Created
June 19, 2019 21:16
-
-
Save logbon72/45f7524fb051502c8a468170512a404c to your computer and use it in GitHub Desktop.
Kong Hmac Postman Pre-Test Script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Use Postman 7.2+ | |
| const cryptojs = require('crypto-js'); | |
| const Header = require('postman-collection').Header; | |
| const moment = require('moment'); | |
| //values related to creds | |
| const secretKey = 'secret'; | |
| const username ='username'; | |
| let bodyDigest = cryptojs.SHA256(pm.request.method === 'GET' ? "" : pm.request.body.raw).toString(cryptojs.enc.Base64) | |
| let digestHeaderValue = `SHA-256=${bodyDigest}`; | |
| let dateHeaderValue = moment().utcOffset('+0000').format('ddd, DD MMM YYYY HH:mm:ss G\\MT'); | |
| pm.request.headers.append(new Header({ | |
| key: 'Digest', | |
| value: digestHeaderValue | |
| })); | |
| pm.request.headers.append(new Header({ | |
| key: 'Date', | |
| value: dateHeaderValue | |
| })); | |
| let requestLine = `${pm.request.method} ${pm.request.url.getPathWithQuery()} HTTP/1.1` | |
| let signingString = [ | |
| `date: ${dateHeaderValue}`, | |
| `digest: ${digestHeaderValue}`, | |
| `host: ${pm.request.url.getHost()}`, | |
| requestLine | |
| ].join('\n'); | |
| //can remove | |
| console.log('Plain String: '+ signingString) | |
| let signature = cryptojs.HmacSHA256(signingString, secretKey).toString(cryptojs.enc.Base64); | |
| let hmacAuth = `hmac username="${username}", algorithm="hmac-sha256", headers="date digest host request-line", signature="${signature}"` | |
| console.log('Hmac sign: '+ hmacAuth); | |
| pm.request.headers.append(new Header({ | |
| key: 'Authorization', | |
| value: hmacAuth | |
| })); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment