Sample code for 30+ languages & platforms
PowerBuilder

HMRC Validate Fraud Prevention Headers

See more HTTP Misc Examples

Demonstrates how to test (validate) HMRC fraud prevention headers.

Chilkat PowerBuilder Downloads

PowerBuilder
integer li_rc
integer li_Success
oleobject loo_Rest
oleobject loo_Json
string ls_AccessToken
oleobject loo_SbAuthHeaderValue
string ls_ResponseStr

li_Success = 0

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

loo_Rest = create oleobject
li_rc = loo_Rest.ConnectToNewObject("Chilkat.Rest")
if li_rc < 0 then
    destroy loo_Rest
    MessageBox("Error","Connecting to COM object failed")
    return
end if

li_Success = loo_Rest.Connect("test-api.service.hmrc.gov.uk",443,1,1)
if li_Success = 0 then
    Write-Debug loo_Rest.LastErrorText
    destroy loo_Rest
    return
end if

// Load the previously fetched access token.
loo_Json = create oleobject
li_rc = loo_Json.ConnectToNewObject("Chilkat.JsonObject")

li_Success = loo_Json.LoadFile("qa_data/tokens/hmrc.json")
ls_AccessToken = loo_Json.StringOf("access_token")
Write-Debug "Using access toke: " + ls_AccessToken

loo_SbAuthHeaderValue = create oleobject
li_rc = loo_SbAuthHeaderValue.ConnectToNewObject("Chilkat.StringBuilder")

loo_SbAuthHeaderValue.Append("Bearer ")
loo_SbAuthHeaderValue.Append(ls_AccessToken)

loo_Rest.AddHeader("Accept","application/vnd.hmrc.1.0+json")
loo_Rest.AddHeader("Authorization",loo_SbAuthHeaderValue.GetAsString())

// Add the fraud prevention headers.
// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
loo_Rest.AddHeader("gov-client-connection-method","DESKTOP_APP_DIRECT")

// This should be generated by an application and persistently stored on the device. The identifier should not expire.
loo_Rest.AddHeader("gov-client-device-id","beec798b-b366-47fa-b1f8-92cede14a1ce")

// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention
loo_Rest.AddHeader("gov-client-user-ids","os=user123")

// Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16."
loo_Rest.AddHeader("gov-client-local-ips","172.16.16.23")
// You'll need to find a way to get your MAC address.  Chilkat does not yet provide this ability...
loo_Rest.AddHeader("gov-client-mac-addresses","7C%3AD3%3A0A%3A25%3ADA%3A1C")

loo_Rest.AddHeader("gov-client-timezone","UTC+00:00")

// You can probably just hard-code these so they're always the same with each request.
loo_Rest.AddHeader("gov-client-window-size","width=1256&height=800")
loo_Rest.AddHeader("gov-client-screens","width=1920&height=1080&scaling-factor=1&colour-depth=16")
loo_Rest.AddHeader("gov-client-user-agent","Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)")
loo_Rest.AddHeader("gov-vendor-version","My%20Desktop%20Software=1.2.3.build4286")

ls_ResponseStr = loo_Rest.FullRequestNoBody("GET","/test/fraud-prevention-headers/validate")
if loo_Rest.LastMethodSuccess = 0 then
    Write-Debug loo_Rest.LastErrorText
    destroy loo_Rest
    destroy loo_Json
    destroy loo_SbAuthHeaderValue
    return
end if

// If the status code is 200, then the fraud prevention headers were validated.
// The JSON response may include some warnings..
Write-Debug "Response status code = " + string(loo_Rest.ResponseStatusCode)
Write-Debug "Response JSON body: "
Write-Debug ls_ResponseStr


destroy loo_Rest
destroy loo_Json
destroy loo_SbAuthHeaderValue