Last active
July 31, 2019 10:28
-
-
Save constanzaccg/f0f1a73a16ca694f611ac32229f91fd3 to your computer and use it in GitHub Desktop.
Postman - Pre-request Script with JWT (JsonWebToken)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function base64url(source) { | |
// Encode in classical base64 | |
encodedSource = CryptoJS.enc.Base64.stringify(source); | |
// Remove padding equal characters | |
encodedSource = encodedSource.replace(/=+$/, ''); | |
// Replace characters according to base64url specifications | |
encodedSource = encodedSource.replace(/\+/g, '-'); | |
encodedSource = encodedSource.replace(/\//g, '_'); | |
return encodedSource; | |
} | |
function addIAT(request) { | |
var iat = Math.floor(Date.now() / 1000) + 257; | |
data.iat = iat; | |
return data; | |
} | |
let actualDate = new Date().getTime(); | |
let expauth = new Date(actualDate + 10*60000)/1000; | |
let user = "TO_DO"; | |
let pass = "TO_DO"; | |
let appkey = "TO_DO"; | |
let secret_key = "TO_DO"; | |
let url = "TO_DO"; | |
var header = { | |
"typ": "JWT", | |
"alg": "HS256" | |
}; | |
var data = { | |
"exp": expauth, | |
"user": user, | |
"pass": pass, | |
"appkey": appkey | |
}; | |
// data = addIAT(data); | |
var secret = secret_key; | |
// encode header | |
var stringifiedHeader = CryptoJS.enc.Utf8.parse(JSON.stringify(header)); | |
var encodedHeader = base64url(stringifiedHeader); | |
// encode data | |
var stringifiedData = CryptoJS.enc.Utf8.parse(JSON.stringify(data)); | |
var encodedData = base64url(stringifiedData); | |
// build token | |
var token = encodedHeader + "." + encodedData; | |
// sign token | |
var signature = CryptoJS.HmacSHA256(token, secret); | |
signature = base64url(signature); | |
var signedToken = token + "." + signature; | |
console.log(signedToken); | |
let login_request = { | |
method: 'GET', | |
url: url, | |
header: { | |
'Content-Type': 'application/json', | |
'Authorization': 'Bearer ' + signedToken | |
} | |
} | |
pm.sendRequest(login_request, function (err, response) { | |
const auth = response.headers.find(it => it.key == 'Authorization') | |
if(auth){ | |
pm.environment.set("token", auth.value.replace("Bearer ", "")); | |
} | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
fabuloso🦘🦘