Instantly share code, notes, and snippets.

Embed
What would you like to do?
import java.nio.charset.StandardCharsets;
import java.security.SignatureException;
import java.security.spec.EncodedKeySpec;
import com.eviware.soapui.support.types.StringToStringMap;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import javax.xml.bind.DatatypeConverter;
import java.sql.Date.*;
log.info "=============================";
// CHANGE THESE
//====================================================================
String apiUsername = "someApiUser";
String mySiteUsername = "readyAPI@nowhere.co.nz";
String secret = "my special secret";
//====================================================================
// DON'T CHANGE BELOW HERE
//====================================================================
// set up some header names we will add to the request
String AUTH_HEADER_NAME = "X-mySite-Authorization";
String TIMESTAMP_HEADER_NAME = "X-mySite-Timestamp";
SecretKeySpec signingKey = new SecretKeySpec(secret.getBytes("UTF-8"), "HmacSHA1");
String timestamp = new Date().format("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'", TimeZone.getTimeZone("UTC"));
log.info "TimeZone.getTimeZone(UTC); " + TimeZone.getTimeZone("UTC").toString();
String requestResource = context.httpMethod.getURI();
String requestMethod = request.method;
// This is how you get access to the request content!
String requestContent = context.expand(request.requestContent);
log.info 'requestContent: ' + requestContent;
// AWS hashing algo start here
byte[] b = requestContent.getBytes("US-ASCII");
log.info b.toString();
String signature="";
String bodyDigest = "";
try {
// Generate a body digest if there is content in the request
if (requestContent != null && requestContent.length() != 0){
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(requestContent.getBytes("UTF-8"));
byte[] digest = md.digest();
bodyDigest = DatatypeConverter.printBase64Binary(digest);
}
// Create a concatenated message string to sign
String message = new StringBuilder().append(requestMethod).append(requestResource).append(timestamp).append(bodyDigest).toString();
log.info "Message: " + message;
// Get an instance of an HmacSHA256 hash and hash the message use the signing key
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(signingKey);
byte [] signatureBytes = mac.doFinal(message.getBytes(StandardCharsets.UTF_8));
signature = DatatypeConverter.printBase64Binary(signatureBytes);
} catch (Exception e) {
throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
}
//log all the things for debug!
log.info "requestMethod: " + requestMethod;
log.info "requestResource: " + requestResource;
log.info "timestamp: " + timestamp;
log.info "requestContent: >" + requestContent + "<";
log.info "apiUsername: " + apiUsername;
log.info "secretKey: " + secret;
log.info "=============================";
log.info "===== HEADERS =======";
log.info "=============================";
log.info TIMESTAMP_HEADER_NAME + ": "+ timestamp;
log.info AUTH_HEADER_NAME + ": "+ apiUsername + ":"+signature;
log.info "=============================";
// Write out all the headers to the request context
// and add them to the test step
def headers = new StringToStringMap();
headers.put(AUTH_HEADER_NAME,apiUsername + ":"+signature);
headers.put(TIMESTAMP_HEADER_NAME,timestamp);
request.setRequestHeaders(headers);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment