Unicode C
Unicode C
HMRC Validate Fraud Prevention Headers
See more HTTP Misc Examples
Demonstrates how to test (validate) HMRC fraud prevention headers.Chilkat Unicode C Downloads
#include <C_CkRestW.h>
#include <C_CkJsonObjectW.h>
#include <C_CkStringBuilderW.h>
void ChilkatSample(void)
{
BOOL success;
HCkRestW rest;
HCkJsonObjectW json;
const wchar_t *accessToken;
HCkStringBuilderW sbAuthHeaderValue;
const wchar_t *responseStr;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
rest = CkRestW_Create();
success = CkRestW_Connect(rest,L"test-api.service.hmrc.gov.uk",443,TRUE,TRUE);
if (success == FALSE) {
wprintf(L"%s\n",CkRestW_lastErrorText(rest));
CkRestW_Dispose(rest);
return;
}
// Load the previously fetched access token.
json = CkJsonObjectW_Create();
success = CkJsonObjectW_LoadFile(json,L"qa_data/tokens/hmrc.json");
accessToken = CkJsonObjectW_stringOf(json,L"access_token");
wprintf(L"Using access toke: %s\n",accessToken);
sbAuthHeaderValue = CkStringBuilderW_Create();
CkStringBuilderW_Append(sbAuthHeaderValue,L"Bearer ");
CkStringBuilderW_Append(sbAuthHeaderValue,accessToken);
CkRestW_AddHeader(rest,L"Accept",L"application/vnd.hmrc.1.0+json");
CkRestW_AddHeader(rest,L"Authorization",CkStringBuilderW_getAsString(sbAuthHeaderValue));
// Add the fraud prevention headers.
// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
CkRestW_AddHeader(rest,L"gov-client-connection-method",L"DESKTOP_APP_DIRECT");
// This should be generated by an application and persistently stored on the device. The identifier should not expire.
CkRestW_AddHeader(rest,L"gov-client-device-id",L"beec798b-b366-47fa-b1f8-92cede14a1ce");
// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
CkRestW_AddHeader(rest,L"gov-client-user-ids",L"os=user123");
// Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
CkRestW_AddHeader(rest,L"gov-client-local-ips",L"172.16.16.23");
// You'll need to find a way to get your MAC address. Chilkat does not yet provide this ability...
CkRestW_AddHeader(rest,L"gov-client-mac-addresses",L"7C%3AD3%3A0A%3A25%3ADA%3A1C");
CkRestW_AddHeader(rest,L"gov-client-timezone",L"UTC+00:00");
// You can probably just hard-code these so they're always the same with each request.
CkRestW_AddHeader(rest,L"gov-client-window-size",L"width=1256&height=800");
CkRestW_AddHeader(rest,L"gov-client-screens",L"width=1920&height=1080&scaling-factor=1&colour-depth=16");
CkRestW_AddHeader(rest,L"gov-client-user-agent",L"Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)");
CkRestW_AddHeader(rest,L"gov-vendor-version",L"My%20Desktop%20Software=1.2.3.build4286");
responseStr = CkRestW_fullRequestNoBody(rest,L"GET",L"/test/fraud-prevention-headers/validate");
if (CkRestW_getLastMethodSuccess(rest) == FALSE) {
wprintf(L"%s\n",CkRestW_lastErrorText(rest));
CkRestW_Dispose(rest);
CkJsonObjectW_Dispose(json);
CkStringBuilderW_Dispose(sbAuthHeaderValue);
return;
}
// If the status code is 200, then the fraud prevention headers were validated.
// The JSON response may include some warnings..
wprintf(L"Response status code = %d\n",CkRestW_getResponseStatusCode(rest));
wprintf(L"Response JSON body: \n");
wprintf(L"%s\n",responseStr);
CkRestW_Dispose(rest);
CkJsonObjectW_Dispose(json);
CkStringBuilderW_Dispose(sbAuthHeaderValue);
}