Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Rabobank GET /v3/accounts

See more Rabobank Examples

Demonstrates a call to a Rabobank API. Specifically this makes a call to the "Accounts AIS sb" API to deliver all the consented payments accounts for a specific Rabobank customer.

(This includes source code to for signing requests for PSD2 APIs)

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Http,
  Chilkat.CkDateTime,
  Chilkat.Rsa,
  Chilkat.StringBuilder,
  Chilkat.JsonObject,
  Chilkat.PrivateKey,
  Chilkat.Cert,
  Chilkat.Crypt2,
  Chilkat.BinData;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  http: THttp;
  jsonToken: TJsonObject;
  sbTppCert: TStringBuilder;
  crypt: TCrypt2;
  xRequestId: string;
  dt: TCkDateTime;
  dateHdrVal: string;
  payload: string;
  payloadDigest: string;
  sbDigestHdrVal: TStringBuilder;
  sbStringToSign: TStringBuilder;
  sbPrivKey: TStringBuilder;
  privKey: TPrivateKey;
  rsa: TRsa;
  b64Signature: string;
  cert: TCert;
  sbSigHdrVal: TStringBuilder;
  tlsCert: TCert;
  bdPrivKey: TBinData;
  tlsPrivKey: TPrivateKey;
  sbResponseBody: TStringBuilder;
  jResp: TJsonObject;
  respStatusCode: Integer;
  v_linksAccount: string;
  v_linksBalances: string;
  v_linksTransactions: string;
  currency: string;
  iban: string;
  name: string;
  resourceId: string;
  status: string;
  i: Integer;
  count_i: Integer;

begin
  success := False;

  //  This example assumes the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  http := THttp.Create;

  //  Implements the following CURL command:

  //  curl --request GET \
  //    --url https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts \
  //    --header 'accept: application/json' \
  //    --header 'authorization: Bearer REPLACE_BEARER_TOKEN' \
  //    --header 'date: REPLACE_THIS_VALUE' \
  //    --header 'digest: REPLACE_THIS_VALUE' \
  //    --header 'psu-ip-address: OPTIONAL' \
  //    --header 'signature: REPLACE_THIS_VALUE' \
  //    --header 'tpp-signature-certificate: MIIDkDCCAnigA ... cwE6gUl0rMA==' \
  //    --header 'x-ibm-client-id: Client ID' \
  //    --header 'x-request-id: REPLACE_THIS_VALUE'

  //  Load the previously fetched OAuth2 access token.
  jsonToken := TJsonObject.Create;
  success := jsonToken.LoadFile('qa_data/tokens/rabobank.json');
  if (success = False) then
    begin
      WriteLn(jsonToken.LastErrorText);
      Exit;
    end;

  //  This adds the "authorization: Bearer REPLACE_BEARER_TOKEN" header.
  http.AuthToken := jsonToken.StringOf('access_token');

  //  This is the TTP Signature certificate: The certificate used for signing the request.
  sbTppCert := TStringBuilder.Create;
  sbTppCert.Append('MIIDkDCCAnigAwIBAgIEWs3AJDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC');
  sbTppCert.Append('TkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxETAPBgNVBAoM');
  sbTppCert.Append('CFJhYm9iYW5rMRwwGgYDVQQLDBNPbmxpbmUgVHJhbnNhY3Rpb25zMSUwIwYDVQQD');
  sbTppCert.Append('DBxQU0QyIEFQSSBQSSBTZXJ2aWNlcyBTYW5kYm94MB4XDTE4MDQxMTA3NTgyOFoX');
  sbTppCert.Append('DTIzMDQxMTA3NTgyOFowgYkxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0');
  sbTppCert.Append('MRAwDgYDVQQHDAdVdHJlY2h0MREwDwYDVQQKDAhSYWJvYmFuazEcMBoGA1UECwwT');
  sbTppCert.Append('T25saW5lIFRyYW5zYWN0aW9uczElMCMGA1UEAwwcUFNEMiBBUEkgUEkgU2Vydmlj');
  sbTppCert.Append('ZXMgU2FuZGJveDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoAjqGW');
  sbTppCert.Append('UgCIm2F+0sBSEwLal+T3u+uldLikpxHCB8iL1GD7FrRjcA+MVsxhvHly7vRsHK+t');
  sbTppCert.Append('QyMSaeK782RHpY33qxPLc8LmoQLb2EuiQxXj9POYkYBQ74qkrZnvKVlR3WoyQWeD');
  sbTppCert.Append('OXnSY2wbNFfkP8ET4ElwyuIIEriwYhab0OIrnnrO8X82/SPZxHwEd3aQjQ6uhiw8');
  sbTppCert.Append('paDspJbS5WjEfuwY16KVVUYlhbtAwGjvc6aK0NBm+LH9fMLpAE6gfGZNy0gzMDor');
  sbTppCert.Append('VNbkQK1IoAGD8p9ZHdB0F3FwkILEjUiQW6nK+/fKDNJ0TBbpgZUpY8bR460qzxKd');
  sbTppCert.Append('eZ1yPDqX2Cjh6fkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYL4iD6noMJAt63kD');
  sbTppCert.Append('ED4RB2mII/lssvHhcxuDpOm3Ims9urubFWEpvV5TgIBAxy9PBinOdjhO1kGJJnYi');
  sbTppCert.Append('7F1jv1qnZwTV1JhYbvxv3+vk0jaiu7Ew7G3ASlzruXyMhN6t6jk9MpaWGl5Uw1T+');
  sbTppCert.Append('gNRUcWQRR44g3ahQRIS/UHkaV+vcpOa8j186/1X0ULHfbcVQk4LMmJeXqNs8sBAU');
  sbTppCert.Append('dKU/c6ssvj8jfJ4SfrurcBhY5UBTOdQOXTPY85aU3iFloerx7Oi9EHewxInOrU5X');
  sbTppCert.Append('zqqTz2AQPXezexVeAQxP27lzqCmYC7CFiam6QBr06VebkmnPLfs76n8CDc1cwE6g');
  sbTppCert.Append('Ul0rMA==');
  http.SetRequestHeader('tpp-signature-certificate',sbTppCert.GetAsString());

  //  ----------------------------------------------------------------
  //  We're not going to add the psu-ip-address header in this example.

  //  ----------------------------------------------------------------
  //  X-Request-ID header...
  //  Generate a UUID v4.
  crypt := TCrypt2.Create;
  xRequestId := crypt.GenerateUuid();
  http.SetRequestHeader('x-request-id',xRequestId);

  //  ----------------------------------------------------------------
  //  Date header...
  dt := TCkDateTime.Create;
  dt.SetFromCurrentSystemTime();
  dateHdrVal := dt.GetAsRfc822(False);
  //  The desire date/time format is the "RFC822" format.
  http.SetRequestHeader('Date',dateHdrVal);

  //  ----------------------------------------------------------------
  //  Digest header...
  crypt.HashAlgorithm := 'SHA256';
  crypt.EncodingMode := 'base64';
  //  A GET request has no HTTP request body.  Therefore the payload is the empty string.
  payload := '';
  payloadDigest := crypt.HashStringENC(payload);
  sbDigestHdrVal := TStringBuilder.Create;
  sbDigestHdrVal.Append('SHA-256=');
  sbDigestHdrVal.Append(payloadDigest);
  http.SetRequestHeader('digest',sbDigestHdrVal.GetAsString());

  //  ----------------------------------------------------------------
  //  The HTTP request needs to be signed for PSD2 API's...
  //  Create the signing string (to use in signing the HTTP request).
  //  See https://developer.rabobank.nl/signing-requests-psd2-apis
  //  
  //  For "account information" HTTP requests, we must use the following headers in the signing string.
  //     date
  //     digest
  //     x-request-id

  sbStringToSign := TStringBuilder.Create;
  sbStringToSign.Append('date: ');
  sbStringToSign.AppendLine(dateHdrVal,False);
  sbStringToSign.Append('digest: ');
  sbStringToSign.AppendLine(sbDigestHdrVal.GetAsString(),False);
  sbStringToSign.Append('x-request-id: ');
  sbStringToSign.Append(xRequestId);

  //  ----------------------------------------------------------------
  //  Sign with our private key...
  sbPrivKey := TStringBuilder.Create;
  sbPrivKey.Append('MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaAI6hllIAiJth');
  sbPrivKey.Append('ftLAUhMC2pfk97vrpXS4pKcRwgfIi9Rg+xa0Y3APjFbMYbx5cu70bByvrUMjEmni');
  sbPrivKey.Append('u/NkR6WN96sTy3PC5qEC29hLokMV4/TzmJGAUO+KpK2Z7ylZUd1qMkFngzl50mNs');
  sbPrivKey.Append('GzRX5D/BE+BJcMriCBK4sGIWm9DiK556zvF/Nv0j2cR8BHd2kI0OroYsPKWg7KSW');
  sbPrivKey.Append('0uVoxH7sGNeilVVGJYW7QMBo73OmitDQZvix/XzC6QBOoHxmTctIMzA6K1TW5ECt');
  sbPrivKey.Append('SKABg/KfWR3QdBdxcJCCxI1IkFupyvv3ygzSdEwW6YGVKWPG0eOtKs8SnXmdcjw6');
  sbPrivKey.Append('l9go4en5AgMBAAECggEAB8nsTqalwGIhFw8mbXuhNUFlGuek/arYLD6pv28swwQH');
  sbPrivKey.Append('7v0ZlxFUcCHF+iBl0PsDwZTZQ4ePtgGS6ehoLkWHCzb1lEv5E1YVG5qKNE2UUwRl');
  sbPrivKey.Append('fIyPakO6AzyV/UF3uzq7C+/GuXGNTKZxKewg5yD/DCFvKoCOpxu9u36FyqP/hw0S');
  sbPrivKey.Append('ADVlmp35/zoPDPZzu1j4FiCo0pJ9LwJcHxeJHopNAKDw9k6I4z/grskdgupsGzK2');
  sbPrivKey.Append('BiGiQ/+wmmO68/6Xa6KWfpr1PQ6ODJHgzZsdGCVi6Ebaqlj6BbsYWxP6h3lrsGt+');
  sbPrivKey.Append('LmHBaN2jCD6cDp+lihqFgnm8hfdv0lmbPilp71EDfwKBgQD6U8PBzZtN8yXm5WuS');
  sbPrivKey.Append('NL+/8q5GjNmeTJBSo1gM6Y8vOT4QAE147LbVuVBDwyHPoSrNejePae6Q14PswjBy');
  sbPrivKey.Append('T7B8DZ0OeQyGa3trrFg/ib7Vv4ZMvJqX9+WzBrzZsxTg7oCKHzmCR4vIRItKHH3z');
  sbPrivKey.Append('Wnnhqlo8ic2AZ2O43cdJosbO1wKBgQDe8UODOLu0vnHohOKeUqF3w/ZOB2+83/js');
  sbPrivKey.Append('YyUbSkzsGvHIwTjObuMUFTQvdMZ6IkIyJdfnDZIbvlBSD8tzL5iKFTNCK2nL1i4G');
  sbPrivKey.Append('iFr0CYLaHAlhJ5GEbTrTMDoJeBPerZq83HPrSa/Wb0xO18QTWsoVQPFfPFbbcQyI');
  sbPrivKey.Append('9ryJ2iIDrwKBgQC6kuAefG46ZPVk6K2KZUJdgDUgZC52a75NuW0RAqszmUiGiJM1');
  sbPrivKey.Append('g8ip9tq6BqAWrprGV0c93shusBKlzf5p1LdHXqYmeVY6gbWVhPipMrNHgN5KJ3BZ');
  sbPrivKey.Append('v+w1yNnMsErpcxne2HL2hPjMJTpj3GSLkm2xIlTrNhIyl9ydlr7IRUhENQKBgQCv');
  sbPrivKey.Append('i6HxbXa/90WSJTCcIcxqla8X+dsOCf3jhJ3vQy4Wq5C+1wZ35fCAG8Ifq/+so9Uj');
  sbPrivKey.Append('z5CVqqXlmpF8TFuSs2OVNuRJsg14J4nOMwgLKIIUZAcurQ10DN5I9Kx+UEK1EFXL');
  sbPrivKey.Append('aHsORdNjMfgQDO2jn9WHrr9gkg6CdB2+qyoCEfS+mQKBgBW08lcy9V5RzRWb/v/j');
  sbPrivKey.Append('xsc7ovmgAhCJhDeV7dPbx4HbFeoQJlbA8g1thdcFlcatSGyNDbvNE1GPSd4NhkpR');
  sbPrivKey.Append('Y6Hfv53kdEzjVkEtU8lUdL7HNVJqX7bU7oZlfbYcwxWQ1Gg8C1oLIAyEt71slQtd');
  sbPrivKey.Append('RiNYBRZTQe2F0wxbXnuUqLAw');

  privKey := TPrivateKey.Create;
  success := privKey.LoadPem(sbPrivKey.GetAsString());
  if (success = False) then
    begin
      WriteLn(privKey.LastErrorText);
      Exit;
    end;

  rsa := TRsa.Create;
  success := rsa.UsePrivateKey(privKey);
  if (success = False) then
    begin
      WriteLn(rsa.LastErrorText);
      Exit;
    end;

  rsa.EncodingMode := 'base64';
  b64Signature := rsa.SignStringENC(sbStringToSign.GetAsString(),'SHA256');

  //  ----------------------------------------------------------------
  //  Add the "signature" header.
  //  
  //  The signature header will look like this:
  //  signature: keyId="1523433508",algorithm="rsa-sha512",headers="date digest x-request-id",signature="y5o7gKxmfA6AT6...blE1A9Q=="
  //  
  //  The keyId is the serial number of the certificate as defined in 'TPP-Signing-Certificate' header, the format should be Integer not hex. 
  cert := TCert.Create;
  success := cert.SetFromEncoded(sbTppCert.GetAsString());
  if (success = False) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  sbSigHdrVal := TStringBuilder.Create;
  sbSigHdrVal.Append('keyId="');
  sbSigHdrVal.Append(cert.SerialDecimal);
  sbSigHdrVal.Append('",');
  sbSigHdrVal.Append('algorithm="rsa-sha256",');
  sbSigHdrVal.Append('headers="date digest x-request-id",');
  sbSigHdrVal.Append('signature="');
  sbSigHdrVal.Append(b64Signature);
  sbSigHdrVal.Append('"');

  http.SetRequestHeader('signature',sbSigHdrVal.GetAsString());

  //  ----------------------------------------------------------------
  //  Add remaining headers...

  http.SetRequestHeader('x-ibm-client-id','YOUR_APP_CLIENT_ID');
  http.SetRequestHeader('accept','application/json');

  //  ----------------------------------------------------------------
  //  Add our certificate and key for mutual TLS 
  //  (provide a registered X509 client certificate during TLS handhake)

  tlsCert := TCert.Create;
  success := tlsCert.LoadFromFile('qa_data/certs_and_keys/ING/example_client_tls.cer');
  if (success = False) then
    begin
      WriteLn(tlsCert.LastErrorText);
      Exit;
    end;

  bdPrivKey := TBinData.Create;
  success := bdPrivKey.LoadFile('qa_data/certs_and_keys/ING/example_client_tls.key');
  if (success = False) then
    begin
      WriteLn('Failed to load example_client_tls.key');
      Exit;
    end;

  //  The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. 
  //  Please note down this client_id since you will need it in the next steps to call the API.

  tlsPrivKey := TPrivateKey.Create;
  success := tlsPrivKey.LoadAnyFormat(bdPrivKey,'');
  if (success = False) then
    begin
      WriteLn(tlsPrivKey.LastErrorText);
      Exit;
    end;

  //  Associate the private key with the certificate.
  success := tlsCert.SetPrivateKey(tlsPrivKey);
  if (success = False) then
    begin
      WriteLn(tlsCert.LastErrorText);
      Exit;
    end;

  success := http.SetSslClientCert(tlsCert);
  if (success = False) then
    begin
      WriteLn(http.LastErrorText);
      Exit;
    end;

  //  ----------------------------------------------------------------
  //  Finally, send the request...

  sbResponseBody := TStringBuilder.Create;
  success := http.QuickGetSb('https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts',sbResponseBody);
  if (success = False) then
    begin
      WriteLn(http.LastErrorText);
      WriteLn(sbResponseBody.GetAsString());
      Exit;
    end;

  jResp := TJsonObject.Create;
  jResp.LoadSb(sbResponseBody);
  jResp.EmitCompact := False;

  WriteLn('Response Body:');
  WriteLn(jResp.Emit());

  respStatusCode := http.LastStatus;
  WriteLn('Response Status Code = ' + respStatusCode);
  if (respStatusCode >= 400) then
    begin
      WriteLn('Response Header:');
      WriteLn(http.LastHeader);
      WriteLn('Failed.');
      Exit;
    end;

  //  Sample JSON response:
  //  (Sample code for parsing the JSON response is shown below)

  //  {
  //    "accounts": [
  //      {
  //        "_links": {
  //          "account": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
  //          "balances": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/balances",
  //          "transactions": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/transactions"
  //        },
  //        "currency": "EUR",
  //        "iban": "NL05RABO0812836782",
  //        "name": "Rosie Roy",
  //        "resourceId": "dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
  //        "status": "enabled"
  //      }
  //    ]
  //  }

  //  Sample code for parsing the JSON response...
  //  Use the following online tool to generate parsing code from sample JSON:
  //  Generate Parsing Code from JSON

  i := 0;
  count_i := jResp.SizeOfArray('accounts');
  while i < count_i do
    begin
      jResp.I := i;
      v_linksAccount := jResp.StringOf('accounts[i]._links.account');
      v_linksBalances := jResp.StringOf('accounts[i]._links.balances');
      v_linksTransactions := jResp.StringOf('accounts[i]._links.transactions');
      currency := jResp.StringOf('accounts[i].currency');
      iban := jResp.StringOf('accounts[i].iban');
      name := jResp.StringOf('accounts[i].name');
      resourceId := jResp.StringOf('accounts[i].resourceId');
      status := jResp.StringOf('accounts[i].status');
      i := i + 1;
    end;



  http.Free;
  jsonToken.Free;
  sbTppCert.Free;
  crypt.Free;
  dt.Free;
  sbDigestHdrVal.Free;
  sbStringToSign.Free;
  sbPrivKey.Free;
  privKey.Free;
  rsa.Free;
  cert.Free;
  sbSigHdrVal.Free;
  tlsCert.Free;
  bdPrivKey.Free;
  tlsPrivKey.Free;
  sbResponseBody.Free;
  jResp.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.