Sample code for 30+ languages & platforms
Android™

HMRC Validate Fraud Prevention Headers

See more HTTP Misc Examples

Demonstrates how to test (validate) HMRC fraud prevention headers.

Chilkat Android™ Downloads

Android™
// Important: Don't forget to include the call to System.loadLibrary
// as shown at the bottom of this code sample.
package com.test;

import android.app.Activity;
import com.chilkatsoft.*;

import android.widget.TextView;
import android.os.Bundle;

public class SimpleActivity extends Activity {

  private static final String TAG = "Chilkat";

  // Called when the activity is first created.
  @Override
  public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);

    boolean success = false;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkRest rest = new CkRest();

    success = rest.Connect("test-api.service.hmrc.gov.uk",443,true,true);
    if (success == false) {
        Log.i(TAG, rest.lastErrorText());
        return;
        }

    // Load the previously fetched access token.
    CkJsonObject json = new CkJsonObject();
    success = json.LoadFile("qa_data/tokens/hmrc.json");
    String accessToken = json.stringOf("access_token");
    Log.i(TAG, "Using access toke: " + accessToken);

    CkStringBuilder sbAuthHeaderValue = new CkStringBuilder();
    sbAuthHeaderValue.Append("Bearer ");
    sbAuthHeaderValue.Append(accessToken);

    rest.AddHeader("Accept","application/vnd.hmrc.1.0+json");
    rest.AddHeader("Authorization",sbAuthHeaderValue.getAsString());

    // Add the fraud prevention headers.
    // See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
    rest.AddHeader("gov-client-connection-method","DESKTOP_APP_DIRECT");

    // This should be generated by an application and persistently stored on the device. The identifier should not expire.
    rest.AddHeader("gov-client-device-id","beec798b-b366-47fa-b1f8-92cede14a1ce");

    // See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
    rest.AddHeader("gov-client-user-ids","os=user123");

    // Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
    rest.AddHeader("gov-client-local-ips","172.16.16.23");
    // You'll need to find a way to get your MAC address.  Chilkat does not yet provide this ability...
    rest.AddHeader("gov-client-mac-addresses","7C%3AD3%3A0A%3A25%3ADA%3A1C");

    rest.AddHeader("gov-client-timezone","UTC+00:00");

    // You can probably just hard-code these so they're always the same with each request.
    rest.AddHeader("gov-client-window-size","width=1256&height=800");
    rest.AddHeader("gov-client-screens","width=1920&height=1080&scaling-factor=1&colour-depth=16");
    rest.AddHeader("gov-client-user-agent","Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)");
    rest.AddHeader("gov-vendor-version","My%20Desktop%20Software=1.2.3.build4286");

    String responseStr = rest.fullRequestNoBody("GET","/test/fraud-prevention-headers/validate");
    if (rest.get_LastMethodSuccess() == false) {
        Log.i(TAG, rest.lastErrorText());
        return;
        }

    // If the status code is 200, then the fraud prevention headers were validated.
    // The JSON response may include some warnings..
    Log.i(TAG, "Response status code = " + String.valueOf(rest.get_ResponseStatusCode()));
    Log.i(TAG, "Response JSON body: ");
    Log.i(TAG, responseStr);

  }

  static {
      System.loadLibrary("chilkat");

      // Note: If the incorrect library name is passed to System.loadLibrary,
      // then you will see the following error message at application startup:
      //"The application <your-application-name> has stopped unexpectedly. Please try again."
  }
}