Created
January 19, 2021 08:53
-
-
Save harinduravin/8bf42b63f6c6c07fa72870606e19467c to your computer and use it in GitHub Desktop.
Pre request script for access token
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Sketchy loading of the jsrsasign library into Postman Sandbox | |
var navigator = {}; //fake a navigator object for the lib | |
var window = {}; //fake a window object for the lib | |
eval(pm.globals.get("jsrsasign-js")); //import javascript jsrsasign | |
var currentTime = +new Date(); // the current time in milliseconds | |
var issuedAtTimeSeconds = currentTime/1000; | |
var expirationTimeSeconds = currentTime/1000 + 7200; | |
// Generate random string for "jti" claim - needed if client has Replay Prevention enabled | |
var newJti=""; | |
var charset = "abcdefghijklmnopqrstuvwxyz0123456789"; | |
for( var i=0; i < 12; i++ ) { | |
newJti += charset.charAt(Math.floor(Math.random() * charset.length)); | |
} | |
pm.variables.set("jti", newJti); | |
// Create Header and Payload objects | |
var header = { | |
"kid": "DwMKdWMmj7PWinvoqfQyXVzyZ6Q", | |
"alg": "PS256" | |
}; | |
var payload = { | |
"iss": pm.environment.get("Client_ID"), | |
"aud": "https://localhost:8243/token", | |
"sub": pm.environment.get("Client_ID"), | |
"jti": pm.variables.get("jti"), | |
"exp" : Math.ceil(expirationTimeSeconds), | |
"iat" : Math.ceil(issuedAtTimeSeconds) | |
}; | |
// Prep the objects for a JWT | |
var sHeader = JSON.stringify(header); | |
var sPayload = JSON.stringify(payload); | |
var prvKey = pm.globals.get("private_key"); | |
var sJWT = KJUR.jws.JWS.sign(header.alg, sHeader, sPayload, prvKey); | |
pm.environment.set("Client_Assertion", sJWT); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment