Created
August 16, 2021 22:31
-
-
Save phpfour/24f65e284e5943a079b2917e5b2065b7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Source: https://www.example-code.com/phpExt/hmrc_fraud_prevention_headers.asp | |
// The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number. | |
// For example, if using Chilkat v9.5.0.48, then include as shown here: | |
include("chilkat_9_5_0.php"); | |
// This example requires the Chilkat API to have been previously unlocked. | |
// See Global Unlock Sample for sample code. | |
$rest = new CkRest(); | |
$success = $rest->Connect('test-api.service.hmrc.gov.uk',443,true,true); | |
if ($success == false) { | |
print $rest->lastErrorText() . "\n"; | |
exit; | |
} | |
// Load the previously fetched access token. | |
$json = new CkJsonObject(); | |
$success = $json->LoadFile('qa_data/tokens/hmrc.json'); | |
$accessToken = $json->stringOf('access_token'); | |
print 'Using access toke: ' . $accessToken . "\n"; | |
$sbAuthHeaderValue = new CkStringBuilder(); | |
$sbAuthHeaderValue->Append('Bearer '); | |
$sbAuthHeaderValue->Append($accessToken); | |
$rest->AddHeader('Accept','application/vnd.hmrc.1.0+json'); | |
$rest->AddHeader('Authorization',$sbAuthHeaderValue->getAsString()); | |
// Add the fraud prevention headers. | |
// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention | |
$rest->AddHeader('gov-client-connection-method','DESKTOP_APP_DIRECT'); | |
// This should be generated by an application and persistently stored on the device. The identifier should not expire. | |
$rest->AddHeader('gov-client-device-id','beec798b-b366-47fa-b1f8-92cede14a1ce'); | |
// See https://developer.service.hmrc.gov.uk/api-documentation/docs/fraud-prevention | |
$rest->AddHeader('gov-client-user-ids','os=user123'); | |
// Your local IP addresses (comma separated), such as addresses beginning with "192.168." or "172.16." | |
$rest->AddHeader('gov-client-local-ips','172.16.16.23'); | |
// You'll need to find a way to get your MAC address. Chilkat does not yet provide this ability... | |
$rest->AddHeader('gov-client-mac-addresses','7C%3AD3%3A0A%3A25%3ADA%3A1C'); | |
$rest->AddHeader('gov-client-timezone','UTC+00:00'); | |
// You can probably just hard-code these so they're always the same with each request. | |
$rest->AddHeader('gov-client-window-size','width=1256&height=800'); | |
$rest->AddHeader('gov-client-screens','width=1920&height=1080&scaling-factor=1&colour-depth=16'); | |
$rest->AddHeader('gov-client-user-agent','Windows/Server%202012 (Dell%20Inc./OptiPlex%20980)'); | |
$rest->AddHeader('gov-vendor-version','My%20Desktop%20Software=1.2.3.build4286'); | |
$responseStr = $rest->fullRequestNoBody('GET','/test/fraud-prevention-headers/validate'); | |
if ($rest->get_LastMethodSuccess() == false) { | |
print $rest->lastErrorText() . "\n"; | |
exit; | |
} | |
// If the status code is 200, then the fraud prevention headers were validated. | |
// The JSON response may include some warnings.. | |
print 'Response status code = ' . $rest->get_ResponseStatusCode() . "\n"; | |
print 'Response JSON body: ' . "\n"; | |
print $responseStr . "\n"; | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment