import java.nio.charset.StandardCharsets; | |
import java.security.SignatureException; | |
import java.security.spec.EncodedKeySpec; | |
import com.eviware.soapui.support.types.StringToStringMap; | |
import javax.crypto.Mac; | |
import javax.crypto.spec.SecretKeySpec; | |
import java.io.UnsupportedEncodingException; | |
import java.security.MessageDigest; | |
import javax.xml.bind.DatatypeConverter; | |
import java.sql.Date.*; | |
log.info "============================="; | |
// CHANGE THESE | |
//==================================================================== | |
String apiUsername = "someApiUser"; | |
String mySiteUsername = "readyAPI@nowhere.co.nz"; | |
String secret = "my special secret"; | |
//==================================================================== | |
// DON'T CHANGE BELOW HERE | |
//==================================================================== | |
// set up some header names we will add to the request | |
String AUTH_HEADER_NAME = "X-mySite-Authorization"; | |
String TIMESTAMP_HEADER_NAME = "X-mySite-Timestamp"; | |
SecretKeySpec signingKey = new SecretKeySpec(secret.getBytes("UTF-8"), "HmacSHA1"); | |
String timestamp = new Date().format("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'", TimeZone.getTimeZone("UTC")); | |
log.info "TimeZone.getTimeZone(UTC); " + TimeZone.getTimeZone("UTC").toString(); | |
String requestResource = context.httpMethod.getURI(); | |
String requestMethod = request.method; | |
// This is how you get access to the request content! | |
String requestContent = context.expand(request.requestContent); | |
log.info 'requestContent: ' + requestContent; | |
// AWS hashing algo start here | |
byte[] b = requestContent.getBytes("US-ASCII"); | |
log.info b.toString(); | |
String signature=""; | |
String bodyDigest = ""; | |
try { | |
// Generate a body digest if there is content in the request | |
if (requestContent != null && requestContent.length() != 0){ | |
MessageDigest md = MessageDigest.getInstance("SHA-256"); | |
md.update(requestContent.getBytes("UTF-8")); | |
byte[] digest = md.digest(); | |
bodyDigest = DatatypeConverter.printBase64Binary(digest); | |
} | |
// Create a concatenated message string to sign | |
String message = new StringBuilder().append(requestMethod).append(requestResource).append(timestamp).append(bodyDigest).toString(); | |
log.info "Message: " + message; | |
// Get an instance of an HmacSHA256 hash and hash the message use the signing key | |
Mac mac = Mac.getInstance("HmacSHA1"); | |
mac.init(signingKey); | |
byte [] signatureBytes = mac.doFinal(message.getBytes(StandardCharsets.UTF_8)); | |
signature = DatatypeConverter.printBase64Binary(signatureBytes); | |
} catch (Exception e) { | |
throw new SignatureException("Failed to generate HMAC : " + e.getMessage()); | |
} | |
//log all the things for debug! | |
log.info "requestMethod: " + requestMethod; | |
log.info "requestResource: " + requestResource; | |
log.info "timestamp: " + timestamp; | |
log.info "requestContent: >" + requestContent + "<"; | |
log.info "apiUsername: " + apiUsername; | |
log.info "secretKey: " + secret; | |
log.info "============================="; | |
log.info "===== HEADERS ======="; | |
log.info "============================="; | |
log.info TIMESTAMP_HEADER_NAME + ": "+ timestamp; | |
log.info AUTH_HEADER_NAME + ": "+ apiUsername + ":"+signature; | |
log.info "============================="; | |
// Write out all the headers to the request context | |
// and add them to the test step | |
def headers = new StringToStringMap(); | |
headers.put(AUTH_HEADER_NAME,apiUsername + ":"+signature); | |
headers.put(TIMESTAMP_HEADER_NAME,timestamp); | |
request.setRequestHeaders(headers); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment