisioningService service = locator.getProvisioningService(new java.net.URL(ENDPOINT)); ProvisioningServiceSoapBindingStub stub = ProvisioningServiceSoapBindingStub.class.cast(service); // Enable automatic session handling through cookies stub.setMaintainSession(true); // Set the request timeout stub.setTimeout(120000); // Stage 1: the authentication request String response = service.processOCIMessage(getAuthenticationRequest()); String signedPassword = getEncryptedPassword(getNonce(response)); // Stage 2: the login request response = service.processOCIMessage(getLoginRequest(signedPassword)); // Done System.out.println(response); } private static String getAuthenticationRequest() { return String.format( "<BroadsoftDocument protocol = \"OCI\" xmlns=\"C\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" + "<sessionId xmlns=\"\">%s</sessionId>" + "<command xsi:type=\"AuthenticationRequest\" xmlns=\"\">" + "<userId>%s</userId>" + "</command>" + "</BroadsoftDocument>", SESSION, USER ); } private static String getLoginRequest(String signedPassword) { return String.format( "<BroadsoftDocument protocol = \"OCI\" xmlns=\"C\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" + "<sessionId xmlns=\"\">%s</sessionId>" + "<command xsi:type=\"LoginRequest14sp4\" xmlns=\"\">" + "<userId>%s</userId>" + "<signedPassword>%s</signedPassword>" + "</command>" + "</BroadsoftDocument>", SESSION, USER, signedPassword ); } private static String getEncryptedPassword(String nonce) throws Exception { MessageDigest md5 = MessageDigest.getInstance("MD5"); MessageDigest sha1 = MessageDigest.getInstance("SHA1"); sha1.update(PASS.getBytes()); md5.update((nonce + ":" + byteArrayToHexString(sha1.digest())).getBytes()); return byteArrayToHexString(md5.digest()); } private static String getNonce(String response) { Pattern p = Pattern.compile("(<nonce>)(\\d+)"); Matcher m = p.matcher(response); m.find(); return m.group().replaceAll("<nonce>", ""); } private static String byteArrayToHexString(byte in[]) { byte ch = 0x00; int i = 0; if (in == null || in.length <= 0) { return null; } String pseudo[] = {"0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f"}; StringBuffer out = new StringBuffer(in.length * 2); while (i < in.length) { ch = (byte) (in[i] & 0xF0); // Strip off high nibble ch = (byte) (ch >>> 4); // shift the bits down ch = (byte) (ch & 0x0F); // must do this is high order bit is on! out.append(pseudo[ (int) ch]); // convert the nibble to a String Character ch = (byte) (in[i] & 0x0F); // Strip off low nibble out.append(pseudo[ (int) ch]); // convert the nibble to a String Character i++; } return new String(out); } }