Sample code for 30+ languages & platforms
Android™

ING Open Banking OAuth2 Client Credentials

See more OAuth2 Examples

Demonstrates how to get an access token for the ING Open Banking APIs using client credentials.

Chilkat Android™ Downloads

Android™
// Important: Don't forget to include the call to System.loadLibrary
// as shown at the bottom of this code sample.
package com.test;

import android.app.Activity;
import com.chilkatsoft.*;

import android.widget.TextView;
import android.os.Bundle;

public class SimpleActivity extends Activity {

  private static final String TAG = "Chilkat";

  // Called when the activity is first created.
  @Override
  public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);

    boolean success = false;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkCert cert = new CkCert();
    success = cert.LoadFromFile("qa_data/certs_and_keys/ING/example_client_tls.cer");
    if (success == false) {
        Log.i(TAG, cert.lastErrorText());
        return;
        }

    CkBinData bdPrivKey = new CkBinData();
    success = bdPrivKey.LoadFile("qa_data/certs_and_keys/ING/example_client_tls.key");
    if (success == false) {
        Log.i(TAG, "Failed to load example_client_tls.key");
        return;
        }

    // The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. 
    // Please note down this client_id since you will need it in the next steps to call the API.

    CkPrivateKey privKey = new CkPrivateKey();
    success = privKey.LoadAnyFormat(bdPrivKey,"");
    if (success == false) {
        Log.i(TAG, privKey.lastErrorText());
        return;
        }

    // Associate the private key with the certificate.
    success = cert.SetPrivateKey(privKey);
    if (success == false) {
        Log.i(TAG, cert.lastErrorText());
        return;
        }

    CkHttp http = new CkHttp();

    success = http.SetSslClientCert(cert);
    if (success == false) {
        Log.i(TAG, http.lastErrorText());
        return;
        }

    // Calculate the Digest and add the "Digest" header.  Do the equivalent of this:
    // payload="grant_type=client_credentials"
    // payloadDigest=`echo -n "$payload" | openssl dgst -binary -sha256 | openssl base64`
    // digest=SHA-256=$payloadDigest
    CkCrypt2 crypt = new CkCrypt2();
    crypt.put_HashAlgorithm("SHA256");
    crypt.put_EncodingMode("base64");
    String payload = "grant_type=client_credentials";
    String payloadDigest = crypt.hashStringENC(payload);

    // Calculate the current date/time and add the Date header.  
    // reqDate=$(LC_TIME=en_US.UTF-8 date -u "+%a, %d %b %Y %H:%M:%S GMT")  
    CkDateTime dt = new CkDateTime();
    dt.SetFromCurrentSystemTime();
    // The desire date/time format is the "RFC822" format.
    http.SetRequestHeader("Date",dt.getAsRfc822(false));

    // Calculate signature for signing your request
    // Duplicate the following code:

    // 	httpMethod="post"
    // 	reqPath="/oauth2/token"
    // 	signingString="(request-target): $httpMethod $reqPath
    // 	date: $reqDate
    // 	digest: $digest"
    // 	signature=`printf "$signingString" | openssl dgst -sha256 -sign "${certPath}example_client_signing.key" -passin "pass:changeit" | openssl base64 -A`

    String httpMethod = "POST";
    String reqPath = "/oauth2/token";

    CkStringBuilder sbStringToSign = new CkStringBuilder();
    sbStringToSign.Append("(request-target): ");
    sbStringToSign.Append(httpMethod);
    sbStringToSign.ToLowercase();
    sbStringToSign.Append(" ");
    sbStringToSign.AppendLine(reqPath,false);

    sbStringToSign.Append("date: ");
    sbStringToSign.AppendLine(dt.getAsRfc822(false),false);

    sbStringToSign.Append("digest: SHA-256=");
    sbStringToSign.Append(payloadDigest);

    CkPrivateKey signingPrivKey = new CkPrivateKey();
    success = signingPrivKey.LoadPemFile("qa_data/certs_and_keys/ING/example_client_signing.key");
    if (success == false) {
        Log.i(TAG, signingPrivKey.lastErrorText());
        return;
        }

    CkRsa rsa = new CkRsa();
    success = rsa.UsePrivateKey(signingPrivKey);
    if (success == false) {
        Log.i(TAG, rsa.lastErrorText());
        return;
        }

    rsa.put_EncodingMode("base64");
    String b64Signature = rsa.signStringENC(sbStringToSign.getAsString(),"SHA256");

    CkStringBuilder sbAuthHdrVal = new CkStringBuilder();
    sbAuthHdrVal.Append("Signature keyId=\"e77d776b-90af-4684-bebc-521e5b2614dd\",");
    sbAuthHdrVal.Append("algorithm=\"rsa-sha256\",");
    sbAuthHdrVal.Append("headers=\"(request-target) date digest\",");
    sbAuthHdrVal.Append("signature=\"");
    sbAuthHdrVal.Append(b64Signature);
    sbAuthHdrVal.Append("\"");

    CkStringBuilder sbDigestHdrVal = new CkStringBuilder();
    sbDigestHdrVal.Append("SHA-256=");
    sbDigestHdrVal.Append(payloadDigest);

    // Do the following CURL statement:

    // 	curl -i -X POST "${httpHost}${reqPath}" \
    // 	-H 'Accept: application/json' \
    // 	-H 'Content-Type: application/x-www-form-urlencoded' \
    // 	-H "Digest: ${digest}" \
    // 	-H "Date: ${reqDate}" \
    // 	-H "authorization: Signature keyId=\"$keyId\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"$signature\"" \
    // 	-d "${payload}" \
    // 	--cert "${certPath}tlsCert.crt" \
    // 	--key "${certPath}tlsCert.key"

    CkHttpRequest req = new CkHttpRequest();
    req.AddParam("grant_type","client_credentials");
    req.AddHeader("Accept","application/json");
    req.AddHeader("Date",dt.getAsRfc822(false));
    req.AddHeader("Digest",sbDigestHdrVal.getAsString());
    req.AddHeader("Authorization",sbAuthHdrVal.getAsString());

    req.put_HttpVerb("POST");
    req.put_ContentType("application/x-www-form-urlencoded");

    CkHttpResponse resp = new CkHttpResponse();
    success = http.HttpReq("https://api.sandbox.ing.com/oauth2/token",req,resp);
    if (success == false) {
        Log.i(TAG, http.lastErrorText());
        return;
        }

    // If successful, the status code = 200
    Log.i(TAG, "Response Status Code: " + String.valueOf(resp.get_StatusCode()));
    Log.i(TAG, resp.bodyStr());

    CkJsonObject json = new CkJsonObject();
    json.Load(resp.bodyStr());

    json.put_EmitCompact(false);
    Log.i(TAG, json.emit());

    // A successful response contains an access token such as:
    // {
    //   "access_token": "eyJhbGc ... bxI_SoPOBH9xmoM",
    //   "expires_in": 905,
    //   "scope": "payment-requests:view payment-requests:create payment-requests:close greetings:view virtual-ledger-accounts:fund-reservation:create virtual-ledger-accounts:fund-reservation:delete virtual-ledger-accounts:balance:view",
    //   "token_type": "Bearer",
    //   "keys": [
    //     {
    //       "kty": "RSA",
    //       "n": "3l3rdz4...04VPkdV",
    //       "e": "AQAB",
    //       "use": "sig",
    //       "alg": "RS256",
    //       "x5t": "3c396700fc8cd709cf9cb5452a22bcde76985851"
    //     }
    //   ],
    //   "client_id": "e77d776b-90af-4684-bebc-521e5b2614dd"
    // }

    // Use this online tool to generate parsing code from sample JSON: 
    // Generate Parsing Code from JSON

    String kty;
    String n;
    String e;
    String use;
    String alg;
    String x5t;

    String access_token = json.stringOf("access_token");
    int expires_in = json.IntOf("expires_in");
    String scope = json.stringOf("scope");
    String token_type = json.stringOf("token_type");
    String client_id = json.stringOf("client_id");
    int i = 0;
    int count_i = json.SizeOfArray("keys");
    while (i < count_i) {
        json.put_I(i);
        kty = json.stringOf("keys[i].kty");
        n = json.stringOf("keys[i].n");
        e = json.stringOf("keys[i].e");
        use = json.stringOf("keys[i].use");
        alg = json.stringOf("keys[i].alg");
        x5t = json.stringOf("keys[i].x5t");
        i = i + 1;
        }

    // This example will save the JSON containing the access key to a file so that
    // a subsequent example can load it and then use the access key for a request, such as to create a payment request.
    json.WriteFile("qa_data/tokens/ing_access_token.json");

  }

  static {
      System.loadLibrary("chilkat");

      // Note: If the incorrect library name is passed to System.loadLibrary,
      // then you will see the following error message at application startup:
      //"The application <your-application-name> has stopped unexpectedly. Please try again."
  }
}