Sample code for 30+ languages & platforms
Objective-C

Rabobank GET /v3/accounts

See more Rabobank Examples

Demonstrates a call to a Rabobank API. Specifically this makes a call to the "Accounts AIS sb" API to deliver all the consented payments accounts for a specific Rabobank customer.

(This includes source code to for signing requests for PSD2 APIs)

Chilkat Objective-C Downloads

Objective-C
#import <CkoHttp.h>
#import <CkoJsonObject.h>
#import <CkoStringBuilder.h>
#import <CkoCrypt2.h>
#import <NSString.h>
#import <CkoDateTime.h>
#import <CkoPrivateKey.h>
#import <CkoRsa.h>
#import <CkoCert.h>
#import <CkoBinData.h>

BOOL success = NO;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoHttp *http = [[CkoHttp alloc] init];

// Implements the following CURL command:

// curl --request GET \
//   --url https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts \
//   --header 'accept: application/json' \
//   --header 'authorization: Bearer REPLACE_BEARER_TOKEN' \
//   --header 'date: REPLACE_THIS_VALUE' \
//   --header 'digest: REPLACE_THIS_VALUE' \
//   --header 'psu-ip-address: OPTIONAL' \
//   --header 'signature: REPLACE_THIS_VALUE' \
//   --header 'tpp-signature-certificate: MIIDkDCCAnigA ... cwE6gUl0rMA==' \
//   --header 'x-ibm-client-id: Client ID' \
//   --header 'x-request-id: REPLACE_THIS_VALUE'

// Load the previously fetched OAuth2 access token.
CkoJsonObject *jsonToken = [[CkoJsonObject alloc] init];
success = [jsonToken LoadFile: @"qa_data/tokens/rabobank.json"];
if (success == NO) {
    NSLog(@"%@",jsonToken.LastErrorText);
    return;
}

// This adds the "authorization: Bearer REPLACE_BEARER_TOKEN" header.
http.AuthToken = [jsonToken StringOf: @"access_token"];

// This is the TTP Signature certificate: The certificate used for signing the request.
CkoStringBuilder *sbTppCert = [[CkoStringBuilder alloc] init];
[sbTppCert Append: @"MIIDkDCCAnigAwIBAgIEWs3AJDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC"];
[sbTppCert Append: @"TkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxETAPBgNVBAoM"];
[sbTppCert Append: @"CFJhYm9iYW5rMRwwGgYDVQQLDBNPbmxpbmUgVHJhbnNhY3Rpb25zMSUwIwYDVQQD"];
[sbTppCert Append: @"DBxQU0QyIEFQSSBQSSBTZXJ2aWNlcyBTYW5kYm94MB4XDTE4MDQxMTA3NTgyOFoX"];
[sbTppCert Append: @"DTIzMDQxMTA3NTgyOFowgYkxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0"];
[sbTppCert Append: @"MRAwDgYDVQQHDAdVdHJlY2h0MREwDwYDVQQKDAhSYWJvYmFuazEcMBoGA1UECwwT"];
[sbTppCert Append: @"T25saW5lIFRyYW5zYWN0aW9uczElMCMGA1UEAwwcUFNEMiBBUEkgUEkgU2Vydmlj"];
[sbTppCert Append: @"ZXMgU2FuZGJveDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoAjqGW"];
[sbTppCert Append: @"UgCIm2F+0sBSEwLal+T3u+uldLikpxHCB8iL1GD7FrRjcA+MVsxhvHly7vRsHK+t"];
[sbTppCert Append: @"QyMSaeK782RHpY33qxPLc8LmoQLb2EuiQxXj9POYkYBQ74qkrZnvKVlR3WoyQWeD"];
[sbTppCert Append: @"OXnSY2wbNFfkP8ET4ElwyuIIEriwYhab0OIrnnrO8X82/SPZxHwEd3aQjQ6uhiw8"];
[sbTppCert Append: @"paDspJbS5WjEfuwY16KVVUYlhbtAwGjvc6aK0NBm+LH9fMLpAE6gfGZNy0gzMDor"];
[sbTppCert Append: @"VNbkQK1IoAGD8p9ZHdB0F3FwkILEjUiQW6nK+/fKDNJ0TBbpgZUpY8bR460qzxKd"];
[sbTppCert Append: @"eZ1yPDqX2Cjh6fkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYL4iD6noMJAt63kD"];
[sbTppCert Append: @"ED4RB2mII/lssvHhcxuDpOm3Ims9urubFWEpvV5TgIBAxy9PBinOdjhO1kGJJnYi"];
[sbTppCert Append: @"7F1jv1qnZwTV1JhYbvxv3+vk0jaiu7Ew7G3ASlzruXyMhN6t6jk9MpaWGl5Uw1T+"];
[sbTppCert Append: @"gNRUcWQRR44g3ahQRIS/UHkaV+vcpOa8j186/1X0ULHfbcVQk4LMmJeXqNs8sBAU"];
[sbTppCert Append: @"dKU/c6ssvj8jfJ4SfrurcBhY5UBTOdQOXTPY85aU3iFloerx7Oi9EHewxInOrU5X"];
[sbTppCert Append: @"zqqTz2AQPXezexVeAQxP27lzqCmYC7CFiam6QBr06VebkmnPLfs76n8CDc1cwE6g"];
[sbTppCert Append: @"Ul0rMA=="];
[http SetRequestHeader: @"tpp-signature-certificate" value: [sbTppCert GetAsString]];

// ----------------------------------------------------------------
// We're not going to add the psu-ip-address header in this example.

// ----------------------------------------------------------------
// X-Request-ID header...
// Generate a UUID v4.
CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];
NSString *xRequestId = [crypt GenerateUuid];
[http SetRequestHeader: @"x-request-id" value: xRequestId];

// ----------------------------------------------------------------
// Date header...
CkoDateTime *dt = [[CkoDateTime alloc] init];
[dt SetFromCurrentSystemTime];
NSString *dateHdrVal = [dt GetAsRfc822: NO];
// The desire date/time format is the "RFC822" format.
[http SetRequestHeader: @"Date" value: dateHdrVal];

// ----------------------------------------------------------------
// Digest header...
crypt.HashAlgorithm = @"SHA256";
crypt.EncodingMode = @"base64";
// A GET request has no HTTP request body.  Therefore the payload is the empty string.
NSString *payload = @"";
NSString *payloadDigest = [crypt HashStringENC: payload];
CkoStringBuilder *sbDigestHdrVal = [[CkoStringBuilder alloc] init];
[sbDigestHdrVal Append: @"SHA-256="];
[sbDigestHdrVal Append: payloadDigest];
[http SetRequestHeader: @"digest" value: [sbDigestHdrVal GetAsString]];

// ----------------------------------------------------------------
// The HTTP request needs to be signed for PSD2 API's...
// Create the signing string (to use in signing the HTTP request).
// See https://developer.rabobank.nl/signing-requests-psd2-apis
// 
// For "account information" HTTP requests, we must use the following headers in the signing string.
//    date
//    digest
//    x-request-id

CkoStringBuilder *sbStringToSign = [[CkoStringBuilder alloc] init];
[sbStringToSign Append: @"date: "];
[sbStringToSign AppendLine: dateHdrVal crlf: NO];
[sbStringToSign Append: @"digest: "];
[sbStringToSign AppendLine: [sbDigestHdrVal GetAsString] crlf: NO];
[sbStringToSign Append: @"x-request-id: "];
[sbStringToSign Append: xRequestId];

// ----------------------------------------------------------------
// Sign with our private key...
CkoStringBuilder *sbPrivKey = [[CkoStringBuilder alloc] init];
[sbPrivKey Append: @"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaAI6hllIAiJth"];
[sbPrivKey Append: @"ftLAUhMC2pfk97vrpXS4pKcRwgfIi9Rg+xa0Y3APjFbMYbx5cu70bByvrUMjEmni"];
[sbPrivKey Append: @"u/NkR6WN96sTy3PC5qEC29hLokMV4/TzmJGAUO+KpK2Z7ylZUd1qMkFngzl50mNs"];
[sbPrivKey Append: @"GzRX5D/BE+BJcMriCBK4sGIWm9DiK556zvF/Nv0j2cR8BHd2kI0OroYsPKWg7KSW"];
[sbPrivKey Append: @"0uVoxH7sGNeilVVGJYW7QMBo73OmitDQZvix/XzC6QBOoHxmTctIMzA6K1TW5ECt"];
[sbPrivKey Append: @"SKABg/KfWR3QdBdxcJCCxI1IkFupyvv3ygzSdEwW6YGVKWPG0eOtKs8SnXmdcjw6"];
[sbPrivKey Append: @"l9go4en5AgMBAAECggEAB8nsTqalwGIhFw8mbXuhNUFlGuek/arYLD6pv28swwQH"];
[sbPrivKey Append: @"7v0ZlxFUcCHF+iBl0PsDwZTZQ4ePtgGS6ehoLkWHCzb1lEv5E1YVG5qKNE2UUwRl"];
[sbPrivKey Append: @"fIyPakO6AzyV/UF3uzq7C+/GuXGNTKZxKewg5yD/DCFvKoCOpxu9u36FyqP/hw0S"];
[sbPrivKey Append: @"ADVlmp35/zoPDPZzu1j4FiCo0pJ9LwJcHxeJHopNAKDw9k6I4z/grskdgupsGzK2"];
[sbPrivKey Append: @"BiGiQ/+wmmO68/6Xa6KWfpr1PQ6ODJHgzZsdGCVi6Ebaqlj6BbsYWxP6h3lrsGt+"];
[sbPrivKey Append: @"LmHBaN2jCD6cDp+lihqFgnm8hfdv0lmbPilp71EDfwKBgQD6U8PBzZtN8yXm5WuS"];
[sbPrivKey Append: @"NL+/8q5GjNmeTJBSo1gM6Y8vOT4QAE147LbVuVBDwyHPoSrNejePae6Q14PswjBy"];
[sbPrivKey Append: @"T7B8DZ0OeQyGa3trrFg/ib7Vv4ZMvJqX9+WzBrzZsxTg7oCKHzmCR4vIRItKHH3z"];
[sbPrivKey Append: @"Wnnhqlo8ic2AZ2O43cdJosbO1wKBgQDe8UODOLu0vnHohOKeUqF3w/ZOB2+83/js"];
[sbPrivKey Append: @"YyUbSkzsGvHIwTjObuMUFTQvdMZ6IkIyJdfnDZIbvlBSD8tzL5iKFTNCK2nL1i4G"];
[sbPrivKey Append: @"iFr0CYLaHAlhJ5GEbTrTMDoJeBPerZq83HPrSa/Wb0xO18QTWsoVQPFfPFbbcQyI"];
[sbPrivKey Append: @"9ryJ2iIDrwKBgQC6kuAefG46ZPVk6K2KZUJdgDUgZC52a75NuW0RAqszmUiGiJM1"];
[sbPrivKey Append: @"g8ip9tq6BqAWrprGV0c93shusBKlzf5p1LdHXqYmeVY6gbWVhPipMrNHgN5KJ3BZ"];
[sbPrivKey Append: @"v+w1yNnMsErpcxne2HL2hPjMJTpj3GSLkm2xIlTrNhIyl9ydlr7IRUhENQKBgQCv"];
[sbPrivKey Append: @"i6HxbXa/90WSJTCcIcxqla8X+dsOCf3jhJ3vQy4Wq5C+1wZ35fCAG8Ifq/+so9Uj"];
[sbPrivKey Append: @"z5CVqqXlmpF8TFuSs2OVNuRJsg14J4nOMwgLKIIUZAcurQ10DN5I9Kx+UEK1EFXL"];
[sbPrivKey Append: @"aHsORdNjMfgQDO2jn9WHrr9gkg6CdB2+qyoCEfS+mQKBgBW08lcy9V5RzRWb/v/j"];
[sbPrivKey Append: @"xsc7ovmgAhCJhDeV7dPbx4HbFeoQJlbA8g1thdcFlcatSGyNDbvNE1GPSd4NhkpR"];
[sbPrivKey Append: @"Y6Hfv53kdEzjVkEtU8lUdL7HNVJqX7bU7oZlfbYcwxWQ1Gg8C1oLIAyEt71slQtd"];
[sbPrivKey Append: @"RiNYBRZTQe2F0wxbXnuUqLAw"];

CkoPrivateKey *privKey = [[CkoPrivateKey alloc] init];
success = [privKey LoadPem: [sbPrivKey GetAsString]];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

CkoRsa *rsa = [[CkoRsa alloc] init];
success = [rsa UsePrivateKey: privKey];
if (success == NO) {
    NSLog(@"%@",rsa.LastErrorText);
    return;
}

rsa.EncodingMode = @"base64";
NSString *b64Signature = [rsa SignStringENC: [sbStringToSign GetAsString] hashAlg: @"SHA256"];

// ----------------------------------------------------------------
// Add the "signature" header.
// 
// The signature header will look like this:
// signature: keyId="1523433508",algorithm="rsa-sha512",headers="date digest x-request-id",signature="y5o7gKxmfA6AT6...blE1A9Q=="
// 
// The keyId is the serial number of the certificate as defined in 'TPP-Signing-Certificate' header, the format should be Integer not hex. 
CkoCert *cert = [[CkoCert alloc] init];
success = [cert SetFromEncoded: [sbTppCert GetAsString]];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

CkoStringBuilder *sbSigHdrVal = [[CkoStringBuilder alloc] init];
[sbSigHdrVal Append: @"keyId=\""];
[sbSigHdrVal Append: cert.SerialDecimal];
[sbSigHdrVal Append: @"\","];
[sbSigHdrVal Append: @"algorithm=\"rsa-sha256\","];
[sbSigHdrVal Append: @"headers=\"date digest x-request-id\","];
[sbSigHdrVal Append: @"signature=\""];
[sbSigHdrVal Append: b64Signature];
[sbSigHdrVal Append: @"\""];

[http SetRequestHeader: @"signature" value: [sbSigHdrVal GetAsString]];

// ----------------------------------------------------------------
// Add remaining headers...

[http SetRequestHeader: @"x-ibm-client-id" value: @"YOUR_APP_CLIENT_ID"];
[http SetRequestHeader: @"accept" value: @"application/json"];

// ----------------------------------------------------------------
// Add our certificate and key for mutual TLS 
// (provide a registered X509 client certificate during TLS handhake)

CkoCert *tlsCert = [[CkoCert alloc] init];
success = [tlsCert LoadFromFile: @"qa_data/certs_and_keys/ING/example_client_tls.cer"];
if (success == NO) {
    NSLog(@"%@",tlsCert.LastErrorText);
    return;
}

CkoBinData *bdPrivKey = [[CkoBinData alloc] init];
success = [bdPrivKey LoadFile: @"qa_data/certs_and_keys/ING/example_client_tls.key"];
if (success == NO) {
    NSLog(@"%@",@"Failed to load example_client_tls.key");
    return;
}

// The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. 
// Please note down this client_id since you will need it in the next steps to call the API.

CkoPrivateKey *tlsPrivKey = [[CkoPrivateKey alloc] init];
success = [tlsPrivKey LoadAnyFormat: bdPrivKey password: @""];
if (success == NO) {
    NSLog(@"%@",tlsPrivKey.LastErrorText);
    return;
}

// Associate the private key with the certificate.
success = [tlsCert SetPrivateKey: tlsPrivKey];
if (success == NO) {
    NSLog(@"%@",tlsCert.LastErrorText);
    return;
}

success = [http SetSslClientCert: tlsCert];
if (success == NO) {
    NSLog(@"%@",http.LastErrorText);
    return;
}

// ----------------------------------------------------------------
// Finally, send the request...

CkoStringBuilder *sbResponseBody = [[CkoStringBuilder alloc] init];
success = [http QuickGetSb: @"https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts" sbContent: sbResponseBody];
if (success == NO) {
    NSLog(@"%@",http.LastErrorText);
    NSLog(@"%@",[sbResponseBody GetAsString]);
    return;
}

CkoJsonObject *jResp = [[CkoJsonObject alloc] init];
[jResp LoadSb: sbResponseBody];
jResp.EmitCompact = NO;

NSLog(@"%@",@"Response Body:");
NSLog(@"%@",[jResp Emit]);

int respStatusCode = [http.LastStatus intValue];
NSLog(@"%@%d",@"Response Status Code = ",respStatusCode);
if (respStatusCode >= 400) {
    NSLog(@"%@",@"Response Header:");
    NSLog(@"%@",http.LastHeader);
    NSLog(@"%@",@"Failed.");
    return;
}

// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)

// {
//   "accounts": [
//     {
//       "_links": {
//         "account": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
//         "balances": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/balances",
//         "transactions": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/transactions"
//       },
//       "currency": "EUR",
//       "iban": "NL05RABO0812836782",
//       "name": "Rosie Roy",
//       "resourceId": "dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
//       "status": "enabled"
//     }
//   ]
// }

// Sample code for parsing the JSON response...
// Use the following online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON

NSString *v_linksAccount = 0;
NSString *v_linksBalances = 0;
NSString *v_linksTransactions = 0;
NSString *currency = 0;
NSString *iban = 0;
NSString *name = 0;
NSString *resourceId = 0;
NSString *status = 0;

int i = 0;
int count_i = [[jResp SizeOfArray: @"accounts"] intValue];
while (i < count_i) {
    jResp.I = [NSNumber numberWithInt: i];
    v_linksAccount = [jResp StringOf: @"accounts[i]._links.account"];
    v_linksBalances = [jResp StringOf: @"accounts[i]._links.balances"];
    v_linksTransactions = [jResp StringOf: @"accounts[i]._links.transactions"];
    currency = [jResp StringOf: @"accounts[i].currency"];
    iban = [jResp StringOf: @"accounts[i].iban"];
    name = [jResp StringOf: @"accounts[i].name"];
    resourceId = [jResp StringOf: @"accounts[i].resourceId"];
    status = [jResp StringOf: @"accounts[i].status"];
    i = i + 1;
}