(Delphi DLL) Isabel Connect Create Access Token given Valid Refresh Token

See more Ibanity Examples

Create (refresh) an access token given a valid refresh token.

For more information, see https://documentation.ibanity.com/isabel-connect/api#create-access-token

Chilkat for Delphi Downloads Chilkat non-ActiveX DLL for Delphi Chilkat ActiveX DLL for Delphi * The examples here use the non-ActiveX DLL.

uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, HttpResponse, HttpRequest, JsonObject, StringBuilder, Cert, Crypt2;

...

procedure TForm1.Button1Click(Sender: TObject);
var
http: HCkHttp;
cert: HCkCert;
success: Boolean;
req: HCkHttpRequest;
jsonToken: HCkJsonObject;
crypt: HCkCrypt2;
idempotencyKey: PWideChar;
resp: HCkHttpResponse;
sbResponseBody: HCkStringBuilder;
jResp: HCkJsonObject;
respStatusCode: Integer;
token_type: PWideChar;
scope: PWideChar;
expires_in: Integer;
access_token: PWideChar;

begin
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

http := CkHttp_Create();

// Implements the following CURL command:

// curl -X POST https://api.ibanity.com/isabel-connect/oauth2/token \
// --cert certificate.pem:qwertyuiop1 \
// --key private_key.pem  \
// -H "Content-Type: application/x-www-form-urlencoded" \
// -H "Accept: application/vnd.api+json" \
// -H "Ibanity-Idempotency-Key: 94c5586e-e15e-4bae-a1fe-fdbefe1f11d3"  \
// -d grant_type=refresh_token \
// -d refresh_token=valid_refresh_token \
// -d client_id=valid_client_id \
// -d client_secret=valid_client_secret

// Ibanity provides the certificate + private key in PFX format.  This example will use the .pfx instead of the pair of PEM files.
// (It is also possible to implement using Chilkat with the PEM files, but PFX is easier.)
cert := CkCert_Create();
success := CkCert_LoadPfxFile(cert,'qa_data/pfx/my_ibanity_certificate.pfx','my_pfx_password');
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;
success := CkHttp_SetSslClientCert(http,cert);
if (success = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

req := CkHttpRequest_Create();
CkHttpRequest_putHttpVerb(req,'POST');
CkHttpRequest_putPath(req,'/isabel-connect/oauth2/token');
CkHttpRequest_putContentType(req,'application/x-www-form-urlencoded');
CkHttpRequest_AddParam(req,'grant_type','refresh_token');

// Load the previously obtained refresh token.
jsonToken := CkJsonObject_Create();
success := CkJsonObject_LoadFile(jsonToken,'qa_data/tokens/isabel_refresh_token.json');
if (success = False) then
  begin
    Memo1.Lines.Add('No existing access token.');
    Exit;
  end;
CkHttpRequest_AddParam(req,'refresh_token',CkJsonObject__stringOf(jsonToken,'refresh_token'));

// Note: For sandbox testing, we literally want to use the strings
// "valid_client_id", and "valid_client_secret".
// For the live app, you would replace these with actual values.
CkHttpRequest_AddParam(req,'client_id','valid_client_id');
CkHttpRequest_AddParam(req,'client_secret','valid_client_secret');

CkHttpRequest_AddHeader(req,'Accept','application/vnd.api+json');

crypt := CkCrypt2_Create();
idempotencyKey := CkCrypt2__generateUuid(crypt);
Memo1.Lines.Add('Ibanity-Idempotency-Key: ' + idempotencyKey);
CkHttpRequest_AddHeader(req,'Ibanity-Idempotency-Key',idempotencyKey);

resp := CkHttp_PostUrlEncoded(http,'https://api.ibanity.com/isabel-connect/oauth2/token',req);
if (CkHttp_getLastMethodSuccess(http) = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

sbResponseBody := CkStringBuilder_Create();
CkHttpResponse_GetBodySb(resp,sbResponseBody);
jResp := CkJsonObject_Create();
CkJsonObject_LoadSb(jResp,sbResponseBody);
CkJsonObject_putEmitCompact(jResp,False);

Memo1.Lines.Add('Response Body:');
Memo1.Lines.Add(CkJsonObject__emit(jResp));

respStatusCode := CkHttpResponse_getStatusCode(resp);
Memo1.Lines.Add('Response Status Code = ' + IntToStr(respStatusCode));
if (respStatusCode >= 400) then
  begin
    Memo1.Lines.Add('Response Header:');
    Memo1.Lines.Add(CkHttpResponse__header(resp));
    Memo1.Lines.Add('Failed.');
    CkHttpResponse_Dispose(resp);
    Exit;
  end;
CkHttpResponse_Dispose(resp);

// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)

// Notice that we don't get a new refresh token.  The original refresh token is used each time we
// want to refresh.  However, we get a new access token.  This access token is to be used in Isabel API calls
// until we need to refresh again.
// {
//   "token_type": "Bearer",
//   "scope": "cloudconnect",
//   "expires_in": 1799,
//   "access_token": "access_token_1603365408"
// }

// Sample code for parsing the JSON response...
// Use the following online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON

token_type := CkJsonObject__stringOf(jResp,'token_type');
scope := CkJsonObject__stringOf(jResp,'scope');
expires_in := CkJsonObject_IntOf(jResp,'expires_in');
access_token := CkJsonObject__stringOf(jResp,'access_token');

// Save this to a file so we can load in other examples to include the access token in the HTTP request.
success := CkJsonObject_WriteFile(jResp,'qa_data/tokens/isabel_access_token.json');

CkHttp_Dispose(http);
CkCert_Dispose(cert);
CkHttpRequest_Dispose(req);
CkJsonObject_Dispose(jsonToken);
CkCrypt2_Dispose(crypt);
CkStringBuilder_Dispose(sbResponseBody);
CkJsonObject_Dispose(jResp);

end;