Last active
October 23, 2022 19:45
-
-
Save MavoCz/b4823735423c2ff251fbc46b74b4d5eb to your computer and use it in GitHub Desktop.
Postman JWT token generator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var removeIllegalCharacters = function (input) { | |
console.info(input); | |
return input | |
.replace(/=/g, '') | |
.replace(/\+/g, '-') | |
.replace(/\//g, '_'); | |
}; | |
var base64object = function (input) { | |
var inputWords = CryptoJS.enc.Utf8.parse(JSON.stringify(input)); | |
var base64 = CryptoJS.enc.Base64.stringify(inputWords); | |
var output = removeIllegalCharacters(base64); | |
return output; | |
}; | |
var header = { | |
"alg": "HS256" | |
}; | |
var currentTime = new Date(); | |
var issuedAtTimeSeconds = currentTime / 1000; // iat | |
var expirationTimeSeconds = currentTime / 1000 + 3600; // exp | |
var payload = { | |
"sub": "test@test.com", | |
"aud": "server.test.com", | |
"exp": expirationTimeSeconds, | |
"iat": issuedAtTimeSeconds, | |
"iss": "server.test.com", | |
"subtype": "user", | |
"isAdmin": false, | |
"userId": "xxxxxxx-xxxxxx" | |
}; | |
var SECRET_KEY = 'yourverysecretkey'; | |
var unsignedToken = base64object(header) + "." + base64object(payload); | |
var signatureHash = CryptoJS.HmacSHA256(unsignedToken, SECRET_KEY); | |
var signature = CryptoJS.enc.Base64.stringify(signatureHash); | |
var token = unsignedToken + '.' + signature; | |
var formattedToken = removeIllegalCharacters(token); | |
pm.environment.set('jwt', formattedToken); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment