AutoIt
AutoIt
HMRC Validate Fraud Prevention Headers
See more HTTP Misc Examples
Demonstrates how to test (validate) HMRC fraud prevention headers.Chilkat AutoIt Downloads
Local $bSuccess = False
; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
$oRest = ObjCreate("Chilkat.Rest")
$bSuccess = $oRest.Connect("test-api.service.hmrc.gov.uk",443,True,True)
If ($bSuccess = False) Then
ConsoleWrite($oRest.LastErrorText & @CRLF)
Exit
EndIf
; Load the previously fetched access token.
$oJson = ObjCreate("Chilkat.JsonObject")
$bSuccess = $oJson.LoadFile("qa_data/tokens/hmrc.json")
Local $sAccessToken = $oJson.StringOf("access_token")
ConsoleWrite("Using access toke: " & $sAccessToken & @CRLF)
$oSbAuthHeaderValue = ObjCreate("Chilkat.StringBuilder")
$oSbAuthHeaderValue.Append("Bearer ")
$oSbAuthHeaderValue.Append($sAccessToken)
$oRest.AddHeader("Accept","application/vnd.hmrc.1.0+json")
$oRest.AddHeader("Authorization",$oSbAuthHeaderValue.GetAsString())
; Add the fraud prevention headers.
; See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
$oRest.AddHeader("gov-client-connection-method","DESKTOP_APP_DIRECT")
; This should be generated by an application and persistently stored on the device. The identifier should not expire.
$oRest.AddHeader("gov-client-device-id","beec798b-b366-47fa-b1f8-92cede14a1ce")
; See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
$oRest.AddHeader("gov-client-user-ids","os=user123")
; Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
$oRest.AddHeader("gov-client-local-ips","172.16.16.23")
; You'll need to find a way to get your MAC address. Chilkat does not yet provide this ability...
$oRest.AddHeader("gov-client-mac-addresses","7C%3AD3%3A0A%3A25%3ADA%3A1C")
$oRest.AddHeader("gov-client-timezone","UTC+00:00")
; You can probably just hard-code these so they're always the same with each request.
$oRest.AddHeader("gov-client-window-size","width=1256&height=800")
$oRest.AddHeader("gov-client-screens","width=1920&height=1080&scaling-factor=1&colour-depth=16")
$oRest.AddHeader("gov-client-user-agent","Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)")
$oRest.AddHeader("gov-vendor-version","My%20Desktop%20Software=1.2.3.build4286")
Local $sResponseStr = $oRest.FullRequestNoBody("GET","/test/fraud-prevention-headers/validate")
If ($oRest.LastMethodSuccess = False) Then
ConsoleWrite($oRest.LastErrorText & @CRLF)
Exit
EndIf
; If the status code is 200, then the fraud prevention headers were validated.
; The JSON response may include some warnings..
ConsoleWrite("Response status code = " & $oRest.ResponseStatusCode & @CRLF)
ConsoleWrite("Response JSON body: " & @CRLF)
ConsoleWrite($sResponseStr & @CRLF)