Java
Java
HMRC Validate Fraud Prevention Headers
See more HTTP Misc Examples
Demonstrates how to test (validate) HMRC fraud prevention headers.Chilkat Java Downloads
import com.chilkatsoft.*;
public class ChilkatExample {
static {
try {
System.loadLibrary("chilkat");
} catch (UnsatisfiedLinkError e) {
System.err.println("Native code library failed to load.\n" + e);
System.exit(1);
}
}
public static void main(String argv[])
{
boolean success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkRest rest = new CkRest();
success = rest.Connect("test-api.service.hmrc.gov.uk",443,true,true);
if (success == false) {
System.out.println(rest.lastErrorText());
return;
}
// Load the previously fetched access token.
CkJsonObject json = new CkJsonObject();
success = json.LoadFile("qa_data/tokens/hmrc.json");
String accessToken = json.stringOf("access_token");
System.out.println("Using access toke: " + accessToken);
CkStringBuilder sbAuthHeaderValue = new CkStringBuilder();
sbAuthHeaderValue.Append("Bearer ");
sbAuthHeaderValue.Append(accessToken);
rest.AddHeader("Accept","application/vnd.hmrc.1.0+json");
rest.AddHeader("Authorization",sbAuthHeaderValue.getAsString());
// Add the fraud prevention headers.
// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
rest.AddHeader("gov-client-connection-method","DESKTOP_APP_DIRECT");
// This should be generated by an application and persistently stored on the device. The identifier should not expire.
rest.AddHeader("gov-client-device-id","beec798b-b366-47fa-b1f8-92cede14a1ce");
// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
rest.AddHeader("gov-client-user-ids","os=user123");
// Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
rest.AddHeader("gov-client-local-ips","172.16.16.23");
// You'll need to find a way to get your MAC address. Chilkat does not yet provide this ability...
rest.AddHeader("gov-client-mac-addresses","7C%3AD3%3A0A%3A25%3ADA%3A1C");
rest.AddHeader("gov-client-timezone","UTC+00:00");
// You can probably just hard-code these so they're always the same with each request.
rest.AddHeader("gov-client-window-size","width=1256&height=800");
rest.AddHeader("gov-client-screens","width=1920&height=1080&scaling-factor=1&colour-depth=16");
rest.AddHeader("gov-client-user-agent","Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)");
rest.AddHeader("gov-vendor-version","My%20Desktop%20Software=1.2.3.build4286");
String responseStr = rest.fullRequestNoBody("GET","/test/fraud-prevention-headers/validate");
if (rest.get_LastMethodSuccess() == false) {
System.out.println(rest.lastErrorText());
return;
}
// If the status code is 200, then the fraud prevention headers were validated.
// The JSON response may include some warnings..
System.out.println("Response status code = " + rest.get_ResponseStatusCode());
System.out.println("Response JSON body: ");
System.out.println(responseStr);
}
}