I'm trying to send a SOAP message from PHP to a server, and I'm stuck at generating a SHA256 hash of the data being sent. Here is an example request provided by server owner:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-16FE2A6FC1AFE42BE9146412186273511">...</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-16FE2A6FC1AFE42BE9146412186273615">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">...</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#id-16FE2A6FC1AFE42BE9146412186273614">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>/CJj9686ARgbV/YmDrr+1yhcaJuXu022cADK/M8efQs=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
Ii+W0EB2V6GJo4jMGwK1HCRdt6+r9TkgfhXyAuY8FNCXhPOtfoUi/Bw31U4Hm7SLscM/8klrQI3Z2vSfdNe3oDi1cm2Qouv1sOBK17VSg/IgKN92BC8kUaoF5W5ZBEcZr0WHjDWasSYEerZQ3Q+ZIJzt6cbS+cLZfQkLFg1UDOi5qLUkWE1pQ9AVYCvwrOFj/hFQx5koQTpigyG/DPlyoh2xOh/DAh6U/P5p+IiQwwCMdo1Rh2czUVpRCr3Cnz97AlQ8G6IGAtWNykXorVYZ1tGnXEaRngzjsn5RE/zCcRkqRpFaiEQuYly1I6YtFOEYIPXskE5oMZkCLINebu1Law==
</ds:SignatureValue>
<ds:KeyInfo Id="KI-16FE2A6FC1AFE42BE9146412186273512">
<wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STR-16FE2A6FC1AFE42BE9146412186273513">
<wsse:Reference URI="#X509-16FE2A6FC1AFE42BE9146412186273511" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</SOAP-ENV:Header>
<soap:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-16FE2A6FC1AFE42BE9146412186273614">
<Trzba xmlns="http://fs.mfcr.cz/eet/schema/v2">
<Hlavicka dat_odesl="2016-09-19T19:06:37+01:00" prvni_zaslani="false" uuid_zpravy="9edeb22b-4234-4047-869c-3a76f86c20d3"/>
<Data celk_trzba="34113.00" cerp_zuct="679.00" cest_sluz="5460.00" dan1="-172.39" dan2="-530.73" dan3="975.65" dat_trzby="2016-01-05T00:30:12+01:00" dic_popl="CZ00000019" id_pokl="/5546/RO24" id_provoz="273" porad_cis="0/6460/ZQ42" pouzit_zboz1="784.00" pouzit_zboz2="967.00" pouzit_zboz3="189.00" rezim="0" urceno_cerp_zuct="324.00" zakl_dan1="-820.92" zakl_dan2="-3538.20" zakl_dan3="9756.46" zakl_nepodl_dph="3036.00"/>
<KontrolniKody>
<pkp cipher="RSA2048" digest="SHA256" encoding="base64">
W7UlA4hXNsDLvCj/eeRAYeOAsNsgMSdltcJNIW98KQRsfspTMW0Lr/OGQgRHZfO5KjolZgzN3k9mgzrVoX2+N90fCNEnOri2kjrW5vzTgMK6OZ9IryAEg0xFZjjjCQ0qKsQsVi8OLQOn3ZnN/BUGG2SIduER+iIOrhfOmes7OXaa5/2jQSfPTHZHZ/Bxhqld3gL4PHvd7sevZYUupHpE1fM7Uw1+lu8i1YOdghZoMyOfKw7FcqvRJpHrW/JZL5Dr5iCgu5ClmhZrb3hZavsxlDG7P2cUhSQgmEVTxJ2n38q/Cf91KE8e52SODN4Q8BfncXpmtkQ7Go3KsRsY3xN7xg==
</pkp>
<bkp digest="SHA1" encoding="base16">1F1A2D90-4EAD34A8-411CFB0B-EB17616E-B2CE8114</bkp>
</KontrolniKody>
</Trzba>
</soap:Body>
</soap:Envelope>
And here my code:
$text = '<Trzba xmlns="http://fs.mfcr.cz/eet/schema/v2"><Hlavicka dat_odesl="2016-09-19T19:06:37+01:00" prvni_zaslani="false" uuid_zpravy="9edeb22b-4234-4047-869c-3a76f86c20d3"/><Data celk_trzba="34113.00" cerp_zuct="679.00" cest_sluz="5460.00" dan1="-172.39" dan2="-530.73" dan3="975.65" dat_trzby="2016-01-05T00:30:12+01:00" dic_popl="CZ00000019" id_pokl="/5546/RO24" id_provoz="273" porad_cis="0/6460/ZQ42" pouzit_zboz1="784.00" pouzit_zboz2="967.00" pouzit_zboz3="189.00" rezim="0" urceno_cerp_zuct="324.00" zakl_dan1="-820.92" zakl_dan2="-3538.20" zakl_dan3="9756.46" zakl_nepodl_dph="3036.00"/><KontrolniKody><pkp cipher="RSA2048" digest="SHA256" encoding="base64">W7UlA4hXNsDLvCj/eeRAYeOAsNsgMSdltcJNIW98KQRsfspTMW0Lr/OGQgRHZfO5KjolZgzN3k9mgzrVoX2+N90fCNEnOri2kjrW5vzTgMK6OZ9IryAEg0xFZjjjCQ0qKsQsVi8OLQOn3ZnN/BUGG2SIduER+iIOrhfOmes7OXaa5/2jQSfPTHZHZ/Bxhqld3gL4PHvd7sevZYUupHpE1fM7Uw1+lu8i1YOdghZoMyOfKw7FcqvRJpHrW/JZL5Dr5iCgu5ClmhZrb3hZavsxlDG7P2cUhSQgmEVTxJ2n38q/Cf91KE8e52SODN4Q8BfncXpmtkQ7Go3KsRsY3xN7xg==</pkp><bkp digest="SHA1" encoding="base16">1F1A2D90-4EAD34A8-411CFB0B-EB17616E-B2CE8114</bkp></KontrolniKody></Trzba>';
$doc = new DOMDocument();
$doc->loadXML($text);
$text = $doc->C14N(true, true);
$hash = base64_encode(hash('sha256', $text, true));
echo $hash;
But I'm getting this hash: sQMcQ4plFh9J9ovXzCUmVcMPofSWlr93Ag+72o8761o=, however according to the example document, I should get this: /CJj9686ARgbV/YmDrr+1yhcaJuXu022cADK/M8efQs=.
So, what am I doing wrong?
I know this post is old but...
But I write here because I have the same issue even I use base64_encode()
I find a digested value but not the same as example.
But I don't know if I must encode my data on UTF-8 before like that
$digestedValue = base64_encode(hash('sha256',utf8_encode($doxXml->C14N()),true));
Or like that with another function
$digestedValue = base64_encode(openssl_digest(utf8_encode($doxXml->C14N()),'sha256',true));
Using encode_utf8() changes the digested value if any characters that need to be encoded in UTF8 are present... So... Should we use... or not?
Related
I`m having remote wsdl API that requires some xml attributes in request.
Integration of this API must be made usind PHP (and possibly SoapClient).
I`m creating SimpleXMLElement() object like
<?xml version="1.0" encoding="UTF-8"?>
<Body>
<FlightMatrixRequest xmlns="http://www.somesite.com/webservices">
<flightMatrixRQ Target="Test" Version="1.0">
<AirItinerary DirectionInd="OneWay">
<OriginDestinationOptions>
<OriginDestinationOption>
<FlightSegment DepartureDateTime="2022-05-30T00:00:00+11:00"
ArrivalDateTime="2022-05-30T00:00:00+11:00" RPH="1">
<DepartureAirport LocationCode="BKK"/>
<ArrivalAirport LocationCode="CNX"/>
<MarketingAirline Code="SL"/>
</FlightSegment>
</OriginDestinationOption>
</OriginDestinationOptions>
</AirItinerary>
<TravelerInfoSummary>
<AirTravelerAvail>
<AirTraveler>
<PassengerTypeQuantity Code="ADT" Quantity="1"/>
</AirTraveler>
</AirTravelerAvail>
<AirTravelerAvail>
<AirTraveler>
<PassengerTypeQuantity Code="CNN" Quantity="1"/>
</AirTraveler>
</AirTravelerAvail>
<AirTravelerAvail>
<AirTraveler>
<PassengerTypeQuantity Code="INF" Quantity="1"/>
</AirTraveler>
</AirTravelerAvail>
</TravelerInfoSummary>
</flightMatrixRQ>
</FlightMatrixRequest>
</Body>
Converting it to array using
$array = json_decode(json_encode($xml), true);
Then requesting
$soapClient->__soapCall($method, $array)
And getting errors from API
$soapClient->__getLastRequest() returns
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:ns1="http://www.somesite.com/webservices"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
<env:Body>
<ns1:FlightMatrixRequest>
<ns1:flightMatrixRQ>
<ns1:AirItinerary>
<ns1:OriginDestinationOptions>
<ns1:OriginDestinationOption>
<ns1:FlightSegment>
<ns1:DepartureAirport/>
<ns1:ArrivalAirport/>
<ns1:MarketingAirline/>
</ns1:FlightSegment>
</ns1:OriginDestinationOption>
</ns1:OriginDestinationOptions>
</ns1:AirItinerary>
<ns1:TravelerInfoSummary>
<ns1:AirTravelerAvail>
<ns1:AirTraveler>
<ns1:PassengerTypeQuantity/>
<ns1:PassengerIdentificationDocument xsi:nil="true"/>
</ns1:AirTraveler>
</ns1:AirTravelerAvail>
<ns1:AirTravelerAvail>
<ns1:AirTraveler>
<ns1:PassengerTypeQuantity/>
<ns1:PassengerIdentificationDocument xsi:nil="true"/>
</ns1:AirTraveler>
</ns1:AirTravelerAvail>
<ns1:AirTravelerAvail>
<ns1:AirTraveler>
<ns1:PassengerTypeQuantity/>
<ns1:PassengerIdentificationDocument xsi:nil="true"/>
</ns1:AirTraveler>
</ns1:AirTravelerAvail>
</ns1:TravelerInfoSummary>
</ns1:flightMatrixRQ>
</ns1:FlightMatrixRequest>
</env:Body>
</env:Envelope>
As you may see there is no attribute`s data, like DepartureDateTime/LocationCode etc.
Could not find any solution for this case. Possible it may be fixed by using regular curl request with prepared body/headers but it does not look like a good idea.
Any ideas?
So I have a test payment with the Cybersource SOAP API like below but I'm not able to get it to return a payment token that I can use for payments in future without using the credit card details each times:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>{{merchant_id}}</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">{{SOAP KEY}}</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.150">
<merchantID>{{merchant_id}}</merchantID>
<merchantReferenceCode>kjdhflasjfhlasdjfasdf</merchantReferenceCode>
<billTo>
<firstName>John</firstName>
<lastName>Doe</lastName>
<street1>1295 Charleston Road</street1>
<city>Mountain View</city>
<state>CA</state>
<postalCode>94043</postalCode>
<country>US</country>
<email>null#cybersource.com</email>
</billTo>
<item id="0">
<unitPrice>5.00</unitPrice>
<quantity>1</quantity>
</item>
<item id="1">
<unitPrice>10.00</unitPrice>
<quantity>2</quantity>
</item>
<purchaseTotals>
<currency>ZMW</currency>
</purchaseTotals>
<card>
<accountNumber>4111111111111111</accountNumber>
<expirationMonth>11</expirationMonth>
<expirationYear>2020</expirationYear>
<cvNumber>123</cvNumber>
</card>
<ccAuthService run="true"/>
</requestMessage>
</soapenv:Body>
</soapenv:Envelope>
Add the following to your request:
<recurringSubscriptionInfo>
<frequency>on-demand</frequency>
</recurringSubscriptionInfo>
<paySubscriptionCreateService run="true"/>
Your new request will look like this:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>{{merchantID}}</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">{{SOAPKey}}</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.150">
<merchantID>{{merchantID}}</merchantID>
<merchantReferenceCode>kjdhflasjfhlasdjfasdf</merchantReferenceCode>
<billTo>
<firstName>John</firstName>
<lastName>Doe</lastName>
<street1>1295 Charleston Road</street1>
<city>Mountain View</city>
<state>CA</state>
<postalCode>94043</postalCode>
<country>US</country>
<email>null#cybersource.com</email>
</billTo>
<item id="0">
<unitPrice>5.00</unitPrice>
<quantity>1</quantity>
</item>
<item id="1">
<unitPrice>10.00</unitPrice>
<quantity>2</quantity>
</item>
<purchaseTotals>
<currency>ZMW</currency>
</purchaseTotals>
<card>
<accountNumber>4111111111111111</accountNumber>
<expirationMonth>11</expirationMonth>
<expirationYear>2020</expirationYear>
<cvNumber>123</cvNumber>
</card>
<recurringSubscriptionInfo>
<frequency>on-demand</frequency>
</recurringSubscriptionInfo>
<ccAuthService run="true"/>
<paySubscriptionCreateService run="true"/>
</requestMessage>
</soapenv:Body>
</soapenv:Envelope>
The response will now have a subscriptionID in it, that is your token to use in place of the card account number. You might find the tokenization guide useful.
You should not expose your merchantID and SOAP Key here. Please edit your question to remove them.
I have been racking my brains and have been googling all day but have come to nothing, I am using an API that uses the
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd and http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd and signature values here is an example of the header i am trying to send in my request
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-91553746A32F6E86A9152119298361091">REMOVED</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-91553746A32F6E86A9152119298361195" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="ser ser1 soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#id-91553746A32F6E86A9152119298361094">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ser ser1" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>HG6Tb/IJfVWj4ZC1guDubIrFk4nw1IgoPavDqkSCrLM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue></ds:SignatureValue>
<ds:KeyInfo Id="KI-91553746A32F6E86A9152119298361092">
<wsse:SecurityTokenReference wsu:Id="STR-91553746A32F6E86A9152119298361093">
<wsse:Reference URI="#X509-91553746A32F6E86A9152119298361091" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
Is there someone out there that can help me build this using SOAP request in PHP.... i'm stumped.
Hi I want to get value from given XML using simple_xml_string but its not working. XML is given below:
<soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
<soap-env:Header>
<eb:MessageHeader xmlns:eb="http://www.ebxml.org/namespaces/messageHeader" eb:version="1.0" soap-env:mustUnderstand="1">
<eb:From><eb:PartyId eb:type="urn:x12.org.IO5:01">webservices.sabre.com</eb:PartyId></eb:From>
<eb:To><eb:PartyId eb:type="urn:x12.org.IO5:01">info#gandakiintl.com</eb:PartyId></eb:To>
<eb:CPAId>T198</eb:CPAId>
<eb:ConversationId>111#gandakiintl.com</eb:ConversationId>
<eb:Service eb:type="SabreXML">Enhanced Air Book Request</eb:Service>
<eb:Action>ErrorRS</eb:Action>
<eb:MessageData>
<eb:MessageId>1522435489615361760</eb:MessageId>
<eb:Timestamp>2017-01-11T13:36:01</eb:Timestamp>
<eb:RefToMessageId>mid:11110info#gandakiintl.com</eb:RefToMessageId>
</eb:MessageData>
</eb:MessageHeader>
<wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/12/secext">
<wsse:BinarySecurityToken valueType="String" EncodingType="wsse:Base64Binary">
Shared/IDL:IceSess\/SessMgr:1\.0.IDL/Common/!ICESMS\/ACPCRTC!ICESMSLB\/CRT.LB!-3319706757025363837!367706!0
</wsse:BinarySecurityToken>
</wsse:Security>
</soap-env:Header>
<soap-env:Body>
<soap-env:Fault>
<faultcode>soap-env:Client.InvalidSecurityToken</faultcode>
<faultstring>Invalid or Expired binary security token: Shared/IDL:IceSess\/SessMgr:1\.0.IDL/Common/!ICESMS\/ACPCRTC!ICESMSLB\/CRT.LB!-3319706757025363837!367706!0</faultstring>
<detail>
<StackTrace>
com.sabre.universalservices.base.session.SessionException: errors.session.USG_INVALID_SECURITY_TOKEN
</StackTrace>
</detail>
</soap-env:Fault>
</soap-env:Body>
</soap-env:Envelope>
From above xml I want to get faultCode node value But I am not able to get. Please help. I tried doing it but its not working.
$feed = simplexml_load_string($response);
$a = $feed->children('http://schemas.xmlsoap.org/soap/envelope/');
var_dump($a->Fault->children('http://schemas.xmlsoap.org/soap/envelope/'));
Edited:
Output I get is: Node no longer exists. But I want to get "soap-env:Client.InvalidSecurityToken" value.
I've got my script worked out to grab information from the CIM:
$content =
"<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
"<getCustomerProfileRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" .
merchantAuthenticationBlock().
"<customerProfileId>$cid</customerProfileId>" .
"</getCustomerProfileRequest>";
$response = send_xml_request($content);
$parsedresponse = parse_api_response($response);
So how, now, do I write the returned value to a variable?
I've tried:
$customerPaymentProfileId = $parsedresponse->customerPaymentProfileId;
$customerShippingAddressId = $parsedresponse->customerShippingAddressId;
But this returns the variables empty. I feel like I'm missing something simple.
To see the structure of $parsedresponse do either print_r($parsedresponse) or var_dump($parsedresponse). From there you can see how the array is structured and get your values from there.
FYI, the payment profiles are in an array so you will need to loop through them to get their values. Assuming parsedresponse is the root XML node you can get them like this:
foreach ($parsedresponse->profile->paymentProfiles as $profile)
{
echo $profile->customerPaymentProfileId;
}
FYI, this is a sample array structure for this response (From the AuthnetXML Sample Code. I am the author of this library):
<?xml version="1.0" encoding="utf-8"?>
<getCustomerProfileResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
<messages>
<resultCode>Ok</resultCode>
<message>
<code>I00001</code>
<text>Successful.</text>
</message>
</messages>
<profile>
<merchantCustomerId>12345</merchantCustomerId>
<email>user#example.com</email>
<customerProfileId>5427896</customerProfileId>
<paymentProfiles>
<billTo>
<firstName>John</firstName>
<lastName>Smith</lastName>
<address>123 Main Street</address>
<city>Townsville</city>
<state>NJ</state>
<zip>12345</zip>
<phoneNumber>800-555-1234</phoneNumber>
</billTo>
<customerPaymentProfileId>4796541</customerPaymentProfileId>
<payment>
<creditCard>
<cardNumber>XXXX1111</cardNumber>
<expirationDate>XXXX</expirationDate>
</creditCard>
</payment>
</paymentProfiles>
<paymentProfiles>
<billTo>
<firstName>John</firstName>
<lastName>Doe</lastName>
<company/>
<address>123 Main St.</address>
<city>Bellevue</city>
<state>WA</state>
<zip>98004</zip>
<country>USA</country>
<phoneNumber>800-555-1234</phoneNumber>
<faxNumber>800-555-1234</faxNumber>
</billTo>
<customerPaymentProfileId>4796585</customerPaymentProfileId>
<payment>
<creditCard>
<cardNumber>XXXX1111</cardNumber>
<expirationDate>XXXX</expirationDate>
</creditCard>
</payment>
</paymentProfiles>
<shipToList>
<firstName>John</firstName>
<lastName>Smith</lastName>
<address>123 Main Street</address>
<city>Townsville</city>
<state>NJ</state>
<zip>12345</zip>
<phoneNumber>800-555-1234</phoneNumber>
<customerAddressId>4907537</customerAddressId>
</shipToList>
<shipToList>
<firstName>John</firstName>
<lastName>Doe</lastName>
<company/>
<address>123 Main St.</address>
<city>Bellevue</city>
<state>WA</state>
<zip>98004</zip>
<country>USA</country>
<phoneNumber>800-555-1234</phoneNumber>
<faxNumber>800-555-1234</faxNumber>
<customerAddressId>4907591</customerAddressId>
</shipToList>
</profile>
</getCustomerProfileResponse>