Delphi ActiveX
Delphi ActiveX
Rabobank GET /v3/accounts
See more Rabobank Examples
Demonstrates a call to a Rabobank API. Specifically this makes a call to the "Accounts AIS sb" API to deliver all the consented payments accounts for a specific Rabobank customer.(This includes source code to for signing requests for PSD2 APIs)
Chilkat Delphi ActiveX Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
http: TChilkatHttp;
jsonToken: TChilkatJsonObject;
sbTppCert: TChilkatStringBuilder;
crypt: TChilkatCrypt2;
xRequestId: WideString;
dt: TCkDateTime;
dateHdrVal: WideString;
payload: WideString;
payloadDigest: WideString;
sbDigestHdrVal: TChilkatStringBuilder;
sbStringToSign: TChilkatStringBuilder;
sbPrivKey: TChilkatStringBuilder;
privKey: TPrivateKey;
rsa: TChilkatRsa;
b64Signature: WideString;
cert: TChilkatCert;
sbSigHdrVal: TChilkatStringBuilder;
tlsCert: TChilkatCert;
bdPrivKey: TChilkatBinData;
tlsPrivKey: TPrivateKey;
sbResponseBody: TChilkatStringBuilder;
jResp: TChilkatJsonObject;
respStatusCode: Integer;
v_linksAccount: WideString;
v_linksBalances: WideString;
v_linksTransactions: WideString;
currency: WideString;
iban: WideString;
name: WideString;
resourceId: WideString;
status: WideString;
i: Integer;
count_i: Integer;
begin
success := 0;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
http := TChilkatHttp.Create(Self);
// Implements the following CURL command:
// curl --request GET \
// --url https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts \
// --header 'accept: application/json' \
// --header 'authorization: Bearer REPLACE_BEARER_TOKEN' \
// --header 'date: REPLACE_THIS_VALUE' \
// --header 'digest: REPLACE_THIS_VALUE' \
// --header 'psu-ip-address: OPTIONAL' \
// --header 'signature: REPLACE_THIS_VALUE' \
// --header 'tpp-signature-certificate: MIIDkDCCAnigA ... cwE6gUl0rMA==' \
// --header 'x-ibm-client-id: Client ID' \
// --header 'x-request-id: REPLACE_THIS_VALUE'
// Load the previously fetched OAuth2 access token.
jsonToken := TChilkatJsonObject.Create(Self);
success := jsonToken.LoadFile('qa_data/tokens/rabobank.json');
if (success = 0) then
begin
Memo1.Lines.Add(jsonToken.LastErrorText);
Exit;
end;
// This adds the "authorization: Bearer REPLACE_BEARER_TOKEN" header.
http.AuthToken := jsonToken.StringOf('access_token');
// This is the TTP Signature certificate: The certificate used for signing the request.
sbTppCert := TChilkatStringBuilder.Create(Self);
sbTppCert.Append('MIIDkDCCAnigAwIBAgIEWs3AJDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC');
sbTppCert.Append('TkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxETAPBgNVBAoM');
sbTppCert.Append('CFJhYm9iYW5rMRwwGgYDVQQLDBNPbmxpbmUgVHJhbnNhY3Rpb25zMSUwIwYDVQQD');
sbTppCert.Append('DBxQU0QyIEFQSSBQSSBTZXJ2aWNlcyBTYW5kYm94MB4XDTE4MDQxMTA3NTgyOFoX');
sbTppCert.Append('DTIzMDQxMTA3NTgyOFowgYkxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0');
sbTppCert.Append('MRAwDgYDVQQHDAdVdHJlY2h0MREwDwYDVQQKDAhSYWJvYmFuazEcMBoGA1UECwwT');
sbTppCert.Append('T25saW5lIFRyYW5zYWN0aW9uczElMCMGA1UEAwwcUFNEMiBBUEkgUEkgU2Vydmlj');
sbTppCert.Append('ZXMgU2FuZGJveDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoAjqGW');
sbTppCert.Append('UgCIm2F+0sBSEwLal+T3u+uldLikpxHCB8iL1GD7FrRjcA+MVsxhvHly7vRsHK+t');
sbTppCert.Append('QyMSaeK782RHpY33qxPLc8LmoQLb2EuiQxXj9POYkYBQ74qkrZnvKVlR3WoyQWeD');
sbTppCert.Append('OXnSY2wbNFfkP8ET4ElwyuIIEriwYhab0OIrnnrO8X82/SPZxHwEd3aQjQ6uhiw8');
sbTppCert.Append('paDspJbS5WjEfuwY16KVVUYlhbtAwGjvc6aK0NBm+LH9fMLpAE6gfGZNy0gzMDor');
sbTppCert.Append('VNbkQK1IoAGD8p9ZHdB0F3FwkILEjUiQW6nK+/fKDNJ0TBbpgZUpY8bR460qzxKd');
sbTppCert.Append('eZ1yPDqX2Cjh6fkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYL4iD6noMJAt63kD');
sbTppCert.Append('ED4RB2mII/lssvHhcxuDpOm3Ims9urubFWEpvV5TgIBAxy9PBinOdjhO1kGJJnYi');
sbTppCert.Append('7F1jv1qnZwTV1JhYbvxv3+vk0jaiu7Ew7G3ASlzruXyMhN6t6jk9MpaWGl5Uw1T+');
sbTppCert.Append('gNRUcWQRR44g3ahQRIS/UHkaV+vcpOa8j186/1X0ULHfbcVQk4LMmJeXqNs8sBAU');
sbTppCert.Append('dKU/c6ssvj8jfJ4SfrurcBhY5UBTOdQOXTPY85aU3iFloerx7Oi9EHewxInOrU5X');
sbTppCert.Append('zqqTz2AQPXezexVeAQxP27lzqCmYC7CFiam6QBr06VebkmnPLfs76n8CDc1cwE6g');
sbTppCert.Append('Ul0rMA==');
http.SetRequestHeader('tpp-signature-certificate',sbTppCert.GetAsString());
// ----------------------------------------------------------------
// We're not going to add the psu-ip-address header in this example.
// ----------------------------------------------------------------
// X-Request-ID header...
// Generate a UUID v4.
crypt := TChilkatCrypt2.Create(Self);
xRequestId := crypt.GenerateUuid();
http.SetRequestHeader('x-request-id',xRequestId);
// ----------------------------------------------------------------
// Date header...
dt := TCkDateTime.Create(Self);
dt.SetFromCurrentSystemTime();
dateHdrVal := dt.GetAsRfc822(0);
// The desire date/time format is the "RFC822" format.
http.SetRequestHeader('Date',dateHdrVal);
// ----------------------------------------------------------------
// Digest header...
crypt.HashAlgorithm := 'SHA256';
crypt.EncodingMode := 'base64';
// A GET request has no HTTP request body. Therefore the payload is the empty string.
payload := '';
payloadDigest := crypt.HashStringENC(payload);
sbDigestHdrVal := TChilkatStringBuilder.Create(Self);
sbDigestHdrVal.Append('SHA-256=');
sbDigestHdrVal.Append(payloadDigest);
http.SetRequestHeader('digest',sbDigestHdrVal.GetAsString());
// ----------------------------------------------------------------
// The HTTP request needs to be signed for PSD2 API's...
// Create the signing string (to use in signing the HTTP request).
// See https://developer.rabobank.nl/signing-requests-psd2-apis
//
// For "account information" HTTP requests, we must use the following headers in the signing string.
// date
// digest
// x-request-id
sbStringToSign := TChilkatStringBuilder.Create(Self);
sbStringToSign.Append('date: ');
sbStringToSign.AppendLine(dateHdrVal,0);
sbStringToSign.Append('digest: ');
sbStringToSign.AppendLine(sbDigestHdrVal.GetAsString(),0);
sbStringToSign.Append('x-request-id: ');
sbStringToSign.Append(xRequestId);
// ----------------------------------------------------------------
// Sign with our private key...
sbPrivKey := TChilkatStringBuilder.Create(Self);
sbPrivKey.Append('MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaAI6hllIAiJth');
sbPrivKey.Append('ftLAUhMC2pfk97vrpXS4pKcRwgfIi9Rg+xa0Y3APjFbMYbx5cu70bByvrUMjEmni');
sbPrivKey.Append('u/NkR6WN96sTy3PC5qEC29hLokMV4/TzmJGAUO+KpK2Z7ylZUd1qMkFngzl50mNs');
sbPrivKey.Append('GzRX5D/BE+BJcMriCBK4sGIWm9DiK556zvF/Nv0j2cR8BHd2kI0OroYsPKWg7KSW');
sbPrivKey.Append('0uVoxH7sGNeilVVGJYW7QMBo73OmitDQZvix/XzC6QBOoHxmTctIMzA6K1TW5ECt');
sbPrivKey.Append('SKABg/KfWR3QdBdxcJCCxI1IkFupyvv3ygzSdEwW6YGVKWPG0eOtKs8SnXmdcjw6');
sbPrivKey.Append('l9go4en5AgMBAAECggEAB8nsTqalwGIhFw8mbXuhNUFlGuek/arYLD6pv28swwQH');
sbPrivKey.Append('7v0ZlxFUcCHF+iBl0PsDwZTZQ4ePtgGS6ehoLkWHCzb1lEv5E1YVG5qKNE2UUwRl');
sbPrivKey.Append('fIyPakO6AzyV/UF3uzq7C+/GuXGNTKZxKewg5yD/DCFvKoCOpxu9u36FyqP/hw0S');
sbPrivKey.Append('ADVlmp35/zoPDPZzu1j4FiCo0pJ9LwJcHxeJHopNAKDw9k6I4z/grskdgupsGzK2');
sbPrivKey.Append('BiGiQ/+wmmO68/6Xa6KWfpr1PQ6ODJHgzZsdGCVi6Ebaqlj6BbsYWxP6h3lrsGt+');
sbPrivKey.Append('LmHBaN2jCD6cDp+lihqFgnm8hfdv0lmbPilp71EDfwKBgQD6U8PBzZtN8yXm5WuS');
sbPrivKey.Append('NL+/8q5GjNmeTJBSo1gM6Y8vOT4QAE147LbVuVBDwyHPoSrNejePae6Q14PswjBy');
sbPrivKey.Append('T7B8DZ0OeQyGa3trrFg/ib7Vv4ZMvJqX9+WzBrzZsxTg7oCKHzmCR4vIRItKHH3z');
sbPrivKey.Append('Wnnhqlo8ic2AZ2O43cdJosbO1wKBgQDe8UODOLu0vnHohOKeUqF3w/ZOB2+83/js');
sbPrivKey.Append('YyUbSkzsGvHIwTjObuMUFTQvdMZ6IkIyJdfnDZIbvlBSD8tzL5iKFTNCK2nL1i4G');
sbPrivKey.Append('iFr0CYLaHAlhJ5GEbTrTMDoJeBPerZq83HPrSa/Wb0xO18QTWsoVQPFfPFbbcQyI');
sbPrivKey.Append('9ryJ2iIDrwKBgQC6kuAefG46ZPVk6K2KZUJdgDUgZC52a75NuW0RAqszmUiGiJM1');
sbPrivKey.Append('g8ip9tq6BqAWrprGV0c93shusBKlzf5p1LdHXqYmeVY6gbWVhPipMrNHgN5KJ3BZ');
sbPrivKey.Append('v+w1yNnMsErpcxne2HL2hPjMJTpj3GSLkm2xIlTrNhIyl9ydlr7IRUhENQKBgQCv');
sbPrivKey.Append('i6HxbXa/90WSJTCcIcxqla8X+dsOCf3jhJ3vQy4Wq5C+1wZ35fCAG8Ifq/+so9Uj');
sbPrivKey.Append('z5CVqqXlmpF8TFuSs2OVNuRJsg14J4nOMwgLKIIUZAcurQ10DN5I9Kx+UEK1EFXL');
sbPrivKey.Append('aHsORdNjMfgQDO2jn9WHrr9gkg6CdB2+qyoCEfS+mQKBgBW08lcy9V5RzRWb/v/j');
sbPrivKey.Append('xsc7ovmgAhCJhDeV7dPbx4HbFeoQJlbA8g1thdcFlcatSGyNDbvNE1GPSd4NhkpR');
sbPrivKey.Append('Y6Hfv53kdEzjVkEtU8lUdL7HNVJqX7bU7oZlfbYcwxWQ1Gg8C1oLIAyEt71slQtd');
sbPrivKey.Append('RiNYBRZTQe2F0wxbXnuUqLAw');
privKey := TPrivateKey.Create(Self);
success := privKey.LoadPem(sbPrivKey.GetAsString());
if (success = 0) then
begin
Memo1.Lines.Add(privKey.LastErrorText);
Exit;
end;
rsa := TChilkatRsa.Create(Self);
success := rsa.UsePrivateKey(privKey.ControlInterface);
if (success = 0) then
begin
Memo1.Lines.Add(rsa.LastErrorText);
Exit;
end;
rsa.EncodingMode := 'base64';
b64Signature := rsa.SignStringENC(sbStringToSign.GetAsString(),'SHA256');
// ----------------------------------------------------------------
// Add the "signature" header.
//
// The signature header will look like this:
// signature: keyId="1523433508",algorithm="rsa-sha512",headers="date digest x-request-id",signature="y5o7gKxmfA6AT6...blE1A9Q=="
//
// The keyId is the serial number of the certificate as defined in 'TPP-Signing-Certificate' header, the format should be Integer not hex.
cert := TChilkatCert.Create(Self);
success := cert.SetFromEncoded(sbTppCert.GetAsString());
if (success = 0) then
begin
Memo1.Lines.Add(cert.LastErrorText);
Exit;
end;
sbSigHdrVal := TChilkatStringBuilder.Create(Self);
sbSigHdrVal.Append('keyId="');
sbSigHdrVal.Append(cert.SerialDecimal);
sbSigHdrVal.Append('",');
sbSigHdrVal.Append('algorithm="rsa-sha256",');
sbSigHdrVal.Append('headers="date digest x-request-id",');
sbSigHdrVal.Append('signature="');
sbSigHdrVal.Append(b64Signature);
sbSigHdrVal.Append('"');
http.SetRequestHeader('signature',sbSigHdrVal.GetAsString());
// ----------------------------------------------------------------
// Add remaining headers...
http.SetRequestHeader('x-ibm-client-id','YOUR_APP_CLIENT_ID');
http.SetRequestHeader('accept','application/json');
// ----------------------------------------------------------------
// Add our certificate and key for mutual TLS
// (provide a registered X509 client certificate during TLS handhake)
tlsCert := TChilkatCert.Create(Self);
success := tlsCert.LoadFromFile('qa_data/certs_and_keys/ING/example_client_tls.cer');
if (success = 0) then
begin
Memo1.Lines.Add(tlsCert.LastErrorText);
Exit;
end;
bdPrivKey := TChilkatBinData.Create(Self);
success := bdPrivKey.LoadFile('qa_data/certs_and_keys/ING/example_client_tls.key');
if (success = 0) then
begin
Memo1.Lines.Add('Failed to load example_client_tls.key');
Exit;
end;
// The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd.
// Please note down this client_id since you will need it in the next steps to call the API.
tlsPrivKey := TPrivateKey.Create(Self);
success := tlsPrivKey.LoadAnyFormat(bdPrivKey.ControlInterface,'');
if (success = 0) then
begin
Memo1.Lines.Add(tlsPrivKey.LastErrorText);
Exit;
end;
// Associate the private key with the certificate.
success := tlsCert.SetPrivateKey(tlsPrivKey.ControlInterface);
if (success = 0) then
begin
Memo1.Lines.Add(tlsCert.LastErrorText);
Exit;
end;
success := http.SetSslClientCert(tlsCert.ControlInterface);
if (success = 0) then
begin
Memo1.Lines.Add(http.LastErrorText);
Exit;
end;
// ----------------------------------------------------------------
// Finally, send the request...
sbResponseBody := TChilkatStringBuilder.Create(Self);
success := http.QuickGetSb('https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts',sbResponseBody.ControlInterface);
if (success = 0) then
begin
Memo1.Lines.Add(http.LastErrorText);
Memo1.Lines.Add(sbResponseBody.GetAsString());
Exit;
end;
jResp := TChilkatJsonObject.Create(Self);
jResp.LoadSb(sbResponseBody.ControlInterface);
jResp.EmitCompact := 0;
Memo1.Lines.Add('Response Body:');
Memo1.Lines.Add(jResp.Emit());
respStatusCode := http.LastStatus;
Memo1.Lines.Add('Response Status Code = ' + IntToStr(respStatusCode));
if (respStatusCode >= 400) then
begin
Memo1.Lines.Add('Response Header:');
Memo1.Lines.Add(http.LastHeader);
Memo1.Lines.Add('Failed.');
Exit;
end;
// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)
// {
// "accounts": [
// {
// "_links": {
// "account": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
// "balances": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/balances",
// "transactions": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/transactions"
// },
// "currency": "EUR",
// "iban": "NL05RABO0812836782",
// "name": "Rosie Roy",
// "resourceId": "dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
// "status": "enabled"
// }
// ]
// }
// Sample code for parsing the JSON response...
// Use the following online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
i := 0;
count_i := jResp.SizeOfArray('accounts');
while i < count_i do
begin
jResp.I := i;
v_linksAccount := jResp.StringOf('accounts[i]._links.account');
v_linksBalances := jResp.StringOf('accounts[i]._links.balances');
v_linksTransactions := jResp.StringOf('accounts[i]._links.transactions');
currency := jResp.StringOf('accounts[i].currency');
iban := jResp.StringOf('accounts[i].iban');
name := jResp.StringOf('accounts[i].name');
resourceId := jResp.StringOf('accounts[i].resourceId');
status := jResp.StringOf('accounts[i].status');
i := i + 1;
end;
end;