Sample code for 30+ languages & platforms
Perl

HMRC Validate Fraud Prevention Headers

See more HTTP Misc Examples

Demonstrates how to test (validate) HMRC fraud prevention headers.

Chilkat Perl Downloads

Perl
use chilkat();

$success = 0;

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

$rest = chilkat::CkRest->new();

$success = $rest->Connect("test-api.service.hmrc.gov.uk",443,1,1);
if ($success == 0) {
    print $rest->lastErrorText() . "\r\n";
    exit;
}

# Load the previously fetched access token.
$json = chilkat::CkJsonObject->new();
$success = $json->LoadFile("qa_data/tokens/hmrc.json");
$accessToken = $json->stringOf("access_token");
print "Using access toke: " . $accessToken . "\r\n";

$sbAuthHeaderValue = chilkat::CkStringBuilder->new();
$sbAuthHeaderValue->Append("Bearer ");
$sbAuthHeaderValue->Append($accessToken);

$rest->AddHeader("Accept","application/vnd.hmrc.1.0+json");
$rest->AddHeader("Authorization",$sbAuthHeaderValue->getAsString());

# Add the fraud prevention headers.
# See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
$rest->AddHeader("gov-client-connection-method","DESKTOP_APP_DIRECT");

# This should be generated by an application and persistently stored on the device. The identifier should not expire.
$rest->AddHeader("gov-client-device-id","beec798b-b366-47fa-b1f8-92cede14a1ce");

# See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
$rest->AddHeader("gov-client-user-ids","os=user123");

# Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
$rest->AddHeader("gov-client-local-ips","172.16.16.23");
# You'll need to find a way to get your MAC address.  Chilkat does not yet provide this ability...
$rest->AddHeader("gov-client-mac-addresses","7C%3AD3%3A0A%3A25%3ADA%3A1C");

$rest->AddHeader("gov-client-timezone","UTC+00:00");

# You can probably just hard-code these so they're always the same with each request.
$rest->AddHeader("gov-client-window-size","width=1256&height=800");
$rest->AddHeader("gov-client-screens","width=1920&height=1080&scaling-factor=1&colour-depth=16");
$rest->AddHeader("gov-client-user-agent","Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)");
$rest->AddHeader("gov-vendor-version","My%20Desktop%20Software=1.2.3.build4286");

$responseStr = $rest->fullRequestNoBody("GET","/test/fraud-prevention-headers/validate");
if ($rest->get_LastMethodSuccess() == 0) {
    print $rest->lastErrorText() . "\r\n";
    exit;
}

# If the status code is 200, then the fraud prevention headers were validated.
# The JSON response may include some warnings..
print "Response status code = " . $rest->get_ResponseStatusCode() . "\r\n";
print "Response JSON body: " . "\r\n";
print $responseStr . "\r\n";