Client consuming web services implemented based on OASIS standards (e-filing secure web service for income tax department of india)

Question

1.00/5 (1 vote)

See more:

I need to create a web service client in C# .net for consuming web services provided by the Income tax department, Government of India for submitting ITR in bulk. They have provided a web service user manual and it's saying

 "web services are implemented based on OASIS standards. These webservices stacksupports WS-Security and WS-SecurityPolicy to configure the security handling."

e-Filing Secure Web Service User Manual

Following are the requirements for sending the request.

    * The header of the SOAP Request should contain Username Token and Timestamp which has to be send by the user. Username Token provides a standard way of representing a username (User ID registered in e-Filing) and password pair with WS-Security. The credential is used to authorize the requester i.e. user and the request.

    * The UniqueRequestID in the SOAP request should be unique for each request.

    * The request has to be digitally signed using the private key of the user. Signature include key info element that contains X.509 certificate details. This is needed for e-Filing server to validate the signer.

    The below elements in the SOAP request has to be signed
        Timestamp
        > UsernameToken
        > Body

     * After signing, the request has to be encrypted using the e-Filing’s public key. 

     The below contents are encrypted using the e-Filing’s public key
         > UsernameToken
         > Body

Following is the web service definition

XML

<pre><?xml version="1.0" encoding="UTF-8" ?> 
- <wsdl:definitions xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://incometaxindiaefiling.gov.in/ditsecws" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:ns1="http://schemas.xmlsoap.org/soap/http" name="BulkItrService" targetNamespace="http://incometaxindiaefiling.gov.in/ditsecws">
  <wsdl:import location="https://services.incometaxindiaefiling.gov.in/e-FilingSecWS/ditsecws/BulkItrService?wsdl=EfilingWsSecPolicy.wsdl" namespace="http://incometaxindiaefiling.gov.in/ditsecws" /> 
- <wsdl:types>
- <xs:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://incometaxindiaefiling.gov.in/ditsecws/response" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:ns1="http://schemas.xmlsoap.org/soap/http" elementFormDefault="qualified" targetNamespace="http://incometaxindiaefiling.gov.in/ditsecws/response" version="1.0">
  <xs:element name="BulkItrResponse" type="tns:BulkItrResponse" /> 
  <xs:element name="DitResponse" type="tns:DitResponse" /> 
- <xs:complexType name="BulkItrResponse">
- <xs:complexContent>
- <xs:extension base="tns:DitResponse">
- <xs:sequence>
  <xs:element minOccurs="0" name="tokenNumber" type="xs:string" /> 
  </xs:sequence>
  </xs:extension>
  </xs:complexContent>
  </xs:complexType>
- <xs:complexType name="DitResponse">
- <xs:sequence>
  <xs:element minOccurs="0" name="ErrorCode" type="xs:string" /> 
  <xs:element minOccurs="0" name="ErrorDesc" type="xs:string" /> 
  </xs:sequence>
  <xs:attribute name="uniqueRequestId" type="xs:string" use="required" /> 
  </xs:complexType>
  </xs:schema>
- <xs:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://incometaxindiaefiling.gov.in/ditsecws/request" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:ns1="http://schemas.xmlsoap.org/soap/http" elementFormDefault="qualified" targetNamespace="http://incometaxindiaefiling.gov.in/ditsecws/request" version="1.0">
  <xs:import namespace="http://www.w3.org/2005/05/xmlmime" /> 
  <xs:element name="BulkItrRequest" type="tns:BulkItrRequest" /> 
- <xs:complexType name="BulkItrRequest">
- <xsd:sequence>
  <xsd:element minOccurs="1" name="dataHandler" type="xs:base64Binary" xmime:expectedContentTypes="application/octet-stream" /> 
  </xsd:sequence>
- <xs:attribute name="uniqueRequestId" use="required">
- <xsd:simpleType>
- <xsd:restriction base="xs:string">
  <xsd:pattern value="[A-Za-z0-9]{10}[/-][A-Za-z0-9]{4,29}" /> 
  </xsd:restriction>
  </xsd:simpleType>
  </xs:attribute>
  </xs:complexType>
  </xs:schema>
- <xs:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://incometaxindiaefiling.gov.in/ditsecws" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:ns2="http://incometaxindiaefiling.gov.in/ditsecws/response" xmlns:ns1="http://incometaxindiaefiling.gov.in/ditsecws/request" attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="http://incometaxindiaefiling.gov.in/ditsecws">
  <xs:import namespace="http://incometaxindiaefiling.gov.in/ditsecws/request" /> 
  <xs:import namespace="http://incometaxindiaefiling.gov.in/ditsecws/response" /> 
  <xs:element name="uploadBulkItr" type="tns:uploadBulkItr" /> 
  <xs:element name="uploadBulkItrResponse" type="tns:uploadBulkItrResponse" /> 
- <xs:complexType name="uploadBulkItr">
- <xs:sequence>
  <xs:element minOccurs="1" name="DitRequest" type="ns1:BulkItrRequest" /> 
  </xs:sequence>
  </xs:complexType>
- <xs:complexType name="uploadBulkItrResponse">
- <xs:sequence>
  <xs:element minOccurs="0" name="result" type="ns2:BulkItrResponse" /> 
  </xs:sequence>
  </xs:complexType>
  </xs:schema>
  </wsdl:types>
- <wsdl:message name="uploadBulkItrResponse">
  <wsdl:part element="tns:uploadBulkItrResponse" name="parameters" /> 
  </wsdl:message>
- <wsdl:message name="uploadBulkItr">
  <wsdl:part element="tns:uploadBulkItr" name="parameters" /> 
  </wsdl:message>
- <wsdl:portType name="BulkItrService">
- <wsdl:operation name="uploadBulkItr">
  <wsdl:input message="tns:uploadBulkItr" name="uploadBulkItr" /> 
  <wsdl:output message="tns:uploadBulkItrResponse" name="uploadBulkItrResponse" /> 
  </wsdl:operation>
  </wsdl:portType>
- <wsdl:binding name="BulkItrServiceSoapBinding" type="tns:BulkItrService">
  <wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" URI="#EfilingWsSecPolicy" /> 
  <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" /> 
- <wsdl:operation name="uploadBulkItr">
  <soap:operation soapAction="" style="document" /> 
- <wsdl:input name="uploadBulkItr">
  <soap:body use="literal" /> 
  <wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" URI="#EfilingPartsPolicy" /> 
  </wsdl:input>
- <wsdl:output name="uploadBulkItrResponse">
  <soap:body use="literal" /> 
  </wsdl:output>
  </wsdl:operation>
  </wsdl:binding>
- <wsdl:service name="BulkItrService">
- <wsdl:port binding="tns:BulkItrServiceSoapBinding" name="BulkItrServicePort">
  <soap:address location="https://services.incometaxindiaefiling.gov.in/e-FilingSecWS/ditsecws/BulkItrService" /> 
  </wsdl:port>
  </wsdl:service>
  </wsdl:definitions>

Following is the WS Security Policy need to use (wsdl)

XML

<pre><?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://incometaxindiaefiling.gov.in/ditsecws" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:ns1="http://schemas.xmlsoap.org/soap/http" name="EfilingWsSecPolicy" targetNamespace="http://incometaxindiaefiling.gov.in/ditsecws">
    <wsp:Policy xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" wsu:Id="EfilingWsSecPolicy">
        <wsp:ExactlyOne>
            <wsp:All>
                <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <wsp:Policy>
                        <sp:InitiatorToken>
                            <wsp:Policy>
                                <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                                    <wsp:Policy>
                                        <sp:WssX509V3Token10/>
                                    </wsp:Policy>
                                </sp:X509Token>
                            </wsp:Policy>
                        </sp:InitiatorToken>
                        <sp:RecipientToken>
                            <wsp:Policy>
                                <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
                                    <wsp:Policy>
                                        <sp:WssX509V3Token10/>
                                    </wsp:Policy>
                                </sp:X509Token>
                            </wsp:Policy>
                        </sp:RecipientToken>
                        <sp:AlgorithmSuite>
                            <wsp:Policy>
                                <sp:Basic128/>
                            </wsp:Policy>
                        </sp:AlgorithmSuite>
                        <sp:Layout>
                            <wsp:Policy>
                                <sp:Lax/>
                            </wsp:Policy>
                        </sp:Layout>
                        <sp:IncludeTimestamp/>
                        <sp:OnlySignEntireHeadersAndBody/>
                    </wsp:Policy>
                </sp:AsymmetricBinding>

                <sp:SignedEncryptedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
                    <wsp:Policy>
                        <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
                            <wsp:Policy>
                                <sp:WssUsernameToken10/>
                            </wsp:Policy>
                        </sp:UsernameToken>
                    </wsp:Policy>
                </sp:SignedEncryptedSupportingTokens>
            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>
    <wsp:Policy xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" wsu:Id="EfilingPartsPolicy">
        <wsp:ExactlyOne>
            <wsp:All>
                <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
                    <sp:Body/>
                </sp:SignedParts>
                <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
                    <sp:Body/>
                </sp:EncryptedParts>
            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>
</wsdl:definitions>

Thanks in advance

What I have tried:

I am new to this and found some blogs saying I can use either WCF client or WSE 2.0/3.0 for consuming ws-security based web services.

Can anyone provide an idea regarding which services i should use (WCF client or WSE 2.0/3.0) and some step by step development guide to achieve the goal?

Posted 30-May-19 19:55pm

Shiji lKailas

Updated 31-May-19 17:31pm

v2

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Gerry Schmitz · Answer 1 · 2019-05-31T17:32:00

Before you can send anything "in bulk", these "services" require a verification process that usually involves acquiring credentials for testing, a test account, and test procedures.

I suggest you look into those first before worrying about WCF versus WSE.

As part of your "feasibility study", weigh the existing procedures.

e-Filing Home Page, Income Tax Department, Government of India[^]