#!/usr/bin/perl
#
# Basic example of authentication against the BroadSoft OCI-P SOAP interface.
#
use strict;
use warnings;
 
use HTTP::Request;
use LWP::UserAgent;
use XML::XPath;
use Data::Dumper;
use Digest::SHA1 qw(sha1_hex);
use Digest::MD5 qw(md5_hex);
 
# Fixed parameters
my $session = time;
my $userId = 'user@xdp.broadsoft.com';
my $password = 'welcome1';
 
# Stage 1: the AuthenticationRequest
my $sAuthenticationRequest=<<"EOXML";
<BroadsoftDocument protocol = "OCI" xmlns="C" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<sessionId xmlns="">$session</sessionId>
<command xsi:type="AuthenticationRequest" xmlns="">
<userId>$userId</userId>
</command>
</BroadsoftDocument>
EOXML
 
# Stage 2: the LoginRequest
my $sLoginRequest=<<"EOXML";
<BroadsoftDocument protocol = "OCI" xmlns="C" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<sessionId xmlns="">$session</sessionId>
<command xsi:type="LoginRequest14sp4" xmlns="">
<userId>$userId</userId>
<signedPassword>%s</signedPassword>
</command>
</BroadsoftDocument>
EOXML
 
# SOAP envelope wrapper
my $sXML=<<'EOENV';
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<processOCIMessage
soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<arg0 xsi:type="soapenc:string"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">
 
<![CDATA[
%s
]]>
 
</arg0>
</processOCIMessage>
</soapenv:Body>
</soapenv:Envelope>
EOENV
 
# Create the basic request and client objects
my $oRequest = HTTP::Request->new;
$oRequest->header('Content-Type' => 'text/xml');
$oRequest->header('SOAPAction' => '""');
$oRequest->method('POST');
$oRequest->uri("http://ews.xdp.broadsoft.com/webservice/services/ProvisioningService");
$oRequest->content(sprintf $sXML, $sAuthenticationRequest);
 
my $oUA = LWP::UserAgent->new;
$oUA->timeout(120);
 
# Handle redirects
push @{$oUA->requests_redirectable}, 'POST';
 
$oUA->add_handler(
	response_redirect => sub { 
		my $response = shift;
		my $request = $response->request;
 
		if ($response->header('location')) {
			$request->uri($response->header('location'));
			return $request;
		}
	}
);
 
# First stage: post an authentication request
my $oResponse = $oUA->request($oRequest);
 
# Validate and parse the response
$oResponse->is_success || die $oResponse->status_line, "\n", $oResponse->content;
my $xp = XML::XPath->new( xml => $oResponse->content );
my $xml = $xp->findvalue('//*[local-name()="processOCIMessageReturn"]');
die 'Missing XML response' unless defined $xml;
$xp = XML::XPath->new( xml => $xml );
 
# Construct the parameters for the login request
my $nonce = $xp->findvalue('//nonce');
(my $cookie = $oResponse->header('Set-Cookie')) =~ s/;.*$//;
my $encryptedPassword = md5_hex("$nonce:".sha1_hex($password));
 
# Debug print
print "Nonce     : $nonce\n";
print "Set-Cookie: $cookie\n";
print "Encrypted : $encryptedPassword\n";
 
# The received cookie must be set in subsequent calls
$oRequest->header('Cookie' => $cookie);
 
# Set the content for the LoginRequest call and execute
$oRequest->content(sprintf $sXML, sprintf($sLoginRequest, $encryptedPassword));
$oResponse = $oUA->request($oRequest);
 
# Validate, parse, and print the response
$oResponse->is_success || die $oResponse->status_line, "\n", $oResponse->content;
$xp = XML::XPath->new( xml => $oResponse->content );
print $xp->findvalue('//*[local-name()="processOCIMessageReturn"]');
 
Powered by GeSHi