Sample code for 30+ languages & platforms
DataFlex

HMRC Validate Fraud Prevention Headers

See more HTTP Misc Examples

Demonstrates how to test (validate) HMRC fraud prevention headers.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoRest
    Handle hoJson
    String sAccessToken
    Handle hoSbAuthHeaderValue
    String sResponseStr
    String sTemp1
    Integer iTemp1
    Boolean bTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatRest)) To hoRest
    If (Not(IsComObjectCreated(hoRest))) Begin
        Send CreateComObject of hoRest
    End

    Get ComConnect Of hoRest "test-api.service.hmrc.gov.uk" 443 True True To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoRest To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Load the previously fetched access token.
    Get Create (RefClass(cComChilkatJsonObject)) To hoJson
    If (Not(IsComObjectCreated(hoJson))) Begin
        Send CreateComObject of hoJson
    End
    Get ComLoadFile Of hoJson "qa_data/tokens/hmrc.json" To iSuccess
    Get ComStringOf Of hoJson "access_token" To sAccessToken
    Showln "Using access toke: " sAccessToken

    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbAuthHeaderValue
    If (Not(IsComObjectCreated(hoSbAuthHeaderValue))) Begin
        Send CreateComObject of hoSbAuthHeaderValue
    End
    Get ComAppend Of hoSbAuthHeaderValue "Bearer " To iSuccess
    Get ComAppend Of hoSbAuthHeaderValue sAccessToken To iSuccess

    Get ComAddHeader Of hoRest "Accept" "application/vnd.hmrc.1.0+json" To iSuccess
    Get ComGetAsString Of hoSbAuthHeaderValue To sTemp1
    Get ComAddHeader Of hoRest "Authorization" sTemp1 To iSuccess

    // Add the fraud prevention headers.
    // See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
    Get ComAddHeader Of hoRest "gov-client-connection-method" "DESKTOP_APP_DIRECT" To iSuccess

    // This should be generated by an application and persistently stored on the device. The identifier should not expire.
    Get ComAddHeader Of hoRest "gov-client-device-id" "beec798b-b366-47fa-b1f8-92cede14a1ce" To iSuccess

    // See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
    Get ComAddHeader Of hoRest "gov-client-user-ids" "os=user123" To iSuccess

    // Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
    Get ComAddHeader Of hoRest "gov-client-local-ips" "172.16.16.23" To iSuccess
    // You'll need to find a way to get your MAC address.  Chilkat does not yet provide this ability...
    Get ComAddHeader Of hoRest "gov-client-mac-addresses" "7C%3AD3%3A0A%3A25%3ADA%3A1C" To iSuccess

    Get ComAddHeader Of hoRest "gov-client-timezone" "UTC+00:00" To iSuccess

    // You can probably just hard-code these so they're always the same with each request.
    Get ComAddHeader Of hoRest "gov-client-window-size" "width=1256&height=800" To iSuccess
    Get ComAddHeader Of hoRest "gov-client-screens" "width=1920&height=1080&scaling-factor=1&colour-depth=16" To iSuccess
    Get ComAddHeader Of hoRest "gov-client-user-agent" "Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)" To iSuccess
    Get ComAddHeader Of hoRest "gov-vendor-version" "My%20Desktop%20Software=1.2.3.build4286" To iSuccess

    Get ComFullRequestNoBody Of hoRest "GET" "/test/fraud-prevention-headers/validate" To sResponseStr
    Get ComLastMethodSuccess Of hoRest To bTemp1
    If (bTemp1 = False) Begin
        Get ComLastErrorText Of hoRest To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // If the status code is 200, then the fraud prevention headers were validated.
    // The JSON response may include some warnings..
    Get ComResponseStatusCode Of hoRest To iTemp1
    Showln "Response status code = " iTemp1
    Showln "Response JSON body: "
    Showln sResponseStr


End_Procedure