Sample code for 30+ languages & platforms
Unicode C++

Rabobank GET /v3/accounts

See more Rabobank Examples

Demonstrates a call to a Rabobank API. Specifically this makes a call to the "Accounts AIS sb" API to deliver all the consented payments accounts for a specific Rabobank customer.

(This includes source code to for signing requests for PSD2 APIs)

Chilkat Unicode C++ Downloads

Unicode C++
#include <CkHttpW.h>
#include <CkJsonObjectW.h>
#include <CkStringBuilderW.h>
#include <CkCrypt2W.h>
#include <CkDateTimeW.h>
#include <CkPrivateKeyW.h>
#include <CkRsaW.h>
#include <CkCertW.h>
#include <CkBinDataW.h>

void ChilkatSample(void)
    {
    bool success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkHttpW http;

    // Implements the following CURL command:

    // curl --request GET \
    //   --url https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts \
    //   --header 'accept: application/json' \
    //   --header 'authorization: Bearer REPLACE_BEARER_TOKEN' \
    //   --header 'date: REPLACE_THIS_VALUE' \
    //   --header 'digest: REPLACE_THIS_VALUE' \
    //   --header 'psu-ip-address: OPTIONAL' \
    //   --header 'signature: REPLACE_THIS_VALUE' \
    //   --header 'tpp-signature-certificate: MIIDkDCCAnigA ... cwE6gUl0rMA==' \
    //   --header 'x-ibm-client-id: Client ID' \
    //   --header 'x-request-id: REPLACE_THIS_VALUE'

    // Load the previously fetched OAuth2 access token.
    CkJsonObjectW jsonToken;
    success = jsonToken.LoadFile(L"qa_data/tokens/rabobank.json");
    if (success == false) {
        wprintf(L"%s\n",jsonToken.lastErrorText());
        return;
    }

    // This adds the "authorization: Bearer REPLACE_BEARER_TOKEN" header.
    http.put_AuthToken(jsonToken.stringOf(L"access_token"));

    // This is the TTP Signature certificate: The certificate used for signing the request.
    CkStringBuilderW sbTppCert;
    sbTppCert.Append(L"MIIDkDCCAnigAwIBAgIEWs3AJDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC");
    sbTppCert.Append(L"TkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxETAPBgNVBAoM");
    sbTppCert.Append(L"CFJhYm9iYW5rMRwwGgYDVQQLDBNPbmxpbmUgVHJhbnNhY3Rpb25zMSUwIwYDVQQD");
    sbTppCert.Append(L"DBxQU0QyIEFQSSBQSSBTZXJ2aWNlcyBTYW5kYm94MB4XDTE4MDQxMTA3NTgyOFoX");
    sbTppCert.Append(L"DTIzMDQxMTA3NTgyOFowgYkxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0");
    sbTppCert.Append(L"MRAwDgYDVQQHDAdVdHJlY2h0MREwDwYDVQQKDAhSYWJvYmFuazEcMBoGA1UECwwT");
    sbTppCert.Append(L"T25saW5lIFRyYW5zYWN0aW9uczElMCMGA1UEAwwcUFNEMiBBUEkgUEkgU2Vydmlj");
    sbTppCert.Append(L"ZXMgU2FuZGJveDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoAjqGW");
    sbTppCert.Append(L"UgCIm2F+0sBSEwLal+T3u+uldLikpxHCB8iL1GD7FrRjcA+MVsxhvHly7vRsHK+t");
    sbTppCert.Append(L"QyMSaeK782RHpY33qxPLc8LmoQLb2EuiQxXj9POYkYBQ74qkrZnvKVlR3WoyQWeD");
    sbTppCert.Append(L"OXnSY2wbNFfkP8ET4ElwyuIIEriwYhab0OIrnnrO8X82/SPZxHwEd3aQjQ6uhiw8");
    sbTppCert.Append(L"paDspJbS5WjEfuwY16KVVUYlhbtAwGjvc6aK0NBm+LH9fMLpAE6gfGZNy0gzMDor");
    sbTppCert.Append(L"VNbkQK1IoAGD8p9ZHdB0F3FwkILEjUiQW6nK+/fKDNJ0TBbpgZUpY8bR460qzxKd");
    sbTppCert.Append(L"eZ1yPDqX2Cjh6fkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYL4iD6noMJAt63kD");
    sbTppCert.Append(L"ED4RB2mII/lssvHhcxuDpOm3Ims9urubFWEpvV5TgIBAxy9PBinOdjhO1kGJJnYi");
    sbTppCert.Append(L"7F1jv1qnZwTV1JhYbvxv3+vk0jaiu7Ew7G3ASlzruXyMhN6t6jk9MpaWGl5Uw1T+");
    sbTppCert.Append(L"gNRUcWQRR44g3ahQRIS/UHkaV+vcpOa8j186/1X0ULHfbcVQk4LMmJeXqNs8sBAU");
    sbTppCert.Append(L"dKU/c6ssvj8jfJ4SfrurcBhY5UBTOdQOXTPY85aU3iFloerx7Oi9EHewxInOrU5X");
    sbTppCert.Append(L"zqqTz2AQPXezexVeAQxP27lzqCmYC7CFiam6QBr06VebkmnPLfs76n8CDc1cwE6g");
    sbTppCert.Append(L"Ul0rMA==");
    http.SetRequestHeader(L"tpp-signature-certificate",sbTppCert.getAsString());

    // ----------------------------------------------------------------
    // We're not going to add the psu-ip-address header in this example.

    // ----------------------------------------------------------------
    // X-Request-ID header...
    // Generate a UUID v4.
    CkCrypt2W crypt;
    const wchar_t *xRequestId = crypt.generateUuid();
    http.SetRequestHeader(L"x-request-id",xRequestId);

    // ----------------------------------------------------------------
    // Date header...
    CkDateTimeW dt;
    dt.SetFromCurrentSystemTime();
    const wchar_t *dateHdrVal = dt.getAsRfc822(false);
    // The desire date/time format is the "RFC822" format.
    http.SetRequestHeader(L"Date",dateHdrVal);

    // ----------------------------------------------------------------
    // Digest header...
    crypt.put_HashAlgorithm(L"SHA256");
    crypt.put_EncodingMode(L"base64");
    // A GET request has no HTTP request body.  Therefore the payload is the empty string.
    const wchar_t *payload = L"";
    const wchar_t *payloadDigest = crypt.hashStringENC(payload);
    CkStringBuilderW sbDigestHdrVal;
    sbDigestHdrVal.Append(L"SHA-256=");
    sbDigestHdrVal.Append(payloadDigest);
    http.SetRequestHeader(L"digest",sbDigestHdrVal.getAsString());

    // ----------------------------------------------------------------
    // The HTTP request needs to be signed for PSD2 API's...
    // Create the signing string (to use in signing the HTTP request).
    // See https://developer.rabobank.nl/signing-requests-psd2-apis
    // 
    // For "account information" HTTP requests, we must use the following headers in the signing string.
    //    date
    //    digest
    //    x-request-id

    CkStringBuilderW sbStringToSign;
    sbStringToSign.Append(L"date: ");
    sbStringToSign.AppendLine(dateHdrVal,false);
    sbStringToSign.Append(L"digest: ");
    sbStringToSign.AppendLine(sbDigestHdrVal.getAsString(),false);
    sbStringToSign.Append(L"x-request-id: ");
    sbStringToSign.Append(xRequestId);

    // ----------------------------------------------------------------
    // Sign with our private key...
    CkStringBuilderW sbPrivKey;
    sbPrivKey.Append(L"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaAI6hllIAiJth");
    sbPrivKey.Append(L"ftLAUhMC2pfk97vrpXS4pKcRwgfIi9Rg+xa0Y3APjFbMYbx5cu70bByvrUMjEmni");
    sbPrivKey.Append(L"u/NkR6WN96sTy3PC5qEC29hLokMV4/TzmJGAUO+KpK2Z7ylZUd1qMkFngzl50mNs");
    sbPrivKey.Append(L"GzRX5D/BE+BJcMriCBK4sGIWm9DiK556zvF/Nv0j2cR8BHd2kI0OroYsPKWg7KSW");
    sbPrivKey.Append(L"0uVoxH7sGNeilVVGJYW7QMBo73OmitDQZvix/XzC6QBOoHxmTctIMzA6K1TW5ECt");
    sbPrivKey.Append(L"SKABg/KfWR3QdBdxcJCCxI1IkFupyvv3ygzSdEwW6YGVKWPG0eOtKs8SnXmdcjw6");
    sbPrivKey.Append(L"l9go4en5AgMBAAECggEAB8nsTqalwGIhFw8mbXuhNUFlGuek/arYLD6pv28swwQH");
    sbPrivKey.Append(L"7v0ZlxFUcCHF+iBl0PsDwZTZQ4ePtgGS6ehoLkWHCzb1lEv5E1YVG5qKNE2UUwRl");
    sbPrivKey.Append(L"fIyPakO6AzyV/UF3uzq7C+/GuXGNTKZxKewg5yD/DCFvKoCOpxu9u36FyqP/hw0S");
    sbPrivKey.Append(L"ADVlmp35/zoPDPZzu1j4FiCo0pJ9LwJcHxeJHopNAKDw9k6I4z/grskdgupsGzK2");
    sbPrivKey.Append(L"BiGiQ/+wmmO68/6Xa6KWfpr1PQ6ODJHgzZsdGCVi6Ebaqlj6BbsYWxP6h3lrsGt+");
    sbPrivKey.Append(L"LmHBaN2jCD6cDp+lihqFgnm8hfdv0lmbPilp71EDfwKBgQD6U8PBzZtN8yXm5WuS");
    sbPrivKey.Append(L"NL+/8q5GjNmeTJBSo1gM6Y8vOT4QAE147LbVuVBDwyHPoSrNejePae6Q14PswjBy");
    sbPrivKey.Append(L"T7B8DZ0OeQyGa3trrFg/ib7Vv4ZMvJqX9+WzBrzZsxTg7oCKHzmCR4vIRItKHH3z");
    sbPrivKey.Append(L"Wnnhqlo8ic2AZ2O43cdJosbO1wKBgQDe8UODOLu0vnHohOKeUqF3w/ZOB2+83/js");
    sbPrivKey.Append(L"YyUbSkzsGvHIwTjObuMUFTQvdMZ6IkIyJdfnDZIbvlBSD8tzL5iKFTNCK2nL1i4G");
    sbPrivKey.Append(L"iFr0CYLaHAlhJ5GEbTrTMDoJeBPerZq83HPrSa/Wb0xO18QTWsoVQPFfPFbbcQyI");
    sbPrivKey.Append(L"9ryJ2iIDrwKBgQC6kuAefG46ZPVk6K2KZUJdgDUgZC52a75NuW0RAqszmUiGiJM1");
    sbPrivKey.Append(L"g8ip9tq6BqAWrprGV0c93shusBKlzf5p1LdHXqYmeVY6gbWVhPipMrNHgN5KJ3BZ");
    sbPrivKey.Append(L"v+w1yNnMsErpcxne2HL2hPjMJTpj3GSLkm2xIlTrNhIyl9ydlr7IRUhENQKBgQCv");
    sbPrivKey.Append(L"i6HxbXa/90WSJTCcIcxqla8X+dsOCf3jhJ3vQy4Wq5C+1wZ35fCAG8Ifq/+so9Uj");
    sbPrivKey.Append(L"z5CVqqXlmpF8TFuSs2OVNuRJsg14J4nOMwgLKIIUZAcurQ10DN5I9Kx+UEK1EFXL");
    sbPrivKey.Append(L"aHsORdNjMfgQDO2jn9WHrr9gkg6CdB2+qyoCEfS+mQKBgBW08lcy9V5RzRWb/v/j");
    sbPrivKey.Append(L"xsc7ovmgAhCJhDeV7dPbx4HbFeoQJlbA8g1thdcFlcatSGyNDbvNE1GPSd4NhkpR");
    sbPrivKey.Append(L"Y6Hfv53kdEzjVkEtU8lUdL7HNVJqX7bU7oZlfbYcwxWQ1Gg8C1oLIAyEt71slQtd");
    sbPrivKey.Append(L"RiNYBRZTQe2F0wxbXnuUqLAw");

    CkPrivateKeyW privKey;
    success = privKey.LoadPem(sbPrivKey.getAsString());
    if (success == false) {
        wprintf(L"%s\n",privKey.lastErrorText());
        return;
    }

    CkRsaW rsa;
    success = rsa.UsePrivateKey(privKey);
    if (success == false) {
        wprintf(L"%s\n",rsa.lastErrorText());
        return;
    }

    rsa.put_EncodingMode(L"base64");
    const wchar_t *b64Signature = rsa.signStringENC(sbStringToSign.getAsString(),L"SHA256");

    // ----------------------------------------------------------------
    // Add the "signature" header.
    // 
    // The signature header will look like this:
    // signature: keyId="1523433508",algorithm="rsa-sha512",headers="date digest x-request-id",signature="y5o7gKxmfA6AT6...blE1A9Q=="
    // 
    // The keyId is the serial number of the certificate as defined in 'TPP-Signing-Certificate' header, the format should be Integer not hex. 
    CkCertW cert;
    success = cert.SetFromEncoded(sbTppCert.getAsString());
    if (success == false) {
        wprintf(L"%s\n",cert.lastErrorText());
        return;
    }

    CkStringBuilderW sbSigHdrVal;
    sbSigHdrVal.Append(L"keyId=\"");
    sbSigHdrVal.Append(cert.serialDecimal());
    sbSigHdrVal.Append(L"\",");
    sbSigHdrVal.Append(L"algorithm=\"rsa-sha256\",");
    sbSigHdrVal.Append(L"headers=\"date digest x-request-id\",");
    sbSigHdrVal.Append(L"signature=\"");
    sbSigHdrVal.Append(b64Signature);
    sbSigHdrVal.Append(L"\"");

    http.SetRequestHeader(L"signature",sbSigHdrVal.getAsString());

    // ----------------------------------------------------------------
    // Add remaining headers...

    http.SetRequestHeader(L"x-ibm-client-id",L"YOUR_APP_CLIENT_ID");
    http.SetRequestHeader(L"accept",L"application/json");

    // ----------------------------------------------------------------
    // Add our certificate and key for mutual TLS 
    // (provide a registered X509 client certificate during TLS handhake)

    CkCertW tlsCert;
    success = tlsCert.LoadFromFile(L"qa_data/certs_and_keys/ING/example_client_tls.cer");
    if (success == false) {
        wprintf(L"%s\n",tlsCert.lastErrorText());
        return;
    }

    CkBinDataW bdPrivKey;
    success = bdPrivKey.LoadFile(L"qa_data/certs_and_keys/ING/example_client_tls.key");
    if (success == false) {
        wprintf(L"Failed to load example_client_tls.key\n");
        return;
    }

    // The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. 
    // Please note down this client_id since you will need it in the next steps to call the API.

    CkPrivateKeyW tlsPrivKey;
    success = tlsPrivKey.LoadAnyFormat(bdPrivKey,L"");
    if (success == false) {
        wprintf(L"%s\n",tlsPrivKey.lastErrorText());
        return;
    }

    // Associate the private key with the certificate.
    success = tlsCert.SetPrivateKey(tlsPrivKey);
    if (success == false) {
        wprintf(L"%s\n",tlsCert.lastErrorText());
        return;
    }

    success = http.SetSslClientCert(tlsCert);
    if (success == false) {
        wprintf(L"%s\n",http.lastErrorText());
        return;
    }

    // ----------------------------------------------------------------
    // Finally, send the request...

    CkStringBuilderW sbResponseBody;
    success = http.QuickGetSb(L"https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts",sbResponseBody);
    if (success == false) {
        wprintf(L"%s\n",http.lastErrorText());
        wprintf(L"%s\n",sbResponseBody.getAsString());
        return;
    }

    CkJsonObjectW jResp;
    jResp.LoadSb(sbResponseBody);
    jResp.put_EmitCompact(false);

    wprintf(L"Response Body:\n");
    wprintf(L"%s\n",jResp.emit());

    int respStatusCode = http.get_LastStatus();
    wprintf(L"Response Status Code = %d\n",respStatusCode);
    if (respStatusCode >= 400) {
        wprintf(L"Response Header:\n");
        wprintf(L"%s\n",http.lastHeader());
        wprintf(L"Failed.\n");
        return;
    }

    // Sample JSON response:
    // (Sample code for parsing the JSON response is shown below)

    // {
    //   "accounts": [
    //     {
    //       "_links": {
    //         "account": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
    //         "balances": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/balances",
    //         "transactions": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/transactions"
    //       },
    //       "currency": "EUR",
    //       "iban": "NL05RABO0812836782",
    //       "name": "Rosie Roy",
    //       "resourceId": "dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
    //       "status": "enabled"
    //     }
    //   ]
    // }

    // Sample code for parsing the JSON response...
    // Use the following online tool to generate parsing code from sample JSON:
    // Generate Parsing Code from JSON

    const wchar_t *v_linksAccount = 0;
    const wchar_t *v_linksBalances = 0;
    const wchar_t *v_linksTransactions = 0;
    const wchar_t *currency = 0;
    const wchar_t *iban = 0;
    const wchar_t *name = 0;
    const wchar_t *resourceId = 0;
    const wchar_t *status = 0;

    int i = 0;
    int count_i = jResp.SizeOfArray(L"accounts");
    while (i < count_i) {
        jResp.put_I(i);
        v_linksAccount = jResp.stringOf(L"accounts[i]._links.account");
        v_linksBalances = jResp.stringOf(L"accounts[i]._links.balances");
        v_linksTransactions = jResp.stringOf(L"accounts[i]._links.transactions");
        currency = jResp.stringOf(L"accounts[i].currency");
        iban = jResp.stringOf(L"accounts[i].iban");
        name = jResp.stringOf(L"accounts[i].name");
        resourceId = jResp.stringOf(L"accounts[i].resourceId");
        status = jResp.stringOf(L"accounts[i].status");
        i = i + 1;
    }
    }