|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PHP Extension) ING Open Banking OAuth2 Client CredentialsDemonstrates how to get an access token for the ING Open Banking APIs using client credentials. For more information, see https://developer.ing.com/openbanking/get-started/openbanking
<?php // The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number. // For example, if using Chilkat v9.5.0.48, then include as shown here: include("chilkat_9_5_0.php"); // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. $cert = new CkCert(); $success = $cert->LoadFromFile('qa_data/certs_and_keys/ING/example_client_tls.cer'); if ($success == false) { print $cert->lastErrorText() . "\n"; exit; } $bdPrivKey = new CkBinData(); $success = $bdPrivKey->LoadFile('qa_data/certs_and_keys/ING/example_client_tls.key'); if ($success == false) { print 'Failed to load example_client_tls.key' . "\n"; exit; } // The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. // Please note down this client_id since you will need it in the next steps to call the API. $privKey = new CkPrivateKey(); $success = $privKey->LoadAnyFormat($bdPrivKey,''); if ($success == false) { print $privKey->lastErrorText() . "\n"; exit; } // Associate the private key with the certificate. $success = $cert->SetPrivateKey($privKey); if ($success == false) { print $cert->lastErrorText() . "\n"; exit; } $http = new CkHttp(); $success = $http->SetSslClientCert($cert); if ($success == false) { print $http->lastErrorText() . "\n"; exit; } // Calculate the Digest and add the "Digest" header. Do the equivalent of this: // payload="grant_type=client_credentials" // payloadDigest=`echo -n "$payload" | openssl dgst -binary -sha256 | openssl base64` // digest=SHA-256=$payloadDigest $crypt = new CkCrypt2(); $crypt->put_HashAlgorithm('SHA256'); $crypt->put_EncodingMode('base64'); $payload = 'grant_type=client_credentials'; $payloadDigest = $crypt->hashStringENC($payload); // Calculate the current date/time and add the Date header. // reqDate=$(LC_TIME=en_US.UTF-8 date -u "+%a, %d %b %Y %H:%M:%S GMT") $dt = new CkDateTime(); $dt->SetFromCurrentSystemTime(); // The desire date/time format is the "RFC822" format. $http->SetRequestHeader('Date',$dt->getAsRfc822(false)); // Calculate signature for signing your request // Duplicate the following code: // httpMethod="post" // reqPath="/oauth2/token" // signingString="(request-target): $httpMethod $reqPath // date: $reqDate // digest: $digest" // signature=`printf "$signingString" | openssl dgst -sha256 -sign "${certPath}example_client_signing.key" -passin "pass:changeit" | openssl base64 -A` $httpMethod = 'POST'; $reqPath = '/oauth2/token'; $sbStringToSign = new CkStringBuilder(); $sbStringToSign->Append('(request-target): '); $sbStringToSign->Append($httpMethod); $sbStringToSign->ToLowercase(); $sbStringToSign->Append(' '); $sbStringToSign->AppendLine($reqPath,false); $sbStringToSign->Append('date: '); $sbStringToSign->AppendLine($dt->getAsRfc822(false),false); $sbStringToSign->Append('digest: SHA-256='); $sbStringToSign->Append($payloadDigest); $signingPrivKey = new CkPrivateKey(); $success = $signingPrivKey->LoadPemFile('qa_data/certs_and_keys/ING/example_client_signing.key'); if ($success == false) { print $signingPrivKey->lastErrorText() . "\n"; exit; } $rsa = new CkRsa(); $success = $rsa->ImportPrivateKeyObj($signingPrivKey); if ($success == false) { print $rsa->lastErrorText() . "\n"; exit; } $rsa->put_EncodingMode('base64'); $b64Signature = $rsa->signStringENC($sbStringToSign->getAsString(),'SHA256'); $sbAuthHdrVal = new CkStringBuilder(); $sbAuthHdrVal->Append('Signature keyId=\'e77d776b-90af-4684-bebc-521e5b2614dd\','); $sbAuthHdrVal->Append('algorithm=\'rsa-sha256\','); $sbAuthHdrVal->Append('headers=\'(request-target) date digest\','); $sbAuthHdrVal->Append('signature=\''); $sbAuthHdrVal->Append($b64Signature); $sbAuthHdrVal->Append('\''); $sbDigestHdrVal = new CkStringBuilder(); $sbDigestHdrVal->Append('SHA-256='); $sbDigestHdrVal->Append($payloadDigest); // Do the following CURL statement: // curl -i -X POST "${httpHost}${reqPath}" \ // -H 'Accept: application/json' \ // -H 'Content-Type: application/x-www-form-urlencoded' \ // -H "Digest: ${digest}" \ // -H "Date: ${reqDate}" \ // -H "authorization: Signature keyId=\"$keyId\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"$signature\"" \ // -d "${payload}" \ // --cert "${certPath}tlsCert.crt" \ // --key "${certPath}tlsCert.key" $req = new CkHttpRequest(); $req->AddParam('grant_type','client_credentials'); $req->AddHeader('Accept','application/json'); $req->AddHeader('Date',$dt->getAsRfc822(false)); $req->AddHeader('Digest',$sbDigestHdrVal->getAsString()); $req->AddHeader('Authorization',$sbAuthHdrVal->getAsString()); // resp is a CkHttpResponse $resp = $http->PostUrlEncoded('https://api.sandbox.ing.com/oauth2/token',$req); if ($http->get_LastMethodSuccess() == false) { print $http->lastErrorText() . "\n"; exit; } // If successful, the status code = 200 print 'Response Status Code: ' . $resp->get_StatusCode() . "\n"; print $resp->bodyStr() . "\n"; $json = new CkJsonObject(); $json->Load($resp->bodyStr()); $json->put_EmitCompact(false); print $json->emit() . "\n"; // A successful response contains an access token such as: // { // "access_token": "eyJhbGc ... bxI_SoPOBH9xmoM", // "expires_in": 905, // "scope": "payment-requests:view payment-requests:create payment-requests:close greetings:view virtual-ledger-accounts:fund-reservation:create virtual-ledger-accounts:fund-reservation:delete virtual-ledger-accounts:balance:view", // "token_type": "Bearer", // "keys": [ // { // "kty": "RSA", // "n": "3l3rdz4...04VPkdV", // "e": "AQAB", // "use": "sig", // "alg": "RS256", // "x5t": "3c396700fc8cd709cf9cb5452a22bcde76985851" // } // ], // "client_id": "e77d776b-90af-4684-bebc-521e5b2614dd" // } // Use this online tool to generate parsing code from sample JSON: // Generate Parsing Code from JSON $access_token = $json->stringOf('access_token'); $expires_in = $json->IntOf('expires_in'); $scope = $json->stringOf('scope'); $token_type = $json->stringOf('token_type'); $client_id = $json->stringOf('client_id'); $i = 0; $count_i = $json->SizeOfArray('keys'); while ($i < $count_i) { $json->put_I($i); $kty = $json->stringOf('keys[i].kty'); $n = $json->stringOf('keys[i].n'); $e = $json->stringOf('keys[i].e'); $use = $json->stringOf('keys[i].use'); $alg = $json->stringOf('keys[i].alg'); $x5t = $json->stringOf('keys[i].x5t'); $i = $i + 1; } // This example will save the JSON containing the access key to a file so that // a subsequent example can load it and then use the access key for a request, such as to create a payment request. $json->WriteFile('qa_data/tokens/ing_access_token.json'); ?> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.