Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

HMRC Validate Fraud Prevention Headers

See more HTTP Misc Examples

Demonstrates how to test (validate) HMRC fraud prevention headers.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.StringBuilder,
  Chilkat.Rest,
  Chilkat.JsonObject;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  rest: TRest;
  json: TJsonObject;
  accessToken: string;
  sbAuthHeaderValue: TStringBuilder;
  responseStr: string;

begin
  success := False;

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  rest := TRest.Create;

  success := rest.Connect('test-api.service.hmrc.gov.uk',443,True,True);
  if (success = False) then
    begin
      WriteLn(rest.LastErrorText);
      Exit;
    end;

  //  Load the previously fetched access token.
  json := TJsonObject.Create;
  success := json.LoadFile('qa_data/tokens/hmrc.json');
  accessToken := json.StringOf('access_token');
  WriteLn('Using access toke: ' + accessToken);

  sbAuthHeaderValue := TStringBuilder.Create;
  sbAuthHeaderValue.Append('Bearer ');
  sbAuthHeaderValue.Append(accessToken);

  rest.AddHeader('Accept','application/vnd.hmrc.1.0+json');
  rest.AddHeader('Authorization',sbAuthHeaderValue.GetAsString());

  //  Add the fraud prevention headers.
  //  See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
  rest.AddHeader('gov-client-connection-method','DESKTOP_APP_DIRECT');

  //  This should be generated by an application and persistently stored on the device. The identifier should not expire.
  rest.AddHeader('gov-client-device-id','beec798b-b366-47fa-b1f8-92cede14a1ce');

  //  See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
  rest.AddHeader('gov-client-user-ids','os=user123');

  //  Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
  rest.AddHeader('gov-client-local-ips','172.16.16.23');
  //  You'll need to find a way to get your MAC address.  Chilkat does not yet provide this ability...
  rest.AddHeader('gov-client-mac-addresses','7C%3AD3%3A0A%3A25%3ADA%3A1C');

  rest.AddHeader('gov-client-timezone','UTC+00:00');

  //  You can probably just hard-code these so they're always the same with each request.
  rest.AddHeader('gov-client-window-size','width=1256&height=800');
  rest.AddHeader('gov-client-screens','width=1920&height=1080&scaling-factor=1&colour-depth=16');
  rest.AddHeader('gov-client-user-agent','Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)');
  rest.AddHeader('gov-vendor-version','My%20Desktop%20Software=1.2.3.build4286');

  responseStr := rest.FullRequestNoBody('GET','/test/fraud-prevention-headers/validate');
  if (rest.LastMethodSuccess = False) then
    begin
      WriteLn(rest.LastErrorText);
      Exit;
    end;

  //  If the status code is 200, then the fraud prevention headers were validated.
  //  The JSON response may include some warnings..
  WriteLn('Response status code = ' + rest.ResponseStatusCode);
  WriteLn('Response JSON body: ');
  WriteLn(responseStr);


  rest.Free;
  json.Free;
  sbAuthHeaderValue.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.