locked
AddApplication response is Invalid XML with no additional Info RRS feed

  • Question

  • Hi,

    I'm submitting an AddApplication request and getting an invalid XML respose with no additional data to help me determine what's wrong with the request.

    With the exception of the public-key node, can anyone tell me what's wrong with this request?

    And, I don't see a place to include the parent application id. Where should that be in the request?

    Thanks!

    Joanne

    <?xml version="1.0" encoding="utf-8"?>
    <wc-request:request xmlns:wc-request="urn:com.microsoft.wc.request">
      <auth>
        <hmac-data algName="HMACSHA1">LcpVNF0bw+rBi2Ef015EZyNwAjg=</hmac-data>
      </auth>
      <header>
        <method>AddApplication</method>
        <method-version>2</method-version>
        <auth-session>
          <auth-token>AiAAAELaZ2IBce1HucCx1y2QQQSIsdKbfoPKdvKrWQIamOOLMrnR6Oy50/BVzfsAkwu716AAAAAj4FzPMDoosDSntkLhQMKqbR1Lc+Ens1Wuurt7OJ9OJ2GuYXh5S5bHJ1IW6sgBHbqFZ15b5b8A1tixXNJFfUQp8jY36I5nHF+HhweeS4SoyE6A/x8wem6sIkn8Tqjus23kgA+HgF4FNBn68JQm/oHVAHDB9Gdzh/RXLfEhpzIEDWcU2OtEmcdKfMPBA3SMEGcYVD5XxrPJhOTeyEiW3WM+IAAAAAI0q5sKGm4jB1ZoL8fKoHpv+UQad4gF+XLa4wv/l6VdIAAAAAI0q5sKGm4jB1ZoL8fKoHpv+UQad4gF+XLa4wv/l6Vd</auth-token>
        </auth-session>
        <language>en</language>
        <country>US</country>
        <msg-time>2015-01-08T16:38:49.937-05:00</msg-time>
        <msg-ttl>29100</msg-ttl>
        <version>0.0.0.1</version>
        <info-hash>
          <hash-data algName="SHA1">xD5VhOx8r/CGUD1/bs8oS1u/SX4=</hash-data>
        </info-hash>
      </header>
      <info>
        <name>Centerstone SPINN - Secure Personal Information and Notification Network</name>
        <public-keys>
          <public-key></public-key>
        </public-keys>
        <person-offline-base-auth>
          <auth>
            <rules>
              <rule name="Personal Health">
                <reason>In order to maintain/update your records automatically</reason>
                <permission>Read</permission>
                <permission>Update</permission>
                <permission>Create</permission>
                <permission>Delete</permission>
                <target-set>
                  <type-id>822a5e5a-14f1-4d06-b92f-8f3f1b05218f</type-id>
                  <type-id>52bf9104-2c5e-4f1f-a66d-552ebcc53df7</type-id>
                  <type-id>9ad2a94f-c6a4-4d78-8b50-75b65be0e250</type-id>
                  <type-id>4b18aeb6-5f01-444c-8c70-dbf13a2f510b</type-id>
                  <type-id>a5033c9d-08cf-4204-9bd3-cb412ce39fc0</type-id>
                  <type-id>3b3e6b16-eb69-483c-8d7e-dfe116ae6092</type-id>
                  <type-id>879e7c04-4e8a-4707-9ad3-b054df467ce4</type-id>
                  <type-id>ca3c57f4-f4c1-4e15-be67-0a3caf5414ed</type-id>
                  <type-id>415c95e0-0533-4d9c-ac73-91dc5031186c</type-id>
                  <type-id>7ea7a1f9-880b-4bd4-b593-f5660f20eda8</type-id>
                  <type-id>25c94a9f-9d3d-4576-96dc-6791178a8143</type-id>
                  <type-id>9c48a2b8-952c-4f5a-935d-f3292326bf54</type-id>
                  <type-id>1e1ccbfc-a55d-4d91-8940-fa2fbf73c195</type-id>
                  <type-id>a9a76456-0357-493e-b840-598bbb9483fd</type-id>
                  <type-id>02ef57a2-a620-425a-8e92-a301542cca54</type-id>
                  <type-id>4b7971d6-e427-427d-bf2c-2fbcf76606b3</type-id>
                  <type-id>464083cc-13de-4f3e-a189-da8e47d5651b</type-id>
                  <type-id>22826e13-41e1-4ba3-8447-37dadd208fd8</type-id>
                  <type-id>6705549b-0e3d-474e-bfa7-8197ddd6786a</type-id>
                  <type-id>cc23422c-4fba-4a23-b52a-c01d6cd53fdf</type-id>
                  <type-id>bd0403c5-4ae2-4b0e-a8db-1888678e4528</type-id>
                  <type-id>1572af76-1653-4c39-9683-9f9ca6584ba3</type-id>
                  <type-id>b81eb4a6-6eac-4292-ae93-3872d6870994</type-id>
                  <type-id>40750a6a-89b2-455c-bd8d-b420a4cb500b</type-id>
                  <type-id>cd3587b5-b6e1-4565-ab3b-1c3ad45eb04f</type-id>
                  <type-id>9366440c-ec81-4b89-b231-308a4c4d70ed</type-id>
                  <type-id>5800eab5-a8c2-482a-a4d6-f1db25ae08c3</type-id>
                  <type-id>ef9cf8d5-6c0b-4292-997f-4047240bc7be</type-id>
                  <type-id>30cafccc-047d-4288-94ef-643571f7919d</type-id>
                  <type-id>162dd12d-9859-4a66-b75f-96760d67072b</type-id>
                  <type-id>92ba621e-66b3-4a01-bd73-74844aed4f5b</type-id>
                  <type-id>a5294488-f865-4ce3-92fa-187cd3b58930</type-id>
                  <type-id>46d485cf-2b84-429d-9159-83152ba801f4</type-id>
                  <type-id>df4db479-a1ba-42a2-8714-2b083b88150f</type-id>
                  <type-id>e4911bd3-61bf-4e10-ae78-9c574b888b8f</type-id>
                  <type-id>d33a32b2-00de-43b8-9f2a-c4c7e9f580ec</type-id>
                  <type-id>73822612-c15f-4b49-9e65-6af369e55c65</type-id>
                  <type-id>3d34d87e-7fc1-4153-800f-f56592cb0d17</type-id>
                  <type-id>b7925180-d69e-48fa-ae1d-cb3748ca170e</type-id>
                </target-set>
              </rule>
            </rules>
          </auth>
        </person-offline-base-auth>
        <methods>x-BaseMethods,x-UserDataExtended,x-ConnectPackage,x-eventing,x-MeaningfulUseReports</methods>
        <action-url>https://secure.spinnphr.com/auth/</action-url>
        <description>Personal Health Information and Emergency Notification for an Active Lifestyle.</description>
        <auth-reason>SPINN - Secure Personal Information and Notification Network - needs access to data to connect you to your health care providers.</auth-reason>
        <large-logo>
          <logo>R0lGODlheAA8APcAADtyrWvFaZ+45vb5+RUpyWl0uPHz82JqtrO924aJxCZJpIqRyJzC00ZG0UhXuAUllEtiuiiiGoajxOPk9Zip3SNVnZWV5OPs6E5O0zZIqaGo29vc7Nvk8ePz5kNXrDYzzKq45GJwxjY7qaOk6CpXziqVADOYAHaJ1pClxzRVqiIry//8/xWiCgouyB1DohgzyePy21yBzFJ3uFW5VByUALrju9zb9ChSqP35/qvWqL6+7+v164zVi7TI1qyx2Pr/+/n5/MXh4sXI2aPK1f7/+O3y94bJa9HT7HJ9u+jy9OTx9wAplGaEviE7ywaUAOrq+UVMuPXx+DauKhKaAfP48ZqbxXqJwS+fGdLy0+jm9gAulQAxmMPL7SkuzDhi0PX3+UqySPLx+ODr9CaUACysIrLC5hOSANbW8z2sN8PK5fj6+hU7nMbyw3O8aQAsk7zJ7ipJzFluuz5lqwIzmOP55PLv98zK8F170jCXAE5my8PS5WSJ1NXZ5e/t9wI5mZHMk1V2zert8jZbzbvY3s7e4bXjt73cvfn3/hVFnPz7/fn9/vf0/CAlygEumkJg0PD1+RqZAf78/AAnkr+93wAhkBtEyZib1AorlbvA4P///Pz+/v7993V7xR48qAAcjuvr9n/Ef2V0xk9fsgYvlxIvlzAwzP7+/uPf79XY3uzp9P/9/////v/+/+rw9u3o80FQrVtqwq7foWWR1ggvnHiW1rvrv8HP3wCNAAAaxbvxvktztNXS49bW7Njb4OTs+I6ezvL0/vTz/KThqE+4Pu/u8uDu783c6ISN3pzNj5nbkP79/Y2U0k5xz8rkxdTi1BCUCPT77z6fDzZV0ejo8ZzToD2hJZ7gnjZMzK/eqn6Z4DSXDTaZAMHU6sXa48nS7SGqG2jDWPz//CadDi2XAKvG5nd33cDF4Zyszc/P8oiI4ZCf5v79//7//n+WxP7//87L5QU4mDedEQ82lww8ltjf8tTk7+Di493j8OHw4QigAO786BiwGLfiurbpt5q53////yH5BAAAAAAALAAAAAB4ADwAAAj/AP8JHEiwoMGDCBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuXMGPKnEmzps2bOHPq3LlSjb4O+GAIhYGvAx1oPDWaWsqUacIdwni0QUMmgjYTWLFe2SfFCIykF5uKNdgh1owrU2iMGTMOD1Y8cPGMKzGGxhVnYCuKbUqwQ4AIacdt22aiBI3DNPKxWLw435hboPJiHPtPlbUINNwSHjMFUjUwAbAZqsUGi2k2uWpgoyMZIrpyFkbI1vGPL5A2ZgRjpTFlWLJ+alp3BJIOnQUMH0bUdgrKjOYSU2YUIiIcpAUbIzA0UN60xpRxJraZ/6lWw2KYLGGiqA+jpL2SOgcntFKvvo+YRP8STSgSpY4ihV+gt54YA/zziBjpFaHQKp98Ql8rEwiUxSF92GDDE2LNQMNgNIBxwUVCOCBCBimkIIIInaSoQBy/tEKQFRmQmEIGrzARxj9fyDBiCnJkkRAhosgoghwb/GOLiSkosEBCq1TxiggzZsAEQmJJIdg4V+yAUSRhnAPPElpUMckkCFgihydudOLDQDj0AgElkryywSLuCPTFOxksQYkcLh6kyRc+wHOJD2Eo808kxFgCpiRLIqTGBExQ4gAvBQ60F1PxhDcFDwYlcsId6rxRDEQ3LOFHEAQpsgyYD2BCEApuLP8RykEFSDKHJBAsklAULlTASkGukLLFFm6goNAQnjRK0KVLiUOYOFoWdMgLBBDQAhwxcPFFQ6X6MUhBkXigxRKiECRBrCEcdIAkS2whiQz4HZRKr5UOdAopc2gxrAYJMUBJAg+BUQIe0VBh0CoCUMuICgSoIAgFCirU7bcFVQEmIgYMdO4S6Rp0wCgFzLHFEkgAIS+9BZ1yiRy6LNHILCAg5C/ADsVCgwmQFIKQHsfk0US1jLRwTcwJTWyQBo1ogciHAm3ccUEHbGFPO5SMzEQ4Bs1bQb0CnfKADH144IYWa5hz0MwP7UDGWuAotEkWDOxRScMEnBCxQUYXRMESbij/YGjT6KqrRS+sIPEAscYWpDXX/3gNwD/TKMC3C6gYhPZD/DwzzqYN1SNLEww74iPeplL8oiSSTKlx4B5rUfk/SIA5qOIoE+T4D/9soIAbbmTQR0GXP5SDGSVAAkoSDaUBhwqMOIJ8QXkPNI0LS6xBj7msQ+36QHK4fEkPBC2e8gMA4P7PLvKM6wExBAX/EDIsjGEGGthkvNAZlZRCwB2kw0MIQdxIgSfW4CrscUxwr/vHBFIgiUbMIw0DEZ/tyGe+fyBgFOOSwyMG4r6H9CMCZqgLGQJgCCwwbiCroAAB9GcH6LkBHh4IBSdgkYJRrIET9zCI0xBIEA7cgHed8IZA/yRoLwoSRAOjcFccDiGQDj4EHwG4AmJowAI08CASBwEGCbqgAv4R5Id+KEABDlAAFExiGgjZYesSKBB6KKARfSsSEbtmRIJQIGmSiMGvnAgRfIDiG2oZQwnMEIDggMsRKijFC87wxSX4zyFq1B4bBYIORIzrBsWoQ+2KWD6DLMANxLLCP/gYkR1QYwaANIMTylMQIGzxAy3wRyO9BcnsEeQA2zOILeQRKzkE4gZbG18nC5IJK1RtCb/owb80ogo6NOMPf4gWQcrwglJ84AVlmKXpFhLJW+bSIJMgxbggoIBgTnCYBUlEAaomD1FIgmYj8YU0uvCBUjRBDNqs5QHXmP+Qc4BSC1owJycrWJAVFKBdWngnSXzhBQJ84AMq8MJ/BGKK6HHTlgPB5SQJwo52ILQChuTkRA+SiBQs4Vbw/MgmBLC8h3ahBeQgyCa6haqGwEpW6nKDPRSiCSssYRQCFYgrHiCHhWygVAr1SCaSQAEvtEAFDy1FC05gvhXwAmlLIJktAqEQMaTBA6hTAALuYShT2AATLqDEAo7ARIQoIhSUqICu7GSMBVDCBZiIUEJ054mUMiQTCcmEGoLBBw3sgQRPfegHXnoCLAqkG6KAggMg4AAoeEBZBlFGOyoLAcpCoQC/G0AcJEtZBwhBIYcIQQFMJhAuQAAKni3A8xDChVe4nOMh9LhDNkYggN72dgTquIMj4PACatHzoQy7xhsKogYgsEIVK1jBP3DAWoQcIhGmiK4qVHGIddQGCNuNrhpCmpC/CSQROIDudgcwUoSsoE4OAQEuGGGtFti3BQRYmAq6YM16MowAD7tRdTjyiD20QL9dSLCCuci8FjTBEbRAh/0G3JFElOEEgHCEIEjAYQ47ghl7oEAZbEDhEpv4xChOsYpXzOIWu/jFMI6xjGdM4xrb+MY4HkhAAAA7</logo>
          <content-type>image/gif</content-type>
        </large-logo>
        <restrict-app-users>false</restrict-app-users>
        <supported-record-locations>
          <location>
            <country>AS</country>
          </location>
          <location>
            <country>GU</country>
          </location>
          <location>
            <country>MP</country>
          </location>
          <location>
            <country>PR</country>
          </location>
          <location>
            <country>US</country>
          </location>
          <location>
            <country>VI</country>
          </location>
        </supported-record-locations>
        <supported-instances>
          <instance-id>1</instance-id>
        </supported-instances>
      </info>
    </wc-request:request>



    Monday, January 12, 2015 7:31 PM

Answers

  • To answer my question number 1 above, despite the conflicting information presented on this page:

    http://msdn.microsoft.com/en-us/library/ff803647.aspx

    I have learned that in creating a child application, you must create an unique private/public key pair cert for the child application, and pass the public key from that into the addApplication request.

    To answer my question number 2 above, I can not use DefaultPrivateKeyStore.getPublicKey(), as it returns the SHA1 hash. The request needs for the public key node to be populated with a string value that results from code such as this:

    new String(Hex.encodeHex(cert.getEncoded()))

    • Marked as answer by jscollard Tuesday, January 20, 2015 4:10 PM
    Tuesday, January 20, 2015 4:10 PM

All replies

  • Hi Joanne,

    The typical program flow for provisioning child applications (from the .NET SDK perspective) is as follows...

    • create an offline connection to the HealthVault platform via the master application.
    • use the Provisioner.AddApplication method to create new child app ( passing in the offline connection of the master app, and an ApplicationInfo object )

    I am not familiar with how this is done in the Java SDK, but I will take a look and reply back once I understand how it works.

    -Sean

    Monday, January 12, 2015 9:43 PM
  • Sean,

    That is essentially what I'm doing. I successfully executed a GetApplicationInfo request on the parent app. I used much of the info from the parent app to create the ApplicationInfo object. I'm getting a response that says my request XML is invalid, but does not give an specifics as to what is wrong.

    I'll look closer at the code to see if I'm creating a new connection each request, or maintaining the connection from the GetApplicationInfo request.

    Monday, January 12, 2015 10:11 PM
  • Hi Joanne,

    I reviewed the logs and found that your call to AddApplication is failing because of a an XML schema validation error. The public key element is invalid.

    The public key must be included in the ApplicationInfo object when you make the call to AddApplication. 

    The general workflow for creating a child application should be

    1. Establish an authenticated connection to HealthVault using the master app id
    2. Create and populate a new ApplicationInfo object for the child app
    3. Call AddApplication 


    -Sean

    Wednesday, January 14, 2015 5:42 PM
  • Sean,

    At the time I submitted the request, there was a public key value in the request. I have tried multiple different ways to include the public key with no luck.

    What I read here: http://msdn.microsoft.com/en-us/library/ff803647.aspx has conflicting messages about whether I need to have a unique public/private key pair for each child app, or whether I can use the parent public key to create the child app.

    I tried creating a new public/private key pair certificate, and using that to create the child app, and that's when I received the invalid XML error.

    I also tried accessing the parent kestore, and getting the public key from that via the code below. The string returned from that code as the public key is only about 40 bytes, where the schema expects over 512 bytes.

    So, can you tell me two things:

    1) Does HealthVault require an unique private/public key pair for each child application, separate from the parent? Or can I use the parent keystore public key to create the child app? Access the child app?

    2) What value is the schema expecting in the public-key node? How do I go about getting that value?

    I am emailing you the latest request and response xmls.

    Thanks!

    Joanne

                       


    private String getPublicKeyFromKeystore(String masterAppId) throws BatchCommandExecutionException {
    //Get the keystore values
    String filename = ApplicationConfig.Keystore_Filename;
    String keyName = ApplicationConfig.getValue(masterAppId + ".keyname");
    String keyStorePassword = ApplicationConfig.Keystore_Password;
    DefaultPrivateKeyStore keyStore = new DefaultPrivateKeyStore();
    //Make sure the keystore file exists
    File keyStoreFile = new File(filename);
    if (!keyStoreFile.exists()) {
    String msg = "CreateHVApplicationCommand failed getting keystore due to File Not Found";
    throw new BatchCommandExecutionException(msg);
    } else {
    log.info("We can find the keystore file: "+ keyStoreFile.getAbsolutePath());
    }
    if(keyName == null || keyName.length() < 1) {
    String msg = "CreateHVApplicationCommand failed getting keystore due to Unable to find keyname from properties with appId of " + masterAppId;
    throw new BatchCommandExecutionException(msg);
    } else {
    keyName = keyName.toLowerCase();
    log.info("Keyname is: " + keyName);
    }

    keyStore.setAlias(keyName);
    keyStore.setPassword(keyStorePassword);
    keyStore.setFilename(filename);

    return keyStore.getPublicKey();

    }

    Wednesday, January 14, 2015 8:31 PM
  • To answer my question number 1 above, despite the conflicting information presented on this page:

    http://msdn.microsoft.com/en-us/library/ff803647.aspx

    I have learned that in creating a child application, you must create an unique private/public key pair cert for the child application, and pass the public key from that into the addApplication request.

    To answer my question number 2 above, I can not use DefaultPrivateKeyStore.getPublicKey(), as it returns the SHA1 hash. The request needs for the public key node to be populated with a string value that results from code such as this:

    new String(Hex.encodeHex(cert.getEncoded()))

    • Marked as answer by jscollard Tuesday, January 20, 2015 4:10 PM
    Tuesday, January 20, 2015 4:10 PM