Go
Go
ING Open Banking OAuth2 Client Credentials
See more OAuth2 Examples
Demonstrates how to get an access token for the ING Open Banking APIs using client credentials.Chilkat Go Downloads
success := false
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
cert := chilkat.NewCert()
success = cert.LoadFromFile("qa_data/certs_and_keys/ING/example_client_tls.cer")
if success == false {
fmt.Println(cert.LastErrorText())
cert.DisposeCert()
return
}
bdPrivKey := chilkat.NewBinData()
success = bdPrivKey.LoadFile("qa_data/certs_and_keys/ING/example_client_tls.key")
if success == false {
fmt.Println("Failed to load example_client_tls.key")
cert.DisposeCert()
bdPrivKey.DisposeBinData()
return
}
// The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd.
// Please note down this client_id since you will need it in the next steps to call the API.
privKey := chilkat.NewPrivateKey()
success = privKey.LoadAnyFormat(bdPrivKey,"")
if success == false {
fmt.Println(privKey.LastErrorText())
cert.DisposeCert()
bdPrivKey.DisposeBinData()
privKey.DisposePrivateKey()
return
}
// Associate the private key with the certificate.
success = cert.SetPrivateKey(privKey)
if success == false {
fmt.Println(cert.LastErrorText())
cert.DisposeCert()
bdPrivKey.DisposeBinData()
privKey.DisposePrivateKey()
return
}
http := chilkat.NewHttp()
success = http.SetSslClientCert(cert)
if success == false {
fmt.Println(http.LastErrorText())
cert.DisposeCert()
bdPrivKey.DisposeBinData()
privKey.DisposePrivateKey()
http.DisposeHttp()
return
}
// Calculate the Digest and add the "Digest" header. Do the equivalent of this:
// payload="grant_type=client_credentials"
// payloadDigest=`echo -n "$payload" | openssl dgst -binary -sha256 | openssl base64`
// digest=SHA-256=$payloadDigest
crypt := chilkat.NewCrypt2()
crypt.SetHashAlgorithm("SHA256")
crypt.SetEncodingMode("base64")
payload := "grant_type=client_credentials"
payloadDigest := crypt.HashStringENC(payload)
// Calculate the current date/time and add the Date header.
// reqDate=$(LC_TIME=en_US.UTF-8 date -u "+%a, %d %b %Y %H:%M:%S GMT")
dt := chilkat.NewCkDateTime()
dt.SetFromCurrentSystemTime()
// The desire date/time format is the "RFC822" format.
http.SetRequestHeader("Date",*dt.GetAsRfc822(false))
// Calculate signature for signing your request
// Duplicate the following code:
// httpMethod="post"
// reqPath="/oauth2/token"
// signingString="(request-target): $httpMethod $reqPath
// date: $reqDate
// digest: $digest"
// signature=`printf "$signingString" | openssl dgst -sha256 -sign "${certPath}example_client_signing.key" -passin "pass:changeit" | openssl base64 -A`
httpMethod := "POST"
reqPath := "/oauth2/token"
sbStringToSign := chilkat.NewStringBuilder()
sbStringToSign.Append("(request-target): ")
sbStringToSign.Append(httpMethod)
sbStringToSign.ToLowercase()
sbStringToSign.Append(" ")
sbStringToSign.AppendLine(reqPath,false)
sbStringToSign.Append("date: ")
sbStringToSign.AppendLine(*dt.GetAsRfc822(false),false)
sbStringToSign.Append("digest: SHA-256=")
sbStringToSign.Append(*payloadDigest)
signingPrivKey := chilkat.NewPrivateKey()
success = signingPrivKey.LoadPemFile("qa_data/certs_and_keys/ING/example_client_signing.key")
if success == false {
fmt.Println(signingPrivKey.LastErrorText())
cert.DisposeCert()
bdPrivKey.DisposeBinData()
privKey.DisposePrivateKey()
http.DisposeHttp()
crypt.DisposeCrypt2()
dt.DisposeCkDateTime()
sbStringToSign.DisposeStringBuilder()
signingPrivKey.DisposePrivateKey()
return
}
rsa := chilkat.NewRsa()
success = rsa.UsePrivateKey(signingPrivKey)
if success == false {
fmt.Println(rsa.LastErrorText())
cert.DisposeCert()
bdPrivKey.DisposeBinData()
privKey.DisposePrivateKey()
http.DisposeHttp()
crypt.DisposeCrypt2()
dt.DisposeCkDateTime()
sbStringToSign.DisposeStringBuilder()
signingPrivKey.DisposePrivateKey()
rsa.DisposeRsa()
return
}
rsa.SetEncodingMode("base64")
b64Signature := rsa.SignStringENC(*sbStringToSign.GetAsString(),"SHA256")
sbAuthHdrVal := chilkat.NewStringBuilder()
sbAuthHdrVal.Append("Signature keyId=\"e77d776b-90af-4684-bebc-521e5b2614dd\",")
sbAuthHdrVal.Append("algorithm=\"rsa-sha256\",")
sbAuthHdrVal.Append("headers=\"(request-target) date digest\",")
sbAuthHdrVal.Append("signature=\"")
sbAuthHdrVal.Append(b64Signatur*b64Signature)
sbAuthHdrVal.Append("\"")
sbDigestHdrVal := chilkat.NewStringBuilder()
sbDigestHdrVal.Append("SHA-256=")
sbDigestHdrVal.Append(*payloadDigest)
// Do the following CURL statement:
// curl -i -X POST "${httpHost}${reqPath}" \
// -H 'Accept: application/json' \
// -H 'Content-Type: application/x-www-form-urlencoded' \
// -H "Digest: ${digest}" \
// -H "Date: ${reqDate}" \
// -H "authorization: Signature keyId=\"$keyId\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"$signature\"" \
// -d "${payload}" \
// --cert "${certPath}tlsCert.crt" \
// --key "${certPath}tlsCert.key"
req := chilkat.NewHttpRequest()
req.AddParam("grant_type","client_credentials")
req.AddHeader("Accept","application/json")
req.AddHeader("Date",*dt.GetAsRfc822(false))
req.AddHeader("Digest",*sbDigestHdrVal.GetAsString())
req.AddHeader("Authorization",*sbAuthHdrVal.GetAsString())
req.SetHttpVerb("POST")
req.SetContentType("application/x-www-form-urlencoded")
resp := chilkat.NewHttpResponse()
success = http.HttpReq("https://api.sandbox.ing.com/oauth2/token",req,resp)
if success == false {
fmt.Println(http.LastErrorText())
cert.DisposeCert()
bdPrivKey.DisposeBinData()
privKey.DisposePrivateKey()
http.DisposeHttp()
crypt.DisposeCrypt2()
dt.DisposeCkDateTime()
sbStringToSign.DisposeStringBuilder()
signingPrivKey.DisposePrivateKey()
rsa.DisposeRsa()
sbAuthHdrVal.DisposeStringBuilder()
sbDigestHdrVal.DisposeStringBuilder()
req.DisposeHttpRequest()
resp.DisposeHttpResponse()
return
}
// If successful, the status code = 200
fmt.Println("Response Status Code: ", resp.StatusCode())
fmt.Println(resp.BodyStr())
json := chilkat.NewJsonObject()
json.Load(resp.BodyStr())
json.SetEmitCompact(false)
fmt.Println(*json.Emit())
// A successful response contains an access token such as:
// {
// "access_token": "eyJhbGc ... bxI_SoPOBH9xmoM",
// "expires_in": 905,
// "scope": "payment-requests:view payment-requests:create payment-requests:close greetings:view virtual-ledger-accounts:fund-reservation:create virtual-ledger-accounts:fund-reservation:delete virtual-ledger-accounts:balance:view",
// "token_type": "Bearer",
// "keys": [
// {
// "kty": "RSA",
// "n": "3l3rdz4...04VPkdV",
// "e": "AQAB",
// "use": "sig",
// "alg": "RS256",
// "x5t": "3c396700fc8cd709cf9cb5452a22bcde76985851"
// }
// ],
// "client_id": "e77d776b-90af-4684-bebc-521e5b2614dd"
// }
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
var kty *string = new(string)
var n *string = new(string)
var e *string = new(string)
var use *string = new(string)
var alg *string = new(string)
var x5t *string = new(string)
access_token := json.StringOf("access_token")
expires_in := json.IntOf("expires_in")
scope := json.StringOf("scope")
token_type := json.StringOf("token_type")
client_id := json.StringOf("client_id")
i := 0
count_i := json.SizeOfArray("keys")
for i < count_i {
json.SetI(i)
kty = json.StringOf("keys[i].kty")
n = json.StringOf("keys[i].n")
e = json.StringOf("keys[i].e")
use = json.StringOf("keys[i].use")
alg = json.StringOf("keys[i].alg")
x5t = json.StringOf("keys[i].x5t")
i = i + 1
}
// This example will save the JSON containing the access key to a file so that
// a subsequent example can load it and then use the access key for a request, such as to create a payment request.
json.WriteFile("qa_data/tokens/ing_access_token.json")
cert.DisposeCert()
bdPrivKey.DisposeBinData()
privKey.DisposePrivateKey()
http.DisposeHttp()
crypt.DisposeCrypt2()
dt.DisposeCkDateTime()
sbStringToSign.DisposeStringBuilder()
signingPrivKey.DisposePrivateKey()
rsa.DisposeRsa()
sbAuthHdrVal.DisposeStringBuilder()
sbDigestHdrVal.DisposeStringBuilder()
req.DisposeHttpRequest()
resp.DisposeHttpResponse()
json.DisposeJsonObject()