-
-
Save thirtified/0c5d645f63549208a8c97593affa358e to your computer and use it in GitHub Desktop.
JWT tokenize - Postman Pre-Request Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function base64url(source) { | |
| // Encode in classical base64 | |
| encodedSource = CryptoJS.enc.Base64.stringify(source); | |
| // Remove padding equal characters | |
| encodedSource = encodedSource.replace(/=+$/, ''); | |
| // Replace characters according to base64url specifications | |
| encodedSource = encodedSource.replace(/\+/g, '-'); | |
| encodedSource = encodedSource.replace(/\//g, '_'); | |
| return encodedSource; | |
| } | |
| function addIAT(request) { | |
| var iat = Math.floor(Date.now() / 1000) + 257; | |
| data.iat = iat; | |
| return data; | |
| } | |
| var header = { | |
| "typ": "JWT", | |
| "alg": "HS256" | |
| }; | |
| var data = { | |
| "fname": "name", | |
| "lname": "name", | |
| "email": "email@domain.com", | |
| "password": "abc123$" | |
| }; | |
| data = addIAT(data); | |
| var secret = 'myjwtsecret'; | |
| // encode header | |
| var stringifiedHeader = CryptoJS.enc.Utf8.parse(JSON.stringify(header)); | |
| var encodedHeader = base64url(stringifiedHeader); | |
| // encode data | |
| var stringifiedData = CryptoJS.enc.Utf8.parse(JSON.stringify(data)); | |
| var encodedData = base64url(stringifiedData); | |
| // build token | |
| var token = encodedHeader + "." + encodedData; | |
| // sign token | |
| var signature = CryptoJS.HmacSHA256(token, secret); | |
| signature = base64url(signature); | |
| var signedToken = token + "." + signature; | |
| postman.setEnvironmentVariable("payload", signedToken); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment