Sample code for 30+ languages & platforms
Objective-C

HMRC Validate Fraud Prevention Headers

See more HTTP Misc Examples

Demonstrates how to test (validate) HMRC fraud prevention headers.

Chilkat Objective-C Downloads

Objective-C
#import <CkoRest.h>
#import <CkoJsonObject.h>
#import <NSString.h>
#import <CkoStringBuilder.h>

BOOL success = NO;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoRest *rest = [[CkoRest alloc] init];

success = [rest Connect: @"test-api.service.hmrc.gov.uk" port: [NSNumber numberWithInt: 443] tls: YES autoReconnect: YES];
if (success == NO) {
    NSLog(@"%@",rest.LastErrorText);
    return;
}

// Load the previously fetched access token.
CkoJsonObject *json = [[CkoJsonObject alloc] init];
success = [json LoadFile: @"qa_data/tokens/hmrc.json"];
NSString *accessToken = [json StringOf: @"access_token"];
NSLog(@"%@%@",@"Using access toke: ",accessToken);

CkoStringBuilder *sbAuthHeaderValue = [[CkoStringBuilder alloc] init];
[sbAuthHeaderValue Append: @"Bearer "];
[sbAuthHeaderValue Append: accessToken];

[rest AddHeader: @"Accept" value: @"application/vnd.hmrc.1.0+json"];
[rest AddHeader: @"Authorization" value: [sbAuthHeaderValue GetAsString]];

// Add the fraud prevention headers.
// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
[rest AddHeader: @"gov-client-connection-method" value: @"DESKTOP_APP_DIRECT"];

// This should be generated by an application and persistently stored on the device. The identifier should not expire.
[rest AddHeader: @"gov-client-device-id" value: @"beec798b-b366-47fa-b1f8-92cede14a1ce"];

// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
[rest AddHeader: @"gov-client-user-ids" value: @"os=user123"];

// Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
[rest AddHeader: @"gov-client-local-ips" value: @"172.16.16.23"];
// You'll need to find a way to get your MAC address.  Chilkat does not yet provide this ability...
[rest AddHeader: @"gov-client-mac-addresses" value: @"7C%3AD3%3A0A%3A25%3ADA%3A1C"];

[rest AddHeader: @"gov-client-timezone" value: @"UTC+00:00"];

// You can probably just hard-code these so they're always the same with each request.
[rest AddHeader: @"gov-client-window-size" value: @"width=1256&height=800"];
[rest AddHeader: @"gov-client-screens" value: @"width=1920&height=1080&scaling-factor=1&colour-depth=16"];
[rest AddHeader: @"gov-client-user-agent" value: @"Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)"];
[rest AddHeader: @"gov-vendor-version" value: @"My%20Desktop%20Software=1.2.3.build4286"];

NSString *responseStr = [rest FullRequestNoBody: @"GET" uriPath: @"/test/fraud-prevention-headers/validate"];
if (rest.LastMethodSuccess == NO) {
    NSLog(@"%@",rest.LastErrorText);
    return;
}

// If the status code is 200, then the fraud prevention headers were validated.
// The JSON response may include some warnings..
NSLog(@"%@%d",@"Response status code = ",[rest.ResponseStatusCode intValue]);
NSLog(@"%@",@"Response JSON body: ");
NSLog(@"%@",responseStr);