SQL Server
SQL Server
HMRC Validate Fraud Prevention Headers
See more HTTP Misc Examples
Demonstrates how to test (validate) HMRC fraud prevention headers.Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
DECLARE @iTmp0 int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @rest int
EXEC @hr = sp_OACreate 'Chilkat.Rest', @rest OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
EXEC sp_OAMethod @rest, 'Connect', @success OUT, 'test-api.service.hmrc.gov.uk', 443, 1, 1
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @rest, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @rest
RETURN
END
-- Load the previously fetched access token.
DECLARE @json int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT
EXEC sp_OAMethod @json, 'LoadFile', @success OUT, 'qa_data/tokens/hmrc.json'
DECLARE @accessToken nvarchar(4000)
EXEC sp_OAMethod @json, 'StringOf', @accessToken OUT, 'access_token'
PRINT 'Using access toke: ' + @accessToken
DECLARE @sbAuthHeaderValue int
EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbAuthHeaderValue OUT
EXEC sp_OAMethod @sbAuthHeaderValue, 'Append', @success OUT, 'Bearer '
EXEC sp_OAMethod @sbAuthHeaderValue, 'Append', @success OUT, @accessToken
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'Accept', 'application/vnd.hmrc.1.0+json'
EXEC sp_OAMethod @sbAuthHeaderValue, 'GetAsString', @sTmp0 OUT
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'Authorization', @sTmp0
-- Add the fraud prevention headers.
-- See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-connection-method', 'DESKTOP_APP_DIRECT'
-- This should be generated by an application and persistently stored on the device. The identifier should not expire.
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-device-id', 'beec798b-b366-47fa-b1f8-92cede14a1ce'
-- See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-user-ids', 'os=user123'
-- Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-local-ips', '172.16.16.23'
-- You'll need to find a way to get your MAC address. Chilkat does not yet provide this ability...
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-mac-addresses', '7C%3AD3%3A0A%3A25%3ADA%3A1C'
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-timezone', 'UTC+00:00'
-- You can probably just hard-code these so they're always the same with each request.
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-window-size', 'width=1256&height=800'
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-screens', 'width=1920&height=1080&scaling-factor=1&colour-depth=16'
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-client-user-agent', 'Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)'
EXEC sp_OAMethod @rest, 'AddHeader', @success OUT, 'gov-vendor-version', 'My%20Desktop%20Software=1.2.3.build4286'
DECLARE @responseStr nvarchar(4000)
EXEC sp_OAMethod @rest, 'FullRequestNoBody', @responseStr OUT, 'GET', '/test/fraud-prevention-headers/validate'
EXEC sp_OAGetProperty @rest, 'LastMethodSuccess', @iTmp0 OUT
IF @iTmp0 = 0
BEGIN
EXEC sp_OAGetProperty @rest, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @rest
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbAuthHeaderValue
RETURN
END
-- If the status code is 200, then the fraud prevention headers were validated.
-- The JSON response may include some warnings..
EXEC sp_OAGetProperty @rest, 'ResponseStatusCode', @iTmp0 OUT
PRINT 'Response status code = ' + @iTmp0
PRINT 'Response JSON body: '
PRINT @responseStr
EXEC @hr = sp_OADestroy @rest
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbAuthHeaderValue
END
GO