Sample code for 30+ languages & platforms
Go

Rabobank GET /v3/accounts

See more Rabobank Examples

Demonstrates a call to a Rabobank API. Specifically this makes a call to the "Accounts AIS sb" API to deliver all the consented payments accounts for a specific Rabobank customer.

(This includes source code to for signing requests for PSD2 APIs)

Chilkat Go Downloads

Go
    success := false

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    http := chilkat.NewHttp()

    // Implements the following CURL command:

    // curl --request GET \
    //   --url https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts \
    //   --header 'accept: application/json' \
    //   --header 'authorization: Bearer REPLACE_BEARER_TOKEN' \
    //   --header 'date: REPLACE_THIS_VALUE' \
    //   --header 'digest: REPLACE_THIS_VALUE' \
    //   --header 'psu-ip-address: OPTIONAL' \
    //   --header 'signature: REPLACE_THIS_VALUE' \
    //   --header 'tpp-signature-certificate: MIIDkDCCAnigA ... cwE6gUl0rMA==' \
    //   --header 'x-ibm-client-id: Client ID' \
    //   --header 'x-request-id: REPLACE_THIS_VALUE'

    // Load the previously fetched OAuth2 access token.
    jsonToken := chilkat.NewJsonObject()
    success = jsonToken.LoadFile("qa_data/tokens/rabobank.json")
    if success == false {
        fmt.Println(jsonToken.LastErrorText())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        return
    }

    // This adds the "authorization: Bearer REPLACE_BEARER_TOKEN" header.
    http.SetAuthToken(jsonToken.StringOf("access_token"))

    // This is the TTP Signature certificate: The certificate used for signing the request.
    sbTppCert := chilkat.NewStringBuilder()
    sbTppCert.Append("MIIDkDCCAnigAwIBAgIEWs3AJDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC")
    sbTppCert.Append("TkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxETAPBgNVBAoM")
    sbTppCert.Append("CFJhYm9iYW5rMRwwGgYDVQQLDBNPbmxpbmUgVHJhbnNhY3Rpb25zMSUwIwYDVQQD")
    sbTppCert.Append("DBxQU0QyIEFQSSBQSSBTZXJ2aWNlcyBTYW5kYm94MB4XDTE4MDQxMTA3NTgyOFoX")
    sbTppCert.Append("DTIzMDQxMTA3NTgyOFowgYkxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0")
    sbTppCert.Append("MRAwDgYDVQQHDAdVdHJlY2h0MREwDwYDVQQKDAhSYWJvYmFuazEcMBoGA1UECwwT")
    sbTppCert.Append("T25saW5lIFRyYW5zYWN0aW9uczElMCMGA1UEAwwcUFNEMiBBUEkgUEkgU2Vydmlj")
    sbTppCert.Append("ZXMgU2FuZGJveDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoAjqGW")
    sbTppCert.Append("UgCIm2F+0sBSEwLal+T3u+uldLikpxHCB8iL1GD7FrRjcA+MVsxhvHly7vRsHK+t")
    sbTppCert.Append("QyMSaeK782RHpY33qxPLc8LmoQLb2EuiQxXj9POYkYBQ74qkrZnvKVlR3WoyQWeD")
    sbTppCert.Append("OXnSY2wbNFfkP8ET4ElwyuIIEriwYhab0OIrnnrO8X82/SPZxHwEd3aQjQ6uhiw8")
    sbTppCert.Append("paDspJbS5WjEfuwY16KVVUYlhbtAwGjvc6aK0NBm+LH9fMLpAE6gfGZNy0gzMDor")
    sbTppCert.Append("VNbkQK1IoAGD8p9ZHdB0F3FwkILEjUiQW6nK+/fKDNJ0TBbpgZUpY8bR460qzxKd")
    sbTppCert.Append("eZ1yPDqX2Cjh6fkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYL4iD6noMJAt63kD")
    sbTppCert.Append("ED4RB2mII/lssvHhcxuDpOm3Ims9urubFWEpvV5TgIBAxy9PBinOdjhO1kGJJnYi")
    sbTppCert.Append("7F1jv1qnZwTV1JhYbvxv3+vk0jaiu7Ew7G3ASlzruXyMhN6t6jk9MpaWGl5Uw1T+")
    sbTppCert.Append("gNRUcWQRR44g3ahQRIS/UHkaV+vcpOa8j186/1X0ULHfbcVQk4LMmJeXqNs8sBAU")
    sbTppCert.Append("dKU/c6ssvj8jfJ4SfrurcBhY5UBTOdQOXTPY85aU3iFloerx7Oi9EHewxInOrU5X")
    sbTppCert.Append("zqqTz2AQPXezexVeAQxP27lzqCmYC7CFiam6QBr06VebkmnPLfs76n8CDc1cwE6g")
    sbTppCert.Append("Ul0rMA==")
    http.SetRequestHeader("tpp-signature-certificate",*sbTppCert.GetAsString())

    // ----------------------------------------------------------------
    // We're not going to add the psu-ip-address header in this example.

    // ----------------------------------------------------------------
    // X-Request-ID header...
    // Generate a UUID v4.
    crypt := chilkat.NewCrypt2()
    xRequestId := crypt.GenerateUuid()
    http.SetRequestHeader("x-request-id",*xRequestId)

    // ----------------------------------------------------------------
    // Date header...
    dt := chilkat.NewCkDateTime()
    dt.SetFromCurrentSystemTime()
    dateHdrVal := dt.GetAsRfc822(false)
    // The desire date/time format is the "RFC822" format.
    http.SetRequestHeader("Date",*dateHdrVal)

    // ----------------------------------------------------------------
    // Digest header...
    crypt.SetHashAlgorithm("SHA256")
    crypt.SetEncodingMode("base64")
    // A GET request has no HTTP request body.  Therefore the payload is the empty string.
    payload := ""
    payloadDigest := crypt.HashStringENC(payload)
    sbDigestHdrVal := chilkat.NewStringBuilder()
    sbDigestHdrVal.Append("SHA-256=")
    sbDigestHdrVal.Append(*payloadDigest)
    http.SetRequestHeader("digest",*sbDigestHdrVal.GetAsString())

    // ----------------------------------------------------------------
    // The HTTP request needs to be signed for PSD2 API's...
    // Create the signing string (to use in signing the HTTP request).
    // See https://developer.rabobank.nl/signing-requests-psd2-apis
    // 
    // For "account information" HTTP requests, we must use the following headers in the signing string.
    //    date
    //    digest
    //    x-request-id

    sbStringToSign := chilkat.NewStringBuilder()
    sbStringToSign.Append("date: ")
    sbStringToSign.AppendLine(*dateHdrVal,false)
    sbStringToSign.Append("digest: ")
    sbStringToSign.AppendLine(*sbDigestHdrVal.GetAsString(),false)
    sbStringToSign.Append("x-request-id: ")
    sbStringToSign.Append(*xRequestId)

    // ----------------------------------------------------------------
    // Sign with our private key...
    sbPrivKey := chilkat.NewStringBuilder()
    sbPrivKey.Append("MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaAI6hllIAiJth")
    sbPrivKey.Append("ftLAUhMC2pfk97vrpXS4pKcRwgfIi9Rg+xa0Y3APjFbMYbx5cu70bByvrUMjEmni")
    sbPrivKey.Append("u/NkR6WN96sTy3PC5qEC29hLokMV4/TzmJGAUO+KpK2Z7ylZUd1qMkFngzl50mNs")
    sbPrivKey.Append("GzRX5D/BE+BJcMriCBK4sGIWm9DiK556zvF/Nv0j2cR8BHd2kI0OroYsPKWg7KSW")
    sbPrivKey.Append("0uVoxH7sGNeilVVGJYW7QMBo73OmitDQZvix/XzC6QBOoHxmTctIMzA6K1TW5ECt")
    sbPrivKey.Append("SKABg/KfWR3QdBdxcJCCxI1IkFupyvv3ygzSdEwW6YGVKWPG0eOtKs8SnXmdcjw6")
    sbPrivKey.Append("l9go4en5AgMBAAECggEAB8nsTqalwGIhFw8mbXuhNUFlGuek/arYLD6pv28swwQH")
    sbPrivKey.Append("7v0ZlxFUcCHF+iBl0PsDwZTZQ4ePtgGS6ehoLkWHCzb1lEv5E1YVG5qKNE2UUwRl")
    sbPrivKey.Append("fIyPakO6AzyV/UF3uzq7C+/GuXGNTKZxKewg5yD/DCFvKoCOpxu9u36FyqP/hw0S")
    sbPrivKey.Append("ADVlmp35/zoPDPZzu1j4FiCo0pJ9LwJcHxeJHopNAKDw9k6I4z/grskdgupsGzK2")
    sbPrivKey.Append("BiGiQ/+wmmO68/6Xa6KWfpr1PQ6ODJHgzZsdGCVi6Ebaqlj6BbsYWxP6h3lrsGt+")
    sbPrivKey.Append("LmHBaN2jCD6cDp+lihqFgnm8hfdv0lmbPilp71EDfwKBgQD6U8PBzZtN8yXm5WuS")
    sbPrivKey.Append("NL+/8q5GjNmeTJBSo1gM6Y8vOT4QAE147LbVuVBDwyHPoSrNejePae6Q14PswjBy")
    sbPrivKey.Append("T7B8DZ0OeQyGa3trrFg/ib7Vv4ZMvJqX9+WzBrzZsxTg7oCKHzmCR4vIRItKHH3z")
    sbPrivKey.Append("Wnnhqlo8ic2AZ2O43cdJosbO1wKBgQDe8UODOLu0vnHohOKeUqF3w/ZOB2+83/js")
    sbPrivKey.Append("YyUbSkzsGvHIwTjObuMUFTQvdMZ6IkIyJdfnDZIbvlBSD8tzL5iKFTNCK2nL1i4G")
    sbPrivKey.Append("iFr0CYLaHAlhJ5GEbTrTMDoJeBPerZq83HPrSa/Wb0xO18QTWsoVQPFfPFbbcQyI")
    sbPrivKey.Append("9ryJ2iIDrwKBgQC6kuAefG46ZPVk6K2KZUJdgDUgZC52a75NuW0RAqszmUiGiJM1")
    sbPrivKey.Append("g8ip9tq6BqAWrprGV0c93shusBKlzf5p1LdHXqYmeVY6gbWVhPipMrNHgN5KJ3BZ")
    sbPrivKey.Append("v+w1yNnMsErpcxne2HL2hPjMJTpj3GSLkm2xIlTrNhIyl9ydlr7IRUhENQKBgQCv")
    sbPrivKey.Append("i6HxbXa/90WSJTCcIcxqla8X+dsOCf3jhJ3vQy4Wq5C+1wZ35fCAG8Ifq/+so9Uj")
    sbPrivKey.Append("z5CVqqXlmpF8TFuSs2OVNuRJsg14J4nOMwgLKIIUZAcurQ10DN5I9Kx+UEK1EFXL")
    sbPrivKey.Append("aHsORdNjMfgQDO2jn9WHrr9gkg6CdB2+qyoCEfS+mQKBgBW08lcy9V5RzRWb/v/j")
    sbPrivKey.Append("xsc7ovmgAhCJhDeV7dPbx4HbFeoQJlbA8g1thdcFlcatSGyNDbvNE1GPSd4NhkpR")
    sbPrivKey.Append("Y6Hfv53kdEzjVkEtU8lUdL7HNVJqX7bU7oZlfbYcwxWQ1Gg8C1oLIAyEt71slQtd")
    sbPrivKey.Append("RiNYBRZTQe2F0wxbXnuUqLAw")

    privKey := chilkat.NewPrivateKey()
    success = privKey.LoadPem(*sbPrivKey.GetAsString())
    if success == false {
        fmt.Println(privKey.LastErrorText())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        return
    }

    rsa := chilkat.NewRsa()
    success = rsa.UsePrivateKey(privKey)
    if success == false {
        fmt.Println(rsa.LastErrorText())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        return
    }

    rsa.SetEncodingMode("base64")
    b64Signature := rsa.SignStringENC(*sbStringToSign.GetAsString(),"SHA256")

    // ----------------------------------------------------------------
    // Add the "signature" header.
    // 
    // The signature header will look like this:
    // signature: keyId="1523433508",algorithm="rsa-sha512",headers="date digest x-request-id",signature="y5o7gKxmfA6AT6...blE1A9Q=="
    // 
    // The keyId is the serial number of the certificate as defined in 'TPP-Signing-Certificate' header, the format should be Integer not hex. 
    cert := chilkat.NewCert()
    success = cert.SetFromEncoded(*sbTppCert.GetAsString())
    if success == false {
        fmt.Println(cert.LastErrorText())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        cert.DisposeCert()
        return
    }

    sbSigHdrVal := chilkat.NewStringBuilder()
    sbSigHdrVal.Append("keyId=\"")
    sbSigHdrVal.Append(cert.SerialDecimal())
    sbSigHdrVal.Append("\",")
    sbSigHdrVal.Append("algorithm=\"rsa-sha256\",")
    sbSigHdrVal.Append("headers=\"date digest x-request-id\",")
    sbSigHdrVal.Append("signature=\"")
    sbSigHdrVal.Append(*b64Signature)
    sbSigHdrVal.Append("\"")

    http.SetRequestHeader("signature",*sbSigHdrVal.GetAsString())

    // ----------------------------------------------------------------
    // Add remaining headers...

    http.SetRequestHeader("x-ibm-client-id","YOUR_APP_CLIENT_ID")
    http.SetRequestHeader("accept","application/json")

    // ----------------------------------------------------------------
    // Add our certificate and key for mutual TLS 
    // (provide a registered X509 client certificate during TLS handhake)

    tlsCert := chilkat.NewCert()
    success = tlsCert.LoadFromFile("qa_data/certs_and_keys/ING/example_client_tls.cer")
    if success == false {
        fmt.Println(tlsCert.LastErrorText())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        cert.DisposeCert()
        sbSigHdrVal.DisposeStringBuilder()
        tlsCert.DisposeCert()
        return
    }

    bdPrivKey := chilkat.NewBinData()
    success = bdPrivKey.LoadFile("qa_data/certs_and_keys/ING/example_client_tls.key")
    if success == false {
        fmt.Println("Failed to load example_client_tls.key")
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        cert.DisposeCert()
        sbSigHdrVal.DisposeStringBuilder()
        tlsCert.DisposeCert()
        bdPrivKey.DisposeBinData()
        return
    }

    // The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. 
    // Please note down this client_id since you will need it in the next steps to call the API.

    tlsPrivKey := chilkat.NewPrivateKey()
    success = tlsPrivKey.LoadAnyFormat(bdPrivKey,"")
    if success == false {
        fmt.Println(tlsPrivKey.LastErrorText())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        cert.DisposeCert()
        sbSigHdrVal.DisposeStringBuilder()
        tlsCert.DisposeCert()
        bdPrivKey.DisposeBinData()
        tlsPrivKey.DisposePrivateKey()
        return
    }

    // Associate the private key with the certificate.
    success = tlsCert.SetPrivateKey(tlsPrivKey)
    if success == false {
        fmt.Println(tlsCert.LastErrorText())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        cert.DisposeCert()
        sbSigHdrVal.DisposeStringBuilder()
        tlsCert.DisposeCert()
        bdPrivKey.DisposeBinData()
        tlsPrivKey.DisposePrivateKey()
        return
    }

    success = http.SetSslClientCert(tlsCert)
    if success == false {
        fmt.Println(http.LastErrorText())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        cert.DisposeCert()
        sbSigHdrVal.DisposeStringBuilder()
        tlsCert.DisposeCert()
        bdPrivKey.DisposeBinData()
        tlsPrivKey.DisposePrivateKey()
        return
    }

    // ----------------------------------------------------------------
    // Finally, send the request...

    sbResponseBody := chilkat.NewStringBuilder()
    success = http.QuickGetSb("https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts",sbResponseBody)
    if success == false {
        fmt.Println(http.LastErrorText())
        fmt.Println(*sbResponseBody.GetAsString())
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        cert.DisposeCert()
        sbSigHdrVal.DisposeStringBuilder()
        tlsCert.DisposeCert()
        bdPrivKey.DisposeBinData()
        tlsPrivKey.DisposePrivateKey()
        sbResponseBody.DisposeStringBuilder()
        return
    }

    jResp := chilkat.NewJsonObject()
    jResp.LoadSb(sbResponseBody)
    jResp.SetEmitCompact(false)

    fmt.Println("Response Body:")
    fmt.Println(*jResp.Emit())

    respStatusCode := http.LastStatus()
    fmt.Println("Response Status Code = ", respStatusCode)
    if respStatusCode >= 400 {
        fmt.Println("Response Header:")
        fmt.Println(http.LastHeader())
        fmt.Println("Failed.")
        http.DisposeHttp()
        jsonToken.DisposeJsonObject()
        sbTppCert.DisposeStringBuilder()
        crypt.DisposeCrypt2()
        dt.DisposeCkDateTime()
        sbDigestHdrVal.DisposeStringBuilder()
        sbStringToSign.DisposeStringBuilder()
        sbPrivKey.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        rsa.DisposeRsa()
        cert.DisposeCert()
        sbSigHdrVal.DisposeStringBuilder()
        tlsCert.DisposeCert()
        bdPrivKey.DisposeBinData()
        tlsPrivKey.DisposePrivateKey()
        sbResponseBody.DisposeStringBuilder()
        jResp.DisposeJsonObject()
        return
    }

    // Sample JSON response:
    // (Sample code for parsing the JSON response is shown below)

    // {
    //   "accounts": [
    //     {
    //       "_links": {
    //         "account": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
    //         "balances": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/balances",
    //         "transactions": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/transactions"
    //       },
    //       "currency": "EUR",
    //       "iban": "NL05RABO0812836782",
    //       "name": "Rosie Roy",
    //       "resourceId": "dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
    //       "status": "enabled"
    //     }
    //   ]
    // }

    // Sample code for parsing the JSON response...
    // Use the following online tool to generate parsing code from sample JSON:
    // Generate Parsing Code from JSON

    var v_linksAccount *string = new(string)
    var v_linksBalances *string = new(string)
    var v_linksTransactions *string = new(string)
    var currency *string = new(string)
    var iban *string = new(string)
    var name *string = new(string)
    var resourceId *string = new(string)
    var status *string = new(string)

    i := 0
    count_i := jResp.SizeOfArray("accounts")
    for i < count_i {
        jResp.SetI(i)
        v_linksAccount = jResp.StringOf("accounts[i]._links.account")
        v_linksBalances = jResp.StringOf("accounts[i]._links.balances")
        v_linksTransactions = jResp.StringOf("accounts[i]._links.transactions")
        currency = jResp.StringOf("accounts[i].currency")
        iban = jResp.StringOf("accounts[i].iban")
        name = jResp.StringOf("accounts[i].name")
        resourceId = jResp.StringOf("accounts[i].resourceId")
        status = jResp.StringOf("accounts[i].status")
        i = i + 1
    }


    http.DisposeHttp()
    jsonToken.DisposeJsonObject()
    sbTppCert.DisposeStringBuilder()
    crypt.DisposeCrypt2()
    dt.DisposeCkDateTime()
    sbDigestHdrVal.DisposeStringBuilder()
    sbStringToSign.DisposeStringBuilder()
    sbPrivKey.DisposeStringBuilder()
    privKey.DisposePrivateKey()
    rsa.DisposeRsa()
    cert.DisposeCert()
    sbSigHdrVal.DisposeStringBuilder()
    tlsCert.DisposeCert()
    bdPrivKey.DisposeBinData()
    tlsPrivKey.DisposePrivateKey()
    sbResponseBody.DisposeStringBuilder()
    jResp.DisposeJsonObject()