How to authenticate Primavera P6 Web Services using Username Token in C#?

Question

I need to use Username Token in order to authenticate Primavera P6 Web Services. I have created console application in VS2010 and added a service reference to:

http://localhost:8206/p6ws/services/ExportService?wsdl

So at this moment I have a proxy class and I can write something like this:

var exportService = new ExportPortTypeClient();
var project = new ExportProject { ProjectObjectId = 1000 };
exportService.ExportProject(project);

While I'm trying to invoke ExportProject() I get an exception because of authentication failed.

Does anyone have an example code of authentication using Username Token?

Answer 1

Make sure you create the Client with a custom binding like this:

var securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();                
securityElement.AllowInsecureTransport = true; //in case you don't use SSL
securityElement.EnableUnsecuredResponse = true; //in case you don't use SSL
var encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8);
var transportElement = new HttpTransportBindingElement();
var binding = new CustomBinding(securityElement, encodingElement, transportElement);

EndpointAddress endpointAddress = new EndpointAddress("<your endpoint to service goes here>");

var exportService = new ExportPortTypeClient(binding, endpointAddress);
var project = new ExportProject { ProjectObjectId = 1000 };
exportService.ExportProject(project);

Answer 2

I finally came across a solution to using a username token with P6 WebServices. It is not as straight forward as you may think. You need to include a WSE header.

The solution for this is on Rick Strahl's blog.

public class CustomTokenSerializer : WSSecurityTokenSerializer {
    public CustomTokenSerializer(SecurityVersion sv)
        : base(sv) { }

    protected override void WriteTokenCore(XmlWriter writer, SecurityToken token) {
        var userToken = token as UserNameSecurityToken;
        var tokennamespace = "o";
        var nonce = GetSHA1String(Guid.NewGuid().ToString());
        writer.WriteRaw(
                $@"<{tokennamespace}:UsernameToken u:Id=""{token.Id}"" xmlns:u=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"">
                <{tokennamespace}:Username>{userToken.UserName}</{tokennamespace}:Username>
                <{tokennamespace}:Password Type=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\"">{userToken.Password}</{tokennamespace}:Password>
                <{tokennamespace}:Nonce EncodingType=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\"">{nonce}</{tokennamespace}:Nonce>
            </{tokennamespace}:UsernameToken>"
            );
    }

    protected string GetSHA1String(string phrase) {
        SHA1CryptoServiceProvider sha1Hasher = new SHA1CryptoServiceProvider();
        byte[] hashedDataBytes = sha1Hasher.ComputeHash(Encoding.UTF8.GetBytes(phrase));
        return Convert.ToBase64String(hashedDataBytes);
    }

}

I'm using a ChannelFactory to create the clients.

public class WebServiceClientFactory<T> : IWebServiceClientFactory<T> {

    public WebServiceClientFactory() {
        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
        ServicePointManager.Expect100Continue = true;
        ServicePointManager.DefaultConnectionLimit = 9999;
    }

    public T GetClient(Credentials cred) {

        ChannelFactory<T> channelFactory = new ChannelFactory<T>(GetBinding(), new EndpointAddress(cred.Url));
        channelFactory.Endpoint.Behaviors.Remove<System.ServiceModel.Description.ClientCredentials>();
        channelFactory.Endpoint.Behaviors.Add(new CustomCredentials());
        channelFactory.Endpoint.Behaviors.Add(new CustomP6DbInstanceBehavior(cred.DatabaseInstanceId));

        channelFactory.Credentials.UserName.UserName = cred.Username;
        channelFactory.Credentials.UserName.Password = cred.Password;

        return channelFactory.CreateChannel();
    }

    private Binding GetBinding() {
        var security = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
        security.IncludeTimestamp = false;
        var encoding = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8);
        var transport = new HttpsTransportBindingElement {
            MaxReceivedMessageSize = 20000000 // 20 megs
        };
        return new CustomBinding(security, encoding, transport);
    }

}