Skip to content

Instantly share code, notes, and snippets.

@springcomp

springcomp/postman.js

Created July 19, 2023 07:38
Show Gist options
  • Save springcomp/cfa7e783423b65603146be8faa4bcacb to your computer and use it in GitHub Desktop.
Save springcomp/cfa7e783423b65603146be8faa4bcacb to your computer and use it in GitHub Desktop.
Download ZIP
Postman Sign JWT Token
Raw
postman.js
// https://credentials.workday.com/docs/authentication/
// create JWT header
var alg = postman.getEnvironmentVariable('algorithm');
var jwtHeader = postman.getEnvironmentVariable('jwt-header');
var headerData = JSON.parse(jwtHeader);
headerData.alg = alg;
jwtHeader = JSON.stringify(headerData);
// create JWT claims
var utcNow = new Date();
var early = new Date(utcNow.getTime() - (1 * 60 * 1000));
var oneHour = new Date(utcNow.getTime() + (1 * 60 * 60 * 1000));
var fiveMinutes = new Date(utcNow.getTime() + (5 * 60 * 1000));
var iat = Math.round(utcNow.getTime() / 1000);
var exp = Math.round(fiveMinutes.getTime() / 1000);
var nbf = Math.round(early.getTime() / 1000);
var jsonClaims = postman.getEnvironmentVariable('jwt-claims');
var jsonData = JSON.parse(jsonClaims);
jsonData.email = postman.getEnvironmentVariable('email');
jsonData.nbf = nbf;
jsonData.exp = exp;
jsonData.iat = iat;
var jwtClaims = JSON.stringify(jsonData);
// sign the token
console.log(jwtHeader);
console.log(jwtClaims);
var bwtHeader = btoa(jwtHeader).split('=').join('');
var bwtClaims = btoa(jwtClaims).split('=').join('');
var message = `${bwtHeader}.${bwtClaims}`;
console.log(message);
var secret = postman.getEnvironmentVariable("PRIVATE_KEY");
var hashed = this.CryptoJS.HmacSHA256(message, secret);
var signature = hashed.toString(this.CryptoJS.enc.Base64).split('=').join('');
const jwt = `${message}.${signature}`
console.log(jwt);
postman.setEnvironmentVariable('jwt-token', jwt);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment