4th SmartHR library kiji is used to run e-Gov (operation check)

Call the SmartHR library kiji from the driver and generate a signed xml. In addition, send the signed xml to the verification environment with the curl command and check the response of e-Gov.

In the curl command, specify the following parameters and request URI, and start from the command prompt.

No Parameters, request URI Description
1 -X GET or POST
2 -d @Signed xml file name Specified only when using the POST command
3 -H "x-eGovAPI-AccessKey Accesskey" Specify the key issued by user authentication
4 -H "x-eGovAPI-SoftwareID:Software ID"
5 -H "Authorization:Basic authentication information" Basic authentication ID:Base64 encoded value of password
6 Request URI Https format URI for verification environment

Finally, after defining the problems of e-Gov, we will consider whether it can be improved with the minor portal API.

1 User authentication

After generating the signed xml, user authentication is performed.

1.1 Generate signed xml

Run the driver to generate register.xml.

Signed xml generation for user authentication


>ruby make_register_xml.rb
>dir register.xml
2020/08/23  15:30             2,682 register.xml
1 file 2,682 bytes
0 directories 631,570,432 bytes of free space

1.2 User authentication

Basic authentication is required in the verification environment. Concatenate the Basic authentication ID and Basic authentication password with a single-byte colon, prepare a Base64-encoded value, and set that value in Authorization in the header part of the HTTP request.

If you access the request URI with the POST command from the curl command, the following response will be returned.

curl


>curl -X POST -d @register.xml -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************" 
 https://*****************/****/*/**************/login

<?xml version="1.0" encoding="UTF-8"?>
  <DataRoot>
    <Result>
      <Code>0</Code>
      <Message></Message>
    </Result>
    <ApplData>
    <UserID>*********</UserID>
    <AccessKey>
78zTKYZQrWdLYgC5cP4oTmalTQE8T7uPF+UDzUEYKZnM4o+teUfNgBGtQsEj6OLsLJX8bW72/B1C
me9RmoZLt/YjnLey59EVKzGKVmv/aHQ9ZCCh9zV6gP1h2B8A4/rQOdiXlS9bQ6YGoahaiJzoooW4
n7dF27OCt71+2yTgG6vMnTify8TYVX7ftazfNUfCPm/XPKTg+4PUnSlcXxPrN8dgRiuv6dSeTZFN
6juFvO+PsXIcxr//WtGvMP0V4cFP
    </AccessKey>
    <LastAuthenticationDate>20200702213554</LastAuthenticationDate>
  </ApplData>
</DataRoot>

An access key is set in the \ tag. After that, when calling various APIs, be sure to specify the access key in the header of the http request. Also, the \ tag is the time stamp of the last authentication.

1.3 Check the contents of the signed xml

Check the register.xml generated by the driver. You can see that the hash calculation and signature are done.

register.xml


<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <ApplData Id="ApplData">
    <UserID>*********</UserID>
  </ApplData>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="20200721144359">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> 
        <Reference URI="#ApplData">
          <Transforms>
            <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> 
          </Transforms>
          <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> 
          <DigestValue>pfQDAIAVdZvrFvZoCTsCp5juOrxd7G1jS168/dFBm7Y=</DigestValue>
        </Reference>
      </SignedInfo>
      <SignatureValue>
Zrm+z6efKMPj2ugb/jFPPAOFasMSRgJDAFv63Qz2XeKnAc5pLPq1F3HXqrcZRY0zueyVkC2ceB9N
3EO+b/cXvpS2egSp4NC2LiFMx02r0qnpgHaxwCEebb5szCq6MgVYE6tL8xzIdP2ToSigMr+16vu9
AkWORFQX0JVyP4J3Fpl3/FvHdPzlId2fwIpZ1GfCdDhgp35oS85RUcP/JLVnqJ9b9V688LQZkP5g
29LqHbsj8626VX6TD6zYQNlr1rTtdoBIGvNs1Ve51ichNfHF4HeA8x7CG/vTN2AsF73dBLBzY0u4
sMD4zEM7nUBbKeuV831DE+2fbxZq+h6r+ThSdg==
      </SignatureValue>
      <KeyInfo>
        <X509Data> 
          <X509Certificate>
MIIEizCCA3OgAwIBAgIEWCsMRzANBgkqhkiG9w0BAQsFADAuMQswCQYDVQQGEwJKUDERMA8GA1UE
CgwIRGVtb01pbjExDDAKBgNVBAsMA0NBMTAeFw0xOTEwMjUwMTE2NTZaFw0yNDEwMjQxNDU5NTla
MEkxCzAJBgNVBAYTAkpQMREwDwYDVQQKDAhEZW1vTWluMTEMMAoGA1UECwwDQ0ExMRkwFwYDVQQD
DBBJY2hpcm8gTWFkb2d1Y2hpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD81VFFm
GM26HYdeGrGzbPbadeBzU4WxIE1r6qeZLxjz7DiV42tjo8QFulWZk6hmCeb5j9ChKp+BA/9Yj6us
ccKHZrPQmbcXUZkXRXz9z/7CLxp8b1zAzJakZ0g7o9iU3a3TpyeP6V+GFtkO8YqfthEsJsYzx82d
Ui85Bm4l5pnztozPdXRZd2VJpdwzGqtqw6N9PKzMNWux5C0jklkaPeP5P6NHLfeN51+phkY2xkdJ
lry629PeKjZAwN0Z8Xu0JdubCvA95UctoZgBoOjpgDtWImV3o9hDpwu+1tMlEBhNZIuKOr2G38qR
Z9iJUyoK+XhbzyBUu0A2cwCj0MshbwIDAQABo4IBlDCCAZAwDgYDVR0PAQH/BAQDAgbAMBEGCWCG
SAGG+EIBAQQEAwIGQDBOBgNVHRIERzBFpEMwQTELMAkGA1UEBhMCSlAxHjAcBgNVBAoMFeaooeaT
rOawkemWk+iqjeiovOWxgDESMBAGA1UECwwJ77yj77yh77yRMB8GA1UdIAEB/wQVMBMwEQYPAoM4
ho4xCAEBAAKMmyVkMGgGA1UdEQRhMF+kXTBbMQswCQYDVQQGEwJKUDEeMBwGA1UECgwV5qih5pOs
5rCR6ZaT6KqN6Ki85bGAMRIwEAYDVQQLDAnvvKPvvKHvvJExGDAWBgNVBAMMD+eqk+WPo+OAgOS4
gOmDjjBQBgNVHR8ESTBHMEWgQ6BBpD8wPTELMAkGA1UEBhMCSlAxETAPBgNVBAoMCERlbW9NaW4x
MQwwCgYDVQQLDANDQTExDTALBgNVBAMMBENSTDEwHwYDVR0jBBgwFoAUFNPnlvRSx8XFOnRlLumW
95h4I18wHQYDVR0OBBYEFD6UH9Exye9dEpz9MHJ3sbUDpoZSMA0GCSqGSIb3DQEBCwUAA4IBAQBb
CKyFGsqMv6+HkrY0OK+4v40PJQAa/KbOC3JTKooLfNCNXTiTwtWAl1sGN+Ow8pIp8Yvj16VcYpi8
zO4TmNe8NT+u/e2OvBXwJ9OxOs9UNI2m/mXGcSSJ7eXMR3aVCniDU7IaQeicquQttLP9IOk9Ao1W
+BM35y5bITA/BMO5tzgaimp4G484QtF/XLi40rGhaZAHGEfvl0abJXPumjajhnGv7SCkjw4+9qdz
5Dtp6kl+GVshQgo6ofpEWhVzdhfqKhNy8dNRL7C/gOTYm+M9SAFk9syL5xKXRyMUGDOheypiJrW/
QyOjrxs6cFa5VqaZWcRIq8yVPwABCpGG/hjU
          </X509Certificate>
       </X509Data>
    </KeyInfo>
  </Signature>
</DataRoot>

The part between the \ tags is the hash value, and the result of hash calculation of the entire \ tag with sha256. In hash calculation, it is difficult to obtain the original content from the hash value, and changing the original content has the property that the hash value changes.

The part between the \ tags is the signature value, and the entire \ tag is signed with the private key.

The part between the \ tags is the certificate (public key). This content matches the public key part of the verification environment test digital certificate (e-GovEE01_sha2.pfx).

e-Gov parses the signed xml and decrypts the signed value with the public key to confirm that it is the sender. Furthermore, confirm that there is no tampering by matching the hash values.

1.4 Verify the hash value

The hash value is calculated for the entire \ tag, including the user ID, which is the result of the SHA-256 algorithm. To see if this result is correct, I used the Data Conversion Tool (https://hogehoge.tk/tool/) to verify.

After launching the data conversion tool and setting the entire \ tag as the conversion source (input) data, it was converted according to the following conversion rule. When I compared the results to the hash value of the signed xml, the results matched.

--Input format (decode): Plain TEXT --Character code conversion: No conversion required --Hash: SHA-256 --Output format (encoding): BASE64

2 Bulk application in standard format

Use the curl command to access e-Gov in the order of authentication, batch application, and acquisition of sent item list information, and check each response until the status of the procedure becomes "reached".

2.1 Generate signed xml

Run the driver to generate a signed xml for bulk submission in standard format.

Signed xml for bulk application in standard format


>ruby make_zip_file_standard_format.rb

When you run the driver, a zipped file will be created. Convert this to Base64 format encoding with Data Conversion Tool, import it into apply_data.xml, and create application data.

The signature information tag in kousei.xml looks like this:

kousei.xml


<Signature information>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="20200822191454">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
      <Reference URI="#%E6%A7%8B%E6%88%90%E6%83%85%E5%A0%B1">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <DigestValue>5OBpw3i4ksNiXkS0zjRaeTpdGpX9FqSK+DjyL3J6TPU=</DigestValue>
      </Reference>
      <Reference URI="900A01020000100001_01.xml">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <DigestValue>Vb10zdwjOtrhECwy/TyswwTqSzEhWQKDc2B1y7j9v3M=</DigestValue>
      </Reference>
      <Reference URI="%E6%B7%BB%E4%BB%98%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB.docx">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <DigestValue>OAjJfENMRUepWtYYSvAqGnSv6nxx4brjif93tCHopKk=</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>
fhdK4cIq4jAfrGM21nnerwL/U0vob2SMI6nkf1O7WgplbSAqFPooViJqcdk4UbulQlV3mR5WLd23
VphT/QWycbL6q4bav5qmesCE9AaGDexNTkn2Do+eWNAGJbFSSNhAwa+mY0QoMtgbR9tVlXxoYPQ1
9y8ak2WABQPSscAwPGqtb4BsDZMgOJKYqx5zPZlb+EnkC4sxnDMtEPqRjLUFAisQsVynbg3FOy0V
dQ6/psJc6GxCe3qAqCWFpUsLlC7WmiadwcITqgWWiDDBevUDVqLLEdYCcOJzQt4PPpGMNIaRUai+
Mec9e6KvSLnn/TGsnBf7z7nu7o4l1UomnPFUEw==
    </SignatureValue>
    <KeyInfo>
      <X509Data>
        <X509Certificate>
MIIEizCCA3OgAwIBAgIEWCsMRzANBgkqhkiG9w0BAQsFADAuMQswCQYDVQQGEwJKUDERMA8GA1UE
CgwIRGVtb01pbjExDDAKBgNVBAsMA0NBMTAeFw0xOTEwMjUwMTE2NTZaFw0yNDEwMjQxNDU5NTla
MEkxCzAJBgNVBAYTAkpQMREwDwYDVQQKDAhEZW1vTWluMTEMMAoGA1UECwwDQ0ExMRkwFwYDVQQD
DBBJY2hpcm8gTWFkb2d1Y2hpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD81VFFm
GM26HYdeGrGzbPbadeBzU4WxIE1r6qeZLxjz7DiV42tjo8QFulWZk6hmCeb5j9ChKp+BA/9Yj6us
ccKHZrPQmbcXUZkXRXz9z/7CLxp8b1zAzJakZ0g7o9iU3a3TpyeP6V+GFtkO8YqfthEsJsYzx82d
Ui85Bm4l5pnztozPdXRZd2VJpdwzGqtqw6N9PKzMNWux5C0jklkaPeP5P6NHLfeN51+phkY2xkdJ
lry629PeKjZAwN0Z8Xu0JdubCvA95UctoZgBoOjpgDtWImV3o9hDpwu+1tMlEBhNZIuKOr2G38qR
Z9iJUyoK+XhbzyBUu0A2cwCj0MshbwIDAQABo4IBlDCCAZAwDgYDVR0PAQH/BAQDAgbAMBEGCWCG
SAGG+EIBAQQEAwIGQDBOBgNVHRIERzBFpEMwQTELMAkGA1UEBhMCSlAxHjAcBgNVBAoMFeaooeaT
rOawkemWk+iqjeiovOWxgDESMBAGA1UECwwJ77yj77yh77yRMB8GA1UdIAEB/wQVMBMwEQYPAoM4
ho4xCAEBAAKMmyVkMGgGA1UdEQRhMF+kXTBbMQswCQYDVQQGEwJKUDEeMBwGA1UECgwV5qih5pOs
5rCR6ZaT6KqN6Ki85bGAMRIwEAYDVQQLDAnvvKPvvKHvvJExGDAWBgNVBAMMD+eqk+WPo+OAgOS4
gOmDjjBQBgNVHR8ESTBHMEWgQ6BBpD8wPTELMAkGA1UEBhMCSlAxETAPBgNVBAoMCERlbW9NaW4x
MQwwCgYDVQQLDANDQTExDTALBgNVBAMMBENSTDEwHwYDVR0jBBgwFoAUFNPnlvRSx8XFOnRlLumW
95h4I18wHQYDVR0OBBYEFD6UH9Exye9dEpz9MHJ3sbUDpoZSMA0GCSqGSIb3DQEBCwUAA4IBAQBb
CKyFGsqMv6+HkrY0OK+4v40PJQAa/KbOC3JTKooLfNCNXTiTwtWAl1sGN+Ow8pIp8Yvj16VcYpi8
zO4TmNe8NT+u/e2OvBXwJ9OxOs9UNI2m/mXGcSSJ7eXMR3aVCniDU7IaQeicquQttLP9IOk9Ao1W
+BM35y5bITA/BMO5tzgaimp4G484QtF/XLi40rGhaZAHGEfvl0abJXPumjajhnGv7SCkjw4+9qdz
5Dtp6kl+GVshQgo6ofpEWhVzdhfqKhNy8dNRL7C/gOTYm+M9SAFk9syL5xKXRyMUGDOheypiJrW/
QyOjrxs6cFa5VqaZWcRIq8yVPwABCpGG/hjU
        </X509Certificate>
      </X509Data>
    </KeyInfo>
  </Signature>
</Signature information>

2.2 Make a batch application

Make a batch application with the curl command. Specify the required parameters such as "-X POST" and "-d @ apply_data.xml".

In the HTTP response, the send number is set in the \ tag.

curl


>curl -X POST -d @apply_data.xml -H "x-eGovAPI-AccessKey: 
78zTKYZQrWdLYgC5cP4oTmalTQE8T7uPF+UDzUEYKZnM4o+teUfNgBGtQsEj6OLsLJX8bW72/B1C
me9RmoZLt/YjnLey59EVKzGKVmv/aHQ9ZCCh9zV6gP1h2B8A4/rQOdiXlS9bQ6YGoahaiJzoooW4
n7dF27OCt71+2yTgG6vMnTify8TYVX7ftazfNUfCPm/XPKTg+4PUnSlcXxPrN8dgRiuv6dSeTZFN
6juFvO+PsXIcxr//WtGvMP0V4cFP"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*****************/****/*/**************/apply

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <SendNumber>202007231845376104</SendNumber>
    <SendDate>20200723184537</SendDate>
    <SendFileName>apply_data.zip</SendFileName>
    <SendApplyCount>1</SendApplyCount>
    <ErrorCount>0</ErrorCount>
  </ApplData>
</DataRoot>

2.3 Acquire information on the list of transmitted projects

Use the curl command to get the sent item list information. Note that the transmission number "202007231845376104" obtained in the response of the batch application is set as the parameter of the request URI.

curl


>curl -X GET -H "x-eGovAPI-AccessKey: 
78zTKYZQrWdLYgC5cP4oTmalTQE8T7uPF+UDzUEYKZnM4o+teUfNgBGtQsEj6OLsLJX8bW72/B1C
me9RmoZLt/YjnLey59EVKzGKVmv/aHQ9ZCCh9zV6gP1h2B8A4/rQOdiXlS9bQ6YGoahaiJzoooW4
n7dF27OCt71+2yTgG6vMnTify8TYVX7ftazfNUfCPm/XPKTg+4PUnSlcXxPrN8dgRiuv6dSeTZFN
6juFvO+PsXIcxr//WtGvMP0V4cFP"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*******************/*******/*/******/apply;id=202007231845376104

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <SendNumber>202007231845376104</SendNumber>
    <SendDateFrom></SendDateFrom>
    <SendDateTo></SendDateTo>
    <PackageApplyCount>1</PackageApplyCount>
    <PackageApply>
      <No>1</No>
      <SendNumber>202007231845376104</SendNumber>
      <SendDate>20200723184537</SendDate>
      <WorkStatus></WorkStatus>
      <NormalCount>1</NormalCount>
      <AllCount>1</AllCount>
      <SupplementaryMessage></SupplementaryMessage>
      <ErrorCount>0</ErrorCount>
      <ErrorFile></ErrorFile>
      <ApplyCount>0</ApplyCount>
    </PackageApply>
  </ApplData>
</DataRoot>

At this stage, the data format of the batch application is being checked, and the \ tag of the application list information item is not output.

After a while, if you execute the same command again, you can confirm that the format check is completed and the transition to the reached state is completed from the \ tag of the response. You can see that the arrival number at this time is "9002020000002128" from the \ tag.

curl


>curl -X GET -H "x-eGovAPI-AccessKey: 
78zTKYZQrWdLYgC5cP4oTmalTQE8T7uPF+UDzUEYKZnM4o+teUfNgBGtQsEj6OLsLJX8bW72/B1C
me9RmoZLt/YjnLey59EVKzGKVmv/aHQ9ZCCh9zV6gP1h2B8A4/rQOdiXlS9bQ6YGoahaiJzoooW4
n7dF27OCt71+2yTgG6vMnTify8TYVX7ftazfNUfCPm/XPKTg+4PUnSlcXxPrN8dgRiuv6dSeTZFN
6juFvO+PsXIcxr//WtGvMP0V4cFP"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*******************/*******/*/******/apply;id=202007231845376104

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <SendNumber>202007231845376104</SendNumber>
    <SendDateFrom></SendDateFrom>
    <SendDateTo></SendDateTo>
    <PackageApplyCount>1</PackageApplyCount>
    <PackageApply>
      <No>1</No>
      <SendNumber>202007231845376104</SendNumber>
      <SendDate>20200723184537</SendDate>
      <WorkStatus></WorkStatus>
      <NormalCount>1</NormalCount>
      <AllCount>1</AllCount>
      <SupplementaryMessage></SupplementaryMessage>
      <ErrorCount>0</ErrorCount>
      <ErrorFile></ErrorFile>
      <ApplyCount>1</ApplyCount>
      <Apply>
        <No>1</No>
        <ArriveID>9002020000002128</ArriveID>
        <MinistryName>Degre Ministry</MinistryName>
        <ProcName>
API test procedure (labor insurance related procedure) (communication) 0001 / API test procedure (labor insurance related procedure) (communication) 0001
        </ProcName>
        <ProcFolderName>900A010200001000(1)</ProcFolderName>
        <ApplicantName>Hoge Hoge</ApplicantName>
        <CorporationtName></CorporationtName>
        <DepartmentName></DepartmentName>
        <Status>Reach</Status>
        <StatusDate>20200723184907</StatusDate>
        <PayStatus>-</PayStatus>
        <PayWaitCount>0</PayWaitCount>
        <CorrectStatus>None</CorrectStatus>
        <CommentCountNotRead>0</CommentCountNotRead>
        <CommentCount>0</CommentCount>
        <DocCountNotDownload>0</DocCountNotDownload>
        <DocCount>0</DocCount>
      </Apply>
    </PackageApply>
  </ApplData>
</DataRoot>

3 Collective application in individual file signature format

Use the curl command to access e-Gov in the order of authentication, batch application, transmission item list information acquisition, official document / comment list acquisition, and official document acquisition, and check each response. In addition, check the contents of the official documents issued by e-Gov.

3.1 Generate signed xml

Signed xml for bulk application in individual file signature format


>ruby make_zip_file_individual_signature_format.rb

When you run the driver, a zipped file will be created. Convert this to Base64 format encoding with Data Conversion Tool, import it into apply_data.xml, and create application data.

The signature information tag in kousei20200716142110000.xml looks like this:

kousei20200716142110000.xml


<Signature information>
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="20200907161432">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
      <Reference URI="#%E6%A7%8B%E6%88%90%E6%83%85%E5%A0%B1">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <DigestValue>fy/hXgyLyi66Vu8MmkmLVshFMOckyFz5FL4cXx88LFc=</DigestValue>
      </Reference>
      <Reference URI="950A10181002400001_01.xml">
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <DigestValue>R657a0a/AIViJFr/JMi7hl350io/wOr4hSuNRmVfcsQ=</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>
cccorxnQJsDjeLvf05LcpwX8E2VfowS0kDPXBi9KoSnC00C9VMEqXxJGDvABi5+rCm+TL49KGGVl
mTYSCBtbXIWScKf/ep1wNro33lWN99+Xtoqpbeb7pqja9XkFzcR9XTtRfJBtjVjPSlAg36s+0cUm
WAQmXNokYeiYcyLojuO18tiiywJxxV4605UjhSF67WVQ4HcEJlbqnb4VvlwJYsN8YDSJzCktBuHM
/bvM8HEi4DOGhJ+H7zmtJ6Gjzlm/SYyD5r8/kqNOMtTSx63X1B29dpC6hcKDuo+UQxsPFZbh06NU
vZYCDvIpzmNrrhwdj0dZaOliVfgaCtDUC3ed3g==
    </SignatureValue>
    <KeyInfo>
      <X509Data>
        <X509Certificate>
MIIEizCCA3OgAwIBAgIEWCsMRzANBgkqhkiG9w0BAQsFADAuMQswCQYDVQQGEwJKUDERMA8GA1UE
CgwIRGVtb01pbjExDDAKBgNVBAsMA0NBMTAeFw0xOTEwMjUwMTE2NTZaFw0yNDEwMjQxNDU5NTla
MEkxCzAJBgNVBAYTAkpQMREwDwYDVQQKDAhEZW1vTWluMTEMMAoGA1UECwwDQ0ExMRkwFwYDVQQD
DBBJY2hpcm8gTWFkb2d1Y2hpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD81VFFm
GM26HYdeGrGzbPbadeBzU4WxIE1r6qeZLxjz7DiV42tjo8QFulWZk6hmCeb5j9ChKp+BA/9Yj6us
ccKHZrPQmbcXUZkXRXz9z/7CLxp8b1zAzJakZ0g7o9iU3a3TpyeP6V+GFtkO8YqfthEsJsYzx82d
Ui85Bm4l5pnztozPdXRZd2VJpdwzGqtqw6N9PKzMNWux5C0jklkaPeP5P6NHLfeN51+phkY2xkdJ
lry629PeKjZAwN0Z8Xu0JdubCvA95UctoZgBoOjpgDtWImV3o9hDpwu+1tMlEBhNZIuKOr2G38qR
Z9iJUyoK+XhbzyBUu0A2cwCj0MshbwIDAQABo4IBlDCCAZAwDgYDVR0PAQH/BAQDAgbAMBEGCWCG
SAGG+EIBAQQEAwIGQDBOBgNVHRIERzBFpEMwQTELMAkGA1UEBhMCSlAxHjAcBgNVBAoMFeaooeaT
rOawkemWk+iqjeiovOWxgDESMBAGA1UECwwJ77yj77yh77yRMB8GA1UdIAEB/wQVMBMwEQYPAoM4
ho4xCAEBAAKMmyVkMGgGA1UdEQRhMF+kXTBbMQswCQYDVQQGEwJKUDEeMBwGA1UECgwV5qih5pOs
5rCR6ZaT6KqN6Ki85bGAMRIwEAYDVQQLDAnvvKPvvKHvvJExGDAWBgNVBAMMD+eqk+WPo+OAgOS4
gOmDjjBQBgNVHR8ESTBHMEWgQ6BBpD8wPTELMAkGA1UEBhMCSlAxETAPBgNVBAoMCERlbW9NaW4x
MQwwCgYDVQQLDANDQTExDTALBgNVBAMMBENSTDEwHwYDVR0jBBgwFoAUFNPnlvRSx8XFOnRlLumW
95h4I18wHQYDVR0OBBYEFD6UH9Exye9dEpz9MHJ3sbUDpoZSMA0GCSqGSIb3DQEBCwUAA4IBAQBb
CKyFGsqMv6+HkrY0OK+4v40PJQAa/KbOC3JTKooLfNCNXTiTwtWAl1sGN+Ow8pIp8Yvj16VcYpi8
zO4TmNe8NT+u/e2OvBXwJ9OxOs9UNI2m/mXGcSSJ7eXMR3aVCniDU7IaQeicquQttLP9IOk9Ao1W
+BM35y5bITA/BMO5tzgaimp4G484QtF/XLi40rGhaZAHGEfvl0abJXPumjajhnGv7SCkjw4+9qdz
5Dtp6kl+GVshQgo6ofpEWhVzdhfqKhNy8dNRL7C/gOTYm+M9SAFk9syL5xKXRyMUGDOheypiJrW/
QyOjrxs6cFa5VqaZWcRIq8yVPwABCpGG/hjU
        </X509Certificate>
      </X509Data>
    </KeyInfo>
  </Signature>
</Signature information>

The signature information tag of kousei20200716142110001.xml is omitted.

3.2 Make a batch application

Make a batch application with the curl command.

curl


>curl -X POST -d @apply_data.xml -H "x-eGovAPI-AccessKey: 
RJc23F21t9vhjtaleH9N/Y9fhDJ9O8u0q+A5MHa50opasIe+cNVgM+8MJ9VVwR2gjiqIHH9Fr0oy
46lRRXZTaW6mbs4dWFvK6VUoj/tUwgd7XorYA7KtpGhQGVjc3E37Z6Di167pFycmB6+SjfalAgF6
eyQPWzvs9Kl7IgP68NqMbp0neFNCprL0qgUM1NxxuxlsJbkF1cbp4FJ3rt2VpPUEosfe1+Nmj8w9
sCvEQKSKBDTytDwpFCU6IzMuH3m3"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*******************/*******/*/******/apply 

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <SendNumber>202007252053026176</SendNumber>
    <SendDate>20200725205302</SendDate>
    <SendFileName>apply_data.zip</SendFileName>
    <SendApplyCount>1</SendApplyCount>
    <ErrorCount>0</ErrorCount>
  </ApplData>
</DataRoot>

3.3 Acquire list information of submitted items

Use the curl command to get the sent item list information. Note that the transmission number "202007252053026176" obtained in the response of the batch application is set in the parameter of the request URI.

curl


>curl -X GET -H "x-eGovAPI-AccessKey: 
NN1s3WgK2pcwv/5aELtNyRlcTjENG+pM4yAX3gU6NeSyCxACKwBXTUsdx4oxAmv75gXGsdvS6lFX
n2Ar5RNCUlwpjRhGbW8jZzoW5CCXQYOLLlNl21sffoKodYSMIr1GPMzJSeQTC+tT0gGFqAsyQxm6
Iethc/5AFJgdPX3bDAC9g2OvMDDNrECKY1/XaGCXDckIeI8H1SLz7mDi4Q1ZYofF5gDCFcSPsNSJ
A2fuEZoPRoHVBw/mzo7/qBFA1wWY"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*******************/*******/*/******/apply;id=202007252053026176

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <SendNumber>202007252053026176</SendNumber>
    <SendDateFrom></SendDateFrom>
    <SendDateTo></SendDateTo>
    <PackageApplyCount>1</PackageApplyCount>
    <PackageApply>
      <No>1</No>
      <SendNumber>202007252053026176</SendNumber>
      <SendDate>20200725205302</SendDate>
      <WorkStatus>Waiting for processing</WorkStatus>
      <NormalCount>0</NormalCount>
      <AllCount>1</AllCount>
      <SupplementaryMessage></SupplementaryMessage>
      <ErrorCount>0</ErrorCount>
      <ErrorFile></ErrorFile>
      <ApplyCount>0</ApplyCount>
    </PackageApply>
  </ApplData>
</DataRoot>

From the \ tag, it is in the processing waiting state. After a while, when I execute the same command again, it seems that the format check has started.

curl


>curl -X GET -H "x-eGovAPI-AccessKey: 
NN1s3WgK2pcwv/5aELtNyRlcTjENG+pM4yAX3gU6NeSyCxACKwBXTUsdx4oxAmv75gXGsdvS6lFX
n2Ar5RNCUlwpjRhGbW8jZzoW5CCXQYOLLlNl21sffoKodYSMIr1GPMzJSeQTC+tT0gGFqAsyQxm6
Iethc/5AFJgdPX3bDAC9g2OvMDDNrECKY1/XaGCXDckIeI8H1SLz7mDi4Q1ZYofF5gDCFcSPsNSJ
A2fuEZoPRoHVBw/mzo7/qBFA1wWY"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*******************/*******/*/******/apply;id=202007252053026176

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <SendNumber>202007252053026176</SendNumber>
    <SendDateFrom></SendDateFrom>
    <SendDateTo></SendDateTo>
    <PackageApplyCount>1</PackageApplyCount>
    <PackageApply>
      <No>1</No>
      <SendNumber>202007252053026176</SendNumber>
      <SendDate>20200725205302</SendDate>
      <WorkStatus>Waiting for processing</WorkStatus>
      <NormalCount>0</NormalCount>
      <AllCount>1</AllCount>
      <SupplementaryMessage></SupplementaryMessage>
      <ErrorCount>0</ErrorCount>
      <ErrorFile></ErrorFile>
      <ApplyCount>0</ApplyCount>
    </PackageApply>
  </ApplData>
</DataRoot>

After waiting for a while and executing the same command again, the status changed from the reached state to the end of the examination. The arrival number "9502020000056054" is set in the \ tag.

curl


>curl -X GET -H "x-eGovAPI-AccessKey: 
NN1s3WgK2pcwv/5aELtNyRlcTjENG+pM4yAX3gU6NeSyCxACKwBXTUsdx4oxAmv75gXGsdvS6lFX
n2Ar5RNCUlwpjRhGbW8jZzoW5CCXQYOLLlNl21sffoKodYSMIr1GPMzJSeQTC+tT0gGFqAsyQxm6
Iethc/5AFJgdPX3bDAC9g2OvMDDNrECKY1/XaGCXDckIeI8H1SLz7mDi4Q1ZYofF5gDCFcSPsNSJ
A2fuEZoPRoHVBw/mzo7/qBFA1wWY"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*******************/*******/*/******/apply;id=202007252053026176

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <SendNumber>202007252053026176</SendNumber>
    <SendDateFrom></SendDateFrom>
    <SendDateTo></SendDateTo>
    <PackageApplyCount>1</PackageApplyCount>
    <PackageApply>
      <No>1</No>
      <SendNumber>202007252053026176</SendNumber>
      <SendDate>20200725205302</SendDate>
      <WorkStatus></WorkStatus>
      <NormalCount>1</NormalCount>
      <AllCount>1</AllCount>
      <SupplementaryMessage></SupplementaryMessage>
      <ErrorCount>0</ErrorCount>
      <ErrorFile></ErrorFile>
      <ApplyCount>1</ApplyCount>
      <Apply>
        <No>1</No>
        <ArriveID>9502020000056054</ArriveID>
        <MinistryName>Ministry of API status</MinistryName>
        <ProcName>
API test procedure (social insurance related procedure) (pieces) 1006 / API test procedure (social insurance related procedure) (pieces) 1006
        </ProcName>
        <ProcFolderName>950A102200039000(1)</ProcFolderName>
        <ApplicantName>Hideo Matsui</ApplicantName>
        <CorporationtName></CorporationtName>
        <DepartmentName></DepartmentName>
        <Status>Examination completed</Status>
        <StatusDate>20200725210114</StatusDate>
        <PayStatus>-</PayStatus>
        <PayWaitCount>0</PayWaitCount>
        <CorrectStatus>None</CorrectStatus>
        <CommentCountNotRead>0</CommentCountNotRead>
        <CommentCount>0</CommentCount>
        <DocCountNotDownload>1</DocCountNotDownload>
        <DocCount>1</DocCount>
      </Apply>
    </PackageApply>
  </ApplData>
</DataRoot>

3.4 Get a list of official documents and comments

Get a list of official documents and comments with the curl command. Note that the arrival number "9502020000056054" acquired in the response to acquire the list of sent items is set in the request URI.

curl


>curl -X GET -H "x-eGovAPI-AccessKey: 
NN1s3WgK2pcwv/5aELtNyRlcTjENG+pM4yAX3gU6NeSyCxACKwBXTUsdx4oxAmv75gXGsdvS6lFX
n2Ar5RNCUlwpjRhGbW8jZzoW5CCXQYOLLlNl21sffoKodYSMIr1GPMzJSeQTC+tT0gGFqAsyQxm6
Iethc/5AFJgdPX3bDAC9g2OvMDDNrECKY1/XaGCXDckIeI8H1SLz7mDi4Q1ZYofF5gDCFcSPsNSJ
A2fuEZoPRoHVBw/mzo7/qBFA1wWY"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*******************/*******/*/******/notice/9502020000056054

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <ArriveID>9502020000056054</ArriveID>
    <ProcName>API test procedure (social insurance related procedure) (pieces) 1006 / API test procedure (social insurance related procedure) (piece) 1006</ProcName>
    <Official>
    <NoticeSubID>1</NoticeSubID>
    <AllowedDate>20200725210114</AllowedDate>
    <DocTitle>Signed official document</DocTitle>
      <File>
        <FileName>official_doc1.xml</FileName>
      </File>
      <DownloadExpiredDate>20201122000000</DownloadExpiredDate>
      <DownloadDate></DownloadDate>
      <Sign>Yes</Sign>
      <ExpiredDateFlag>0</ExpiredDateFlag>
    </Official>
  </ApplData>
</DataRoot>

A signed official document with sub ID "1" has been issued from the \ tag. Also, from the \ tag, the acquisition deadline is until November 20, 2020.

3.5 Obtain official documents

Get the official document with the curl command. Also here, keep in mind that the arrival number "9502020000056054" and sub ID "1" acquired in the response for acquiring the sent matter list information are set in the request URI.

curl


>curl -X GET -H "x-eGovAPI-AccessKey: 
NN1s3WgK2pcwv/5aELtNyRlcTjENG+pM4yAX3gU6NeSyCxACKwBXTUsdx4oxAmv75gXGsdvS6lFX
n2Ar5RNCUlwpjRhGbW8jZzoW5CCXQYOLLlNl21sffoKodYSMIr1GPMzJSeQTC+tT0gGFqAsyQxm6
Iethc/5AFJgdPX3bDAC9g2OvMDDNrECKY1/XaGCXDckIeI8H1SLz7mDi4Q1ZYofF5gDCFcSPsNSJ
A2fuEZoPRoHVBw/mzo7/qBFA1wWY"
 -H "x-eGovAPI-SoftwareID: ************"
 -H "Authorization: Basic ****************************"
 https://*******************/*******/*/******/officialdocument/9502020000056054/1

<?xml version="1.0" encoding="UTF-8"?>
<DataRoot>
  <Result>
    <Code>0</Code>
    <Message></Message>
  </Result>
  <ApplData>
    <ArriveID>9502020000056054</ArriveID>
    <NoticeSubID>1</NoticeSubID>
    <Download>
      <FileData>
UEsDBBQACAAIAGCp+VAAAAAAAAAAAAAAAAARAAAAb2ZmaWNpYWxfZG9jMS54bWytV1uv4tYVfkfi
PxyRRzRjLoZjVxyi7SsGfMVcXyoDxgYDNrbBhqeBk2tn1KRJpukkVSfTROk0aSeJ0ksSpZ0f45xz
Jk/5C93AnAk5M4naKkiW9lp77W9967L3EoXnw8n4aKG73tCeniTS11OJI33as/vDqXGSqKvMNSxx
5PnatK+N7al+kpjaieeLhe2pa56/HOueqev+kb904J6vhz4SeuPEkenqg5OEPRgMe0Nt/Mu+3Utf
3248X4zHCpRIHjVopcaJwt4jVB7BX4FRREF9LOwUNZpUaLJdfPThR2ef3S4gl/KhiQp4CRqs4e5u
ebDHCywnMOKR2pbok0QK/q6l06l0orhdFpDH25fekUP3BUKk2kccdZKAbLfrxA+dtqt0rUTT6lFd
4Z4VKHJoDiEEsQgk7loqlS4ge/FwH6j0Y5KQXDqHpDNIZmsI9Yd26uGpnQYwTPHiozfPXnu/gGzX
V7YFwNPFb7648e3prwvITrhiUBIFUeEYsnj+4GEBeSId+ER+4LQA6mpJVJ5J45+vnd28c/H79Y8z

(abridgement)

DsArHMBXOICvcABf4QC+wgF8hQP4CgfwFQ7gKxzAVziAr3CAXuEAvcIBeoUD9AoH6BUO0CscoFc4
QK9wgF7hAL3CAX6FA/wKB/gVDvArHOBXOMCvcIBf4QC/wgF+hQP8Cgf7Kxzsr3Cwv8LB/goH+ysc
7K9wsL/Cwf4KB/M/8mMDv+zzv0r+/bwHAIH//Y4CcHBwsP+XB3zZHv/9zgO+LKv/iHN2NLCwNnH8
87jz1yGH7f/1yeavs4uBo/Nf73Igy8vmREKgoBCRE/2f9zvz/5fUmOQdTVyJ/8zoz3OfkrMN8Z8D
9t85s71siL9z/j9QSwcIOMaRTY3BAAAA0AAAUEsBAhQAFAAIAAgAYKn5UEytAV1HCgAAGBEAABEA
AAAAAAAAAAAAAAAAAAAAAG9mZmljaWFsX2RvYzEueG1sUEsBAhQAFAAIAAgAYKn5UIAs/hjbAgAA
hA4AABEAAAAAAAAAAAAAAAAAhgoAAG9mZmljaWFsX2RvYzEueHNsUEsBAhQAFAAIAAgAYKn5UDjG
kU2NwQAAANAAABEAAAAAAAAAAAAAAAAAoA0AAG9mZmljaWFsX2RvYzEucGRmUEsFBgAAAAADAAMA
vQAAAGzPAAAAAA==
      </FileData>
    </Download>
  </ApplData>
</DataRoot>

The part enclosed in the \ tag is the official document data encoded in Base64 format. Decode this using the Data Conversion Tool and output it to a binary file. If you change the extension of the output file to zip and unzip it, you will get the following official document.

official_doc1.pdf has the following contents.

公文書.png

4 Summary

After defining the problems of e-Gov that have become apparent through this trial, we will consider whether they can be improved with the minor portal API.

Mina Portal is an online service operated by the government. You can perform one-stop administrative procedures related to child-rearing and establishment of corporations, and check notifications from administrative agencies. The application API, etc. will be prepared on the minor portal, and the functions will be gradually expanded in the future.

For the specifications of the minor portal API, how to obtain it is described in the Dedicated page for software developers.

4.1 Define the problems of e-Gov

(1) It is difficult to handle because the HTTP response is in XML format.

For HTTP responses, there are generally many Json formats. On the other hand, e-Gov is in XML format. The XML format can only handle text, and there are no basic types such as integer, boolean, and null. In order to include binary data, it is necessary to encode in Base64 format, so it is necessary to write the conversion code on the software service side, which is awkward.

(2) Not assuming machine reading of official documents and comment notifications

The official documents and comment notifications issued by each ministry are not intended for machine reading, and the format is not disclosed. The files are also different from xml + xsl and PDF. It is a method to return the result of encoding the official document and the Zip file that consolidated the message in Base64 format, and the information given by each ministry cannot be extracted directly from the HTTP response.

The information issued by each ministry and agency includes the following information. These are just examples, and in fact there is a lot of information.

――Employment insurance coverage office number given by newly applying to employment insurance --Employment insurance insured number given to new employment insurance subscribers --Standard monthly salary after revision regarding social insurance premiums --Reason for return of application, etc. --e-Tax account information (user identification number and PIN)

At present, in order to reflect this information in the software service, it is necessary to manually check and input the official document and comment notification after expanding the file, which causes unnecessary time and effort and input mistakes.

Official documents and comment notifications are documents issued by public institutions, and the purpose is to prevent falsification and to be known later even if improvements are made, so it is said that these specifications are used. think.

4.2 Can the problem be improved with the minor portal API?

In the minor portal API, the HTTP response is in Json format, and the first problem of e-Gov will be improved. On the other hand, regarding the second problem, as with e-Gov, files such as official documents are returned in Base64 encoded format in the HTTP response. It is not possible to directly obtain the information issued by each ministry from the HTTP response.

The Mina Portal API has a "self-information income API" as a function that does not exist in e-Gov. The "self-information acquisition API" enables users not only to check self-information owned by the government, but also to provide self-information to Web service providers.

For example, suppose a financial institution requires you to submit an income certificate (taxation certificate) when you take out a loan. Currently, the user goes to the administrative office to have an income certificate (taxation certificate) issued and submit it to the financial institution. On the other hand, if inter-system cooperation using the self-information acquisition API is realized, it will be possible for financial institutions to provide income information from the minor portal. The user does not have to go to the administrative office, which improves convenience.

By using this self-information income API, you can obtain information such as your own employment insurance insured number and standard monthly salary held by the government. In the future, if it becomes possible to obtain information on the administrative side by operating an agent such as a labor and social security attorney, there is a possibility that the second problem can be improved.

Recommended Posts

4th SmartHR library kiji is used to run e-Gov (operation check)
Part 2 Using the SmartHR library kiji to run e-Gov (e-Gov public materials)
Part 1 Running e-Gov using the SmartHR library kiji (e-Gov specifications)
Part 3 Running e-Gov using the SmartHR library kiji (execution environment construction)
pynq-z1 From purchase to operation check