| import java.nio.charset.StandardCharsets; | |
| import java.security.SignatureException; | |
| import java.security.spec.EncodedKeySpec; | |
| import com.eviware.soapui.support.types.StringToStringMap; | |
| import javax.crypto.Mac; | |
| import javax.crypto.spec.SecretKeySpec; | |
| import java.io.UnsupportedEncodingException; | |
| import java.security.MessageDigest; | |
| import javax.xml.bind.DatatypeConverter; | |
| import java.sql.Date.*; | |
| log.info "============================="; | |
| // CHANGE THESE | |
| //==================================================================== | |
| String apiUsername = "someApiUser"; | |
| String mySiteUsername = "readyAPI@nowhere.co.nz"; | |
| String secret = "my special secret"; | |
| //==================================================================== | |
| // DON'T CHANGE BELOW HERE | |
| //==================================================================== | |
| // set up some header names we will add to the request | |
| String AUTH_HEADER_NAME = "X-mySite-Authorization"; | |
| String TIMESTAMP_HEADER_NAME = "X-mySite-Timestamp"; | |
| SecretKeySpec signingKey = new SecretKeySpec(secret.getBytes("UTF-8"), "HmacSHA1"); | |
| String timestamp = new Date().format("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'", TimeZone.getTimeZone("UTC")); | |
| log.info "TimeZone.getTimeZone(UTC); " + TimeZone.getTimeZone("UTC").toString(); | |
| String requestResource = context.httpMethod.getURI(); | |
| String requestMethod = request.method; | |
| // This is how you get access to the request content! | |
| String requestContent = context.expand(request.requestContent); | |
| log.info 'requestContent: ' + requestContent; | |
| // AWS hashing algo start here | |
| byte[] b = requestContent.getBytes("US-ASCII"); | |
| log.info b.toString(); | |
| String signature=""; | |
| String bodyDigest = ""; | |
| try { | |
| // Generate a body digest if there is content in the request | |
| if (requestContent != null && requestContent.length() != 0){ | |
| MessageDigest md = MessageDigest.getInstance("SHA-256"); | |
| md.update(requestContent.getBytes("UTF-8")); | |
| byte[] digest = md.digest(); | |
| bodyDigest = DatatypeConverter.printBase64Binary(digest); | |
| } | |
| // Create a concatenated message string to sign | |
| String message = new StringBuilder().append(requestMethod).append(requestResource).append(timestamp).append(bodyDigest).toString(); | |
| log.info "Message: " + message; | |
| // Get an instance of an HmacSHA256 hash and hash the message use the signing key | |
| Mac mac = Mac.getInstance("HmacSHA1"); | |
| mac.init(signingKey); | |
| byte [] signatureBytes = mac.doFinal(message.getBytes(StandardCharsets.UTF_8)); | |
| signature = DatatypeConverter.printBase64Binary(signatureBytes); | |
| } catch (Exception e) { | |
| throw new SignatureException("Failed to generate HMAC : " + e.getMessage()); | |
| } | |
| //log all the things for debug! | |
| log.info "requestMethod: " + requestMethod; | |
| log.info "requestResource: " + requestResource; | |
| log.info "timestamp: " + timestamp; | |
| log.info "requestContent: >" + requestContent + "<"; | |
| log.info "apiUsername: " + apiUsername; | |
| log.info "secretKey: " + secret; | |
| log.info "============================="; | |
| log.info "===== HEADERS ======="; | |
| log.info "============================="; | |
| log.info TIMESTAMP_HEADER_NAME + ": "+ timestamp; | |
| log.info AUTH_HEADER_NAME + ": "+ apiUsername + ":"+signature; | |
| log.info "============================="; | |
| // Write out all the headers to the request context | |
| // and add them to the test step | |
| def headers = new StringToStringMap(); | |
| headers.put(AUTH_HEADER_NAME,apiUsername + ":"+signature); | |
| headers.put(TIMESTAMP_HEADER_NAME,timestamp); | |
| request.setRequestHeaders(headers); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment