Sample code for 30+ languages & platforms
Lianja

Get Access Token using a Pre-Created JSON Web Token

See more ABN AMRO Examples

Demonstrates how to get an access token using a pre-created JSON Web Token (JWT).

Chilkat Lianja Downloads

Lianja
llSuccess = .F.

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// We're going to duplicate this CURL statement:
// curl -X POST https://api-sandbox.abnamro.com/v1/oauth/token \
// -H "Content-Type: application/x-www-form-urlencoded" \
// -H "API-Key: xxxxxx" \
// -d 'client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=client_credentials&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ4eHh4eHgiLCJleHAiOiIxNDk5OTQ3NjY4IiwiaXNzIjoibWUiLCJhdWQiOiJodHRwczovL2F1dGgtc2FuZGJveC5hYm5hbXJvLmNvbS9vYXV0aC90b2tlbiJ9.jGwHKG_YjgKpR8NPpaLu6nJ97obeP2vcxg6fOWBKdJ0&scope=tikkie'

// Load our pre-creaed private key PEM file.
// Note: Please share your public key along with your app name and developer email id at api.support@nl.abnamro.com. 
// Token generation will not work unless public key is associated with your app.
loPrivkey = createobject("CkPrivateKey")

llSuccess = loPrivkey.LoadPemFile("qa_data/pem/abnAmroPrivateKey.pem")
if (llSuccess = .F.) then
    ? loPrivkey.LastErrorText
    release loPrivkey
    return
endif

// Create the JWT.
loJwt = createobject("CkJwt")

// Create the header:
// {
//     "typ": "JWT",
//     "alg": "RS256"
// }
loJsonHeader = createobject("CkJsonObject")
loJsonHeader.UpdateString("typ","JWT")
loJsonHeader.UpdateString("alg","RS256")

// Create the payload:
// {
//     "nbf": 1499947668,
//     "exp": 1499948668,
//     "iss": "me",
//     "sub": "anApiKey",
//     "aud": "https://auth-sandbox.abnamro.com/oauth/token"
// }
loJsonPayload = createobject("CkJsonObject")

lnCurDateTime = loJwt.GenNumericDate(0)

// Set the "not process before" timestamp to now.
llSuccess = loJsonPayload.AddIntAt(-1,"nbf",lnCurDateTime)

// Set the timestamp defining an expiration time (end time) for the token
// to be now + 1 hour (3600 seconds)
llSuccess = loJsonPayload.AddIntAt(-1,"exp",lnCurDateTime + 3600)

loJsonPayload.UpdateString("iss","me")
loJsonPayload.UpdateString("sub","anApiKey")
loJsonPayload.UpdateString("aud","https://auth-sandbox.abnamro.com/oauth/token")

// Produce the smallest possible JWT:
loJwt.AutoCompact = .T.

lcJwtStr = loJwt.CreateJwtPk(loJsonHeader.Emit(),loJsonPayload.Emit(),loPrivkey)
if (loJwt.LastMethodSuccess = .F.) then
    ? loJwt.LastErrorText
    release loPrivkey
    release loJwt
    release loJsonHeader
    release loJsonPayload
    return
endif

loHttp = createobject("CkHttp")

loReq = createobject("CkHttpRequest")
loReq.AddParam("client_assertion_type","urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
loReq.AddParam("grant_type","client_credentials")
loReq.AddParam("client_assertion",lcJwtStr)
loReq.AddParam("scope","tikkie")

loReq.HttpVerb = "POST"
loReq.ContentType = "application/x-www-form-urlencoded"

loResp = createobject("CkHttpResponse")
llSuccess = loHttp.HttpReq("https://api-sandbox.abnamro.com/v1/oauth/token",loReq,loResp)
if (llSuccess = .F.) then
    ? loHttp.LastErrorText
    release loPrivkey
    release loJwt
    release loJsonHeader
    release loJsonPayload
    release loHttp
    release loReq
    release loResp
    return
endif

if (loResp.StatusCode <> 200) then
    ? loResp.BodyStr
    release loPrivkey
    release loJwt
    release loJsonHeader
    release loJsonPayload
    release loHttp
    release loReq
    release loResp
    return
endif

// Get the JSON result:
// {
//     "access_token": "{your access token}",
//     "expires_in": "{duration of validity in seconds}",
//     "scope": "{scope(s) for which the access token is valid}",
//     "token_type": "{it is always Bearer}"
// }
loJson = createobject("CkJsonObject")
loJson.Load(loResp.BodyStr)
? "access_token: " + loJson.StringOf("access_token")
? "token_type: " + loJson.StringOf("token_type")
? "expires_in: " + loJson.StringOf("expires_in")
? "scope: " + loJson.StringOf("scope")


release loPrivkey
release loJwt
release loJsonHeader
release loJsonPayload
release loHttp
release loReq
release loResp
release loJson