Last active
September 10, 2019 16:56
-
-
Save approovm/71481ac52119618bb04c76a73a4b3f46 to your computer and use it in GitHub Desktop.
Approov 2 Shapes API - Postman Collection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "info": { | |
| "_postman_id": "770bac2a-db1f-412a-870a-ea5328cdcebc", | |
| "name": "Approov 2 - Shapes API", | |
| "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" | |
| }, | |
| "item": [ | |
| { | |
| "name": "http://localhost", | |
| "item": [ | |
| { | |
| "name": "v0", | |
| "item": [ | |
| { | |
| "name": "/hello", | |
| "item": [ | |
| { | |
| "name": "/v0/hello - Public", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "http://localhost:8002/hello", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "hello" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/shapes", | |
| "item": [ | |
| { | |
| "name": "/v0//shapes - Unprotected by Approov", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "http://localhost:8002/shapes", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "v1", | |
| "item": [ | |
| { | |
| "name": "/hello", | |
| "item": [ | |
| { | |
| "name": "/v1/hello - Unprotected by Approov", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "http://localhost:8002/v1/hello", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v1", | |
| "hello" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/shapes", | |
| "item": [ | |
| { | |
| "name": "/v1/shapes - Unprotected by Approov", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "http://localhost:8002/v1/shapes", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v1", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/forms", | |
| "item": [ | |
| { | |
| "name": "/v1/forms - Unprotected by Approov", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Authorization", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", | |
| "type": "text" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v1/forms", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v1", | |
| "forms" | |
| ] | |
| }, | |
| "description": "The approov token contains a payload that is a base64 string of the sha256 hash for the oauth2-token.\n\nThis ties the approov token with the user authentication token, thus securing further the request." | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "v2", | |
| "item": [ | |
| { | |
| "name": "/hello", | |
| "item": [ | |
| { | |
| "name": "/v2/hello - Public", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/hello", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "hello" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/shapes", | |
| "item": [ | |
| { | |
| "name": "valid requests", | |
| "item": [ | |
| { | |
| "name": "/v2/shapes - Approov Token with valid signature and expire time", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjQ3MDg2ODMyMDUuODkxOTEyfQ.c8I4KNndbThAQ7zlgX4_QDtcxCrD9cff1elaCJe9p9U" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/shapes", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "invalid requests", | |
| "item": [ | |
| { | |
| "name": "/v2/shapes - Missing the Approov Token", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/shapes", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/shapes - Malformed Approov Token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "adasdasdsadasd" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/shapes", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/shapes - Expired Approov Token with valid signature", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NTUwODMzNDkuMzc3NzYyM30.XzZs_ItunAmisfTAuLLHqTytNnQqnwqh0Koh3PPKAoM" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/shapes", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/forms", | |
| "item": [ | |
| { | |
| "name": "valid requests", | |
| "item": [ | |
| { | |
| "name": "/v2/forms - Approov Token with payload that matches the Authorization token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NjQyNTU3ODEuNDE1NjI4LCJwYXkiOiJWUUZGUEpaNjgyYU90eFJNanowa3RDSG15V2VFRWVTTXZYaDF1RDhKM3ZrPSJ9.cyjuOQGH8jMWG-yKRw_1yFfqLjLfG0HELJnWrig-39E" | |
| }, | |
| { | |
| "key": "Authorization", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", | |
| "type": "text" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/forms", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| }, | |
| "description": "The approov token contains a payload that is a base64 string of the sha256 hash for the oauth2-token.\n\nThis ties the approov token with the user authentication token, thus securing further the request." | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/forms - Approov Token without the custom payload claim", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjQ3MDg2ODMyMDUuODkxOTEyfQ.c8I4KNndbThAQ7zlgX4_QDtcxCrD9cff1elaCJe9p9U" | |
| }, | |
| { | |
| "key": "Authorization", | |
| "type": "text", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/forms", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| }, | |
| "description": "We need to accept the request as valid even when a custom payload claim is normally used in the Approov Token but is not present. This can happen when the Approov token comes from the Approov failover running in the Google Cloud." | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "invalid requests", | |
| "item": [ | |
| { | |
| "name": "/v2/forms - Missing the Approov Token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Authorization", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", | |
| "type": "text" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/forms", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/forms - Malformed Approov Token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "adasdasdsadasd" | |
| }, | |
| { | |
| "key": "Authorization", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", | |
| "type": "text" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/forms", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/forms - Approov Token with custom payload claim not matching the Authorization token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjQ3MDg2ODM0NTcuNDg1Mzk1LCJwYXkiOiI1NjZ2UVdhV0dCZ3MrS0U4eXNqVFRQUXRncHVlK1hMTXF4OGVZb2JDckkwPSJ9.v9CxDagzviU6VcilyT7pC793FDzm_bjqG2sQqmmU5GE" | |
| }, | |
| { | |
| "key": "Authorization", | |
| "type": "text", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" | |
| } | |
| ], | |
| "url": { | |
| "raw": "http://localhost:8002/v2/forms", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002", | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/ - Home page", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "http://localhost:8002", | |
| "protocol": "http", | |
| "host": [ | |
| "localhost" | |
| ], | |
| "port": "8002" | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ] | |
| }, | |
| { | |
| "name": "http://shapes.approov.io", | |
| "item": [ | |
| { | |
| "name": "v0", | |
| "item": [ | |
| { | |
| "name": "/hello", | |
| "item": [ | |
| { | |
| "name": "/v0/hello - Public", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "https://shapes.approov.io/hello", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "hello" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/shapes", | |
| "item": [ | |
| { | |
| "name": "/v0//shapes - Unprotected by Approov", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "https://shapes.approov.io/shapes", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "v1", | |
| "item": [ | |
| { | |
| "name": "/hello", | |
| "item": [ | |
| { | |
| "name": "/v1/hello - Unprotected by Approov", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v1/hello", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v1", | |
| "hello" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/shapes", | |
| "item": [ | |
| { | |
| "name": "/v1/shapes - Unprotected by Approov", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v1/shapes", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v1", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/forms", | |
| "item": [ | |
| { | |
| "name": "/v1/forms - Unprotected by Approov", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Authorization", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", | |
| "type": "text" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v1/forms", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v1", | |
| "forms" | |
| ] | |
| }, | |
| "description": "The approov token contains a payload that is a base64 string of the sha256 hash for the oauth2-token.\n\nThis ties the approov token with the user authentication token, thus securing further the request." | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "v2", | |
| "item": [ | |
| { | |
| "name": "/hello", | |
| "item": [ | |
| { | |
| "name": "/v2//hello - Public", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/hello", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "hello" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/shapes", | |
| "item": [ | |
| { | |
| "name": "valid requests", | |
| "item": [ | |
| { | |
| "name": "/v2/shapes - Approov Token with valid signature and expire time", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjQ3MDg2ODMyMDUuODkxOTEyfQ.c8I4KNndbThAQ7zlgX4_QDtcxCrD9cff1elaCJe9p9U" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/shapes", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "invalid requests", | |
| "item": [ | |
| { | |
| "name": "/v2/shapes - Missing the Approov Token", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/shapes", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/shapes - Malformed Approov Token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "adasdasdsadasd" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/shapes", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/shapes - Expired Approov Token with valid signature", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NTUwODMzNDkuMzc3NzYyM30.XzZs_ItunAmisfTAuLLHqTytNnQqnwqh0Koh3PPKAoM" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/shapes", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "shapes" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/forms", | |
| "item": [ | |
| { | |
| "name": "valid requests", | |
| "item": [ | |
| { | |
| "name": "/v2/forms - Approov Token with payload that matches the Authorization token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjQ3MDg2ODMzNTUuMjI3NDE1LCJwYXkiOiJmM1UyZm5pQkpWRTA0VGRlY2owZDZvclY5cVQ5dDUyVGpmSHhkVXFEQmdZPSJ9.pphJoK8IlN2fdX0s47UtV4LKgDbnPMlRGRHOgQnYeXU" | |
| }, | |
| { | |
| "key": "Authorization", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", | |
| "type": "text" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/forms", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| }, | |
| "description": "The approov token contains a payload that is a base64 string of the sha256 hash for the oauth2-token.\n\nThis ties the approov token with the user authentication token, thus securing further the request." | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/forms - Approov Token without the custom payload claim", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjQ3MDg2ODMyMDUuODkxOTEyfQ.c8I4KNndbThAQ7zlgX4_QDtcxCrD9cff1elaCJe9p9U" | |
| }, | |
| { | |
| "key": "Authorization", | |
| "type": "text", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/forms", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| }, | |
| "description": "We need to accept the request as valid even when a custom payload claim is normally used in the Approov Token but is not present. This can happen when the Approov token comes from the Approov failover running in the Google Cloud." | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "invalid requests", | |
| "item": [ | |
| { | |
| "name": "/v2/forms - Missing the Approov Token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Authorization", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", | |
| "type": "text" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/forms", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/forms - Malformed Approov Token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "adasdasdsadasd" | |
| }, | |
| { | |
| "key": "Authorization", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", | |
| "type": "text" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/forms", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| }, | |
| { | |
| "name": "/v2/forms - Approov Token with custom payload claim not matching the Authorization token", | |
| "request": { | |
| "method": "GET", | |
| "header": [ | |
| { | |
| "key": "Approov-Token", | |
| "type": "text", | |
| "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjQ3MDg2ODM0NTcuNDg1Mzk1LCJwYXkiOiI1NjZ2UVdhV0dCZ3MrS0U4eXNqVFRQUXRncHVlK1hMTXF4OGVZb2JDckkwPSJ9.v9CxDagzviU6VcilyT7pC793FDzm_bjqG2sQqmmU5GE" | |
| }, | |
| { | |
| "key": "Authorization", | |
| "type": "text", | |
| "value": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" | |
| } | |
| ], | |
| "url": { | |
| "raw": "https://shapes.approov.io/v2/forms", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ], | |
| "path": [ | |
| "v2", | |
| "forms" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "event": [ | |
| { | |
| "listen": "prerequest", | |
| "script": { | |
| "id": "8214c06f-a36f-40be-8a52-213a03bec995", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| }, | |
| { | |
| "listen": "test", | |
| "script": { | |
| "id": "ccc2a488-8afd-48ef-a2fd-cce54374c647", | |
| "type": "text/javascript", | |
| "exec": [ | |
| "" | |
| ] | |
| } | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| } | |
| ], | |
| "_postman_isSubFolder": true | |
| }, | |
| { | |
| "name": "/ - Home page", | |
| "request": { | |
| "method": "GET", | |
| "header": [], | |
| "url": { | |
| "raw": "https://shapes.approov.io", | |
| "protocol": "https", | |
| "host": [ | |
| "shapes", | |
| "approov", | |
| "io" | |
| ] | |
| } | |
| }, | |
| "response": [] | |
| } | |
| ] | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment