Sample code for 30+ languages & platforms
Objective-C

ING Open Banking OAuth2 Client Credentials

See more OAuth2 Examples

Demonstrates how to get an access token for the ING Open Banking APIs using client credentials.

Chilkat Objective-C Downloads

Objective-C
#import <CkoCert.h>
#import <CkoBinData.h>
#import <CkoPrivateKey.h>
#import <CkoHttp.h>
#import <CkoCrypt2.h>
#import <NSString.h>
#import <CkoDateTime.h>
#import <CkoStringBuilder.h>
#import <CkoRsa.h>
#import <CkoHttpRequest.h>
#import <CkoHttpResponse.h>
#import <CkoJsonObject.h>

BOOL success = NO;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadFromFile: @"qa_data/certs_and_keys/ING/example_client_tls.cer"];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

CkoBinData *bdPrivKey = [[CkoBinData alloc] init];
success = [bdPrivKey LoadFile: @"qa_data/certs_and_keys/ING/example_client_tls.key"];
if (success == NO) {
    NSLog(@"%@",@"Failed to load example_client_tls.key");
    return;
}

// The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. 
// Please note down this client_id since you will need it in the next steps to call the API.

CkoPrivateKey *privKey = [[CkoPrivateKey alloc] init];
success = [privKey LoadAnyFormat: bdPrivKey password: @""];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

// Associate the private key with the certificate.
success = [cert SetPrivateKey: privKey];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

CkoHttp *http = [[CkoHttp alloc] init];

success = [http SetSslClientCert: cert];
if (success == NO) {
    NSLog(@"%@",http.LastErrorText);
    return;
}

// Calculate the Digest and add the "Digest" header.  Do the equivalent of this:
// payload="grant_type=client_credentials"
// payloadDigest=`echo -n "$payload" | openssl dgst -binary -sha256 | openssl base64`
// digest=SHA-256=$payloadDigest
CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];
crypt.HashAlgorithm = @"SHA256";
crypt.EncodingMode = @"base64";
NSString *payload = @"grant_type=client_credentials";
NSString *payloadDigest = [crypt HashStringENC: payload];

// Calculate the current date/time and add the Date header.  
// reqDate=$(LC_TIME=en_US.UTF-8 date -u "+%a, %d %b %Y %H:%M:%S GMT")  
CkoDateTime *dt = [[CkoDateTime alloc] init];
[dt SetFromCurrentSystemTime];
// The desire date/time format is the "RFC822" format.
[http SetRequestHeader: @"Date" value: [dt GetAsRfc822: NO]];

// Calculate signature for signing your request
// Duplicate the following code:

// 	httpMethod="post"
// 	reqPath="/oauth2/token"
// 	signingString="(request-target): $httpMethod $reqPath
// 	date: $reqDate
// 	digest: $digest"
// 	signature=`printf "$signingString" | openssl dgst -sha256 -sign "${certPath}example_client_signing.key" -passin "pass:changeit" | openssl base64 -A`

NSString *httpMethod = @"POST";
NSString *reqPath = @"/oauth2/token";

CkoStringBuilder *sbStringToSign = [[CkoStringBuilder alloc] init];
[sbStringToSign Append: @"(request-target): "];
[sbStringToSign Append: httpMethod];
[sbStringToSign ToLowercase];
[sbStringToSign Append: @" "];
[sbStringToSign AppendLine: reqPath crlf: NO];

[sbStringToSign Append: @"date: "];
[sbStringToSign AppendLine: [dt GetAsRfc822: NO] crlf: NO];

[sbStringToSign Append: @"digest: SHA-256="];
[sbStringToSign Append: payloadDigest];

CkoPrivateKey *signingPrivKey = [[CkoPrivateKey alloc] init];
success = [signingPrivKey LoadPemFile: @"qa_data/certs_and_keys/ING/example_client_signing.key"];
if (success == NO) {
    NSLog(@"%@",signingPrivKey.LastErrorText);
    return;
}

CkoRsa *rsa = [[CkoRsa alloc] init];
success = [rsa UsePrivateKey: signingPrivKey];
if (success == NO) {
    NSLog(@"%@",rsa.LastErrorText);
    return;
}

rsa.EncodingMode = @"base64";
NSString *b64Signature = [rsa SignStringENC: [sbStringToSign GetAsString] hashAlg: @"SHA256"];

CkoStringBuilder *sbAuthHdrVal = [[CkoStringBuilder alloc] init];
[sbAuthHdrVal Append: @"Signature keyId=\"e77d776b-90af-4684-bebc-521e5b2614dd\","];
[sbAuthHdrVal Append: @"algorithm=\"rsa-sha256\","];
[sbAuthHdrVal Append: @"headers=\"(request-target) date digest\","];
[sbAuthHdrVal Append: @"signature=\""];
[sbAuthHdrVal Append: b64Signature];
[sbAuthHdrVal Append: @"\""];

CkoStringBuilder *sbDigestHdrVal = [[CkoStringBuilder alloc] init];
[sbDigestHdrVal Append: @"SHA-256="];
[sbDigestHdrVal Append: payloadDigest];

// Do the following CURL statement:

// 	curl -i -X POST "${httpHost}${reqPath}" \
// 	-H 'Accept: application/json' \
// 	-H 'Content-Type: application/x-www-form-urlencoded' \
// 	-H "Digest: ${digest}" \
// 	-H "Date: ${reqDate}" \
// 	-H "authorization: Signature keyId=\"$keyId\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"$signature\"" \
// 	-d "${payload}" \
// 	--cert "${certPath}tlsCert.crt" \
// 	--key "${certPath}tlsCert.key"

CkoHttpRequest *req = [[CkoHttpRequest alloc] init];
[req AddParam: @"grant_type" value: @"client_credentials"];
[req AddHeader: @"Accept" value: @"application/json"];
[req AddHeader: @"Date" value: [dt GetAsRfc822: NO]];
[req AddHeader: @"Digest" value: [sbDigestHdrVal GetAsString]];
[req AddHeader: @"Authorization" value: [sbAuthHdrVal GetAsString]];

req.HttpVerb = @"POST";
req.ContentType = @"application/x-www-form-urlencoded";

CkoHttpResponse *resp = [[CkoHttpResponse alloc] init];
success = [http HttpReq: @"https://api.sandbox.ing.com/oauth2/token" request: req response: resp];
if (success == NO) {
    NSLog(@"%@",http.LastErrorText);
    return;
}

// If successful, the status code = 200
NSLog(@"%@%d",@"Response Status Code: ",[resp.StatusCode intValue]);
NSLog(@"%@",resp.BodyStr);

CkoJsonObject *json = [[CkoJsonObject alloc] init];
[json Load: resp.BodyStr];

json.EmitCompact = NO;
NSLog(@"%@",[json Emit]);

// A successful response contains an access token such as:
// {
//   "access_token": "eyJhbGc ... bxI_SoPOBH9xmoM",
//   "expires_in": 905,
//   "scope": "payment-requests:view payment-requests:create payment-requests:close greetings:view virtual-ledger-accounts:fund-reservation:create virtual-ledger-accounts:fund-reservation:delete virtual-ledger-accounts:balance:view",
//   "token_type": "Bearer",
//   "keys": [
//     {
//       "kty": "RSA",
//       "n": "3l3rdz4...04VPkdV",
//       "e": "AQAB",
//       "use": "sig",
//       "alg": "RS256",
//       "x5t": "3c396700fc8cd709cf9cb5452a22bcde76985851"
//     }
//   ],
//   "client_id": "e77d776b-90af-4684-bebc-521e5b2614dd"
// }

// Use this online tool to generate parsing code from sample JSON: 
// Generate Parsing Code from JSON

NSString *kty = 0;
NSString *n = 0;
NSString *e = 0;
NSString *use = 0;
NSString *alg = 0;
NSString *x5t = 0;

NSString *access_token = [json StringOf: @"access_token"];
int expires_in = [[json IntOf: @"expires_in"] intValue];
NSString *scope = [json StringOf: @"scope"];
NSString *token_type = [json StringOf: @"token_type"];
NSString *client_id = [json StringOf: @"client_id"];
int i = 0;
int count_i = [[json SizeOfArray: @"keys"] intValue];
while (i < count_i) {
    json.I = [NSNumber numberWithInt: i];
    kty = [json StringOf: @"keys[i].kty"];
    n = [json StringOf: @"keys[i].n"];
    e = [json StringOf: @"keys[i].e"];
    use = [json StringOf: @"keys[i].use"];
    alg = [json StringOf: @"keys[i].alg"];
    x5t = [json StringOf: @"keys[i].x5t"];
    i = i + 1;
}

// This example will save the JSON containing the access key to a file so that
// a subsequent example can load it and then use the access key for a request, such as to create a payment request.
[json WriteFile: @"qa_data/tokens/ing_access_token.json"];