|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Objective-C) ING Open Banking OAuth2 Client CredentialsDemonstrates how to get an access token for the ING Open Banking APIs using client credentials. For more information, see https://developer.ing.com/openbanking/get-started/openbanking
#import <CkoCert.h> #import <CkoBinData.h> #import <CkoPrivateKey.h> #import <CkoHttp.h> #import <CkoCrypt2.h> #import <NSString.h> #import <CkoDateTime.h> #import <CkoStringBuilder.h> #import <CkoRsa.h> #import <CkoHttpRequest.h> #import <CkoHttpResponse.h> #import <CkoJsonObject.h> // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. CkoCert *cert = [[CkoCert alloc] init]; BOOL success = [cert LoadFromFile: @"qa_data/certs_and_keys/ING/example_client_tls.cer"]; if (success == NO) { NSLog(@"%@",cert.LastErrorText); return; } CkoBinData *bdPrivKey = [[CkoBinData alloc] init]; success = [bdPrivKey LoadFile: @"qa_data/certs_and_keys/ING/example_client_tls.key"]; if (success == NO) { NSLog(@"%@",@"Failed to load example_client_tls.key"); return; } // The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. // Please note down this client_id since you will need it in the next steps to call the API. CkoPrivateKey *privKey = [[CkoPrivateKey alloc] init]; success = [privKey LoadAnyFormat: bdPrivKey password: @""]; if (success == NO) { NSLog(@"%@",privKey.LastErrorText); return; } // Associate the private key with the certificate. success = [cert SetPrivateKey: privKey]; if (success == NO) { NSLog(@"%@",cert.LastErrorText); return; } CkoHttp *http = [[CkoHttp alloc] init]; success = [http SetSslClientCert: cert]; if (success == NO) { NSLog(@"%@",http.LastErrorText); return; } // Calculate the Digest and add the "Digest" header. Do the equivalent of this: // payload="grant_type=client_credentials" // payloadDigest=`echo -n "$payload" | openssl dgst -binary -sha256 | openssl base64` // digest=SHA-256=$payloadDigest CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init]; crypt.HashAlgorithm = @"SHA256"; crypt.EncodingMode = @"base64"; NSString *payload = @"grant_type=client_credentials"; NSString *payloadDigest = [crypt HashStringENC: payload]; // Calculate the current date/time and add the Date header. // reqDate=$(LC_TIME=en_US.UTF-8 date -u "+%a, %d %b %Y %H:%M:%S GMT") CkoDateTime *dt = [[CkoDateTime alloc] init]; [dt SetFromCurrentSystemTime]; // The desire date/time format is the "RFC822" format. [http SetRequestHeader: @"Date" value: [dt GetAsRfc822: NO]]; // Calculate signature for signing your request // Duplicate the following code: // httpMethod="post" // reqPath="/oauth2/token" // signingString="(request-target): $httpMethod $reqPath // date: $reqDate // digest: $digest" // signature=`printf "$signingString" | openssl dgst -sha256 -sign "${certPath}example_client_signing.key" -passin "pass:changeit" | openssl base64 -A` NSString *httpMethod = @"POST"; NSString *reqPath = @"/oauth2/token"; CkoStringBuilder *sbStringToSign = [[CkoStringBuilder alloc] init]; [sbStringToSign Append: @"(request-target): "]; [sbStringToSign Append: httpMethod]; [sbStringToSign ToLowercase]; [sbStringToSign Append: @" "]; [sbStringToSign AppendLine: reqPath crlf: NO]; [sbStringToSign Append: @"date: "]; [sbStringToSign AppendLine: [dt GetAsRfc822: NO] crlf: NO]; [sbStringToSign Append: @"digest: SHA-256="]; [sbStringToSign Append: payloadDigest]; CkoPrivateKey *signingPrivKey = [[CkoPrivateKey alloc] init]; success = [signingPrivKey LoadPemFile: @"qa_data/certs_and_keys/ING/example_client_signing.key"]; if (success == NO) { NSLog(@"%@",signingPrivKey.LastErrorText); return; } CkoRsa *rsa = [[CkoRsa alloc] init]; success = [rsa ImportPrivateKeyObj: signingPrivKey]; if (success == NO) { NSLog(@"%@",rsa.LastErrorText); return; } rsa.EncodingMode = @"base64"; NSString *b64Signature = [rsa SignStringENC: [sbStringToSign GetAsString] hashAlg: @"SHA256"]; CkoStringBuilder *sbAuthHdrVal = [[CkoStringBuilder alloc] init]; [sbAuthHdrVal Append: @"Signature keyId=\"e77d776b-90af-4684-bebc-521e5b2614dd\","]; [sbAuthHdrVal Append: @"algorithm=\"rsa-sha256\","]; [sbAuthHdrVal Append: @"headers=\"(request-target) date digest\","]; [sbAuthHdrVal Append: @"signature=\""]; [sbAuthHdrVal Append: b64Signature]; [sbAuthHdrVal Append: @"\""]; CkoStringBuilder *sbDigestHdrVal = [[CkoStringBuilder alloc] init]; [sbDigestHdrVal Append: @"SHA-256="]; [sbDigestHdrVal Append: payloadDigest]; // Do the following CURL statement: // curl -i -X POST "${httpHost}${reqPath}" \ // -H 'Accept: application/json' \ // -H 'Content-Type: application/x-www-form-urlencoded' \ // -H "Digest: ${digest}" \ // -H "Date: ${reqDate}" \ // -H "authorization: Signature keyId=\"$keyId\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"$signature\"" \ // -d "${payload}" \ // --cert "${certPath}tlsCert.crt" \ // --key "${certPath}tlsCert.key" CkoHttpRequest *req = [[CkoHttpRequest alloc] init]; [req AddParam: @"grant_type" value: @"client_credentials"]; [req AddHeader: @"Accept" value: @"application/json"]; [req AddHeader: @"Date" value: [dt GetAsRfc822: NO]]; [req AddHeader: @"Digest" value: [sbDigestHdrVal GetAsString]]; [req AddHeader: @"Authorization" value: [sbAuthHdrVal GetAsString]]; CkoHttpResponse *resp = [http PostUrlEncoded: @"https://api.sandbox.ing.com/oauth2/token" req: req]; if (http.LastMethodSuccess == NO) { NSLog(@"%@",http.LastErrorText); return; } // If successful, the status code = 200 NSLog(@"%@%d",@"Response Status Code: ",[resp.StatusCode intValue]); NSLog(@"%@",resp.BodyStr); CkoJsonObject *json = [[CkoJsonObject alloc] init]; [json Load: resp.BodyStr]; json.EmitCompact = NO; NSLog(@"%@",[json Emit]); // A successful response contains an access token such as: // { // "access_token": "eyJhbGc ... bxI_SoPOBH9xmoM", // "expires_in": 905, // "scope": "payment-requests:view payment-requests:create payment-requests:close greetings:view virtual-ledger-accounts:fund-reservation:create virtual-ledger-accounts:fund-reservation:delete virtual-ledger-accounts:balance:view", // "token_type": "Bearer", // "keys": [ // { // "kty": "RSA", // "n": "3l3rdz4...04VPkdV", // "e": "AQAB", // "use": "sig", // "alg": "RS256", // "x5t": "3c396700fc8cd709cf9cb5452a22bcde76985851" // } // ], // "client_id": "e77d776b-90af-4684-bebc-521e5b2614dd" // } // Use this online tool to generate parsing code from sample JSON: // Generate Parsing Code from JSON NSString *kty = 0; NSString *n = 0; NSString *e = 0; NSString *use = 0; NSString *alg = 0; NSString *x5t = 0; NSString *access_token = [json StringOf: @"access_token"]; int expires_in = [[json IntOf: @"expires_in"] intValue]; NSString *scope = [json StringOf: @"scope"]; NSString *token_type = [json StringOf: @"token_type"]; NSString *client_id = [json StringOf: @"client_id"]; int i = 0; int count_i = [[json SizeOfArray: @"keys"] intValue]; while (i < count_i) { json.I = [NSNumber numberWithInt: i]; kty = [json StringOf: @"keys[i].kty"]; n = [json StringOf: @"keys[i].n"]; e = [json StringOf: @"keys[i].e"]; use = [json StringOf: @"keys[i].use"]; alg = [json StringOf: @"keys[i].alg"]; x5t = [json StringOf: @"keys[i].x5t"]; i = i + 1; } // This example will save the JSON containing the access key to a file so that // a subsequent example can load it and then use the access key for a request, such as to create a payment request. [json WriteFile: @"qa_data/tokens/ing_access_token.json"]; |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.