Sample code for 30+ languages & platforms
Visual FoxPro

HMRC Validate Fraud Prevention Headers

See more HTTP Misc Examples

Demonstrates how to test (validate) HMRC fraud prevention headers.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL loRest
LOCAL loJson
LOCAL lcAccessToken
LOCAL loSbAuthHeaderValue
LOCAL lcResponseStr

lnSuccess = 0

* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

loRest = CreateObject('Chilkat.Rest')

lnSuccess = loRest.Connect("test-api.service.hmrc.gov.uk",443,1,1)
IF (lnSuccess = 0) THEN
    ? loRest.LastErrorText
    RELEASE loRest
    CANCEL
ENDIF

* Load the previously fetched access token.
loJson = CreateObject('Chilkat.JsonObject')
lnSuccess = loJson.LoadFile("qa_data/tokens/hmrc.json")
lcAccessToken = loJson.StringOf("access_token")
? "Using access toke: " + lcAccessToken

loSbAuthHeaderValue = CreateObject('Chilkat.StringBuilder')
loSbAuthHeaderValue.Append("Bearer ")
loSbAuthHeaderValue.Append(lcAccessToken)

loRest.AddHeader("Accept","application/vnd.hmrc.1.0+json")
loRest.AddHeader("Authorization",loSbAuthHeaderValue.GetAsString())

* Add the fraud prevention headers.
* See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
loRest.AddHeader("gov-client-connection-method","DESKTOP_APP_DIRECT")

* This should be generated by an application and persistently stored on the device. The identifier should not expire.
loRest.AddHeader("gov-client-device-id","beec798b-b366-47fa-b1f8-92cede14a1ce")

* See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
loRest.AddHeader("gov-client-user-ids","os=user123")

* Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
loRest.AddHeader("gov-client-local-ips","172.16.16.23")
* You'll need to find a way to get your MAC address.  Chilkat does not yet provide this ability...
loRest.AddHeader("gov-client-mac-addresses","7C%3AD3%3A0A%3A25%3ADA%3A1C")

loRest.AddHeader("gov-client-timezone","UTC+00:00")

* You can probably just hard-code these so they're always the same with each request.
loRest.AddHeader("gov-client-window-size","width=1256&height=800")
loRest.AddHeader("gov-client-screens","width=1920&height=1080&scaling-factor=1&colour-depth=16")
loRest.AddHeader("gov-client-user-agent","Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)")
loRest.AddHeader("gov-vendor-version","My%20Desktop%20Software=1.2.3.build4286")

lcResponseStr = loRest.FullRequestNoBody("GET","/test/fraud-prevention-headers/validate")
IF (loRest.LastMethodSuccess = 0) THEN
    ? loRest.LastErrorText
    RELEASE loRest
    RELEASE loJson
    RELEASE loSbAuthHeaderValue
    CANCEL
ENDIF

* If the status code is 200, then the fraud prevention headers were validated.
* The JSON response may include some warnings..
? "Response status code = " + STR(loRest.ResponseStatusCode)
? "Response JSON body: "
? lcResponseStr

RELEASE loRest
RELEASE loJson
RELEASE loSbAuthHeaderValue