Created
August 23, 2017 02:21
-
-
Save moneal/af2d988a770c3957df11e3360af62635 to your computer and use it in GitHub Desktop.
Postman pre-request script to create a Firebase authentication JWT header.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * This script expects the global variables 'refresh_token' and 'firebase_api_key' to be set. 'firebase_api_key' can be found | |
| * in the Firebase console under project settings then 'Web API Key'. | |
| * 'refresh_token' as to be gathered from watching the network requests to https://securetoken.googleapis.com/v1/token from | |
| * your Firebase app, look for the formdata values | |
| * | |
| * If all the data is found it makes a request to get a new token and sets a 'auth_jwt' environment variable and updates the | |
| * global 'refresh_token'. | |
| * | |
| * Requests that need authentication should have a header with a key of 'Authentication' and value of '{{auth_jwt}}' | |
| * | |
| * Currently the nested assertions silently fail, I don't know why. | |
| */ | |
| pm.expect(pm.globals.has('refresh_token')).to.be.true; | |
| pm.expect(pm.globals.has('firebase_api_key')).to.be.true; | |
| var sdk = require('postman-collection'), | |
| tokenRequest = new sdk.Request({ | |
| url: 'https://securetoken.googleapis.com/v1/token', | |
| method: 'POST', | |
| body: { | |
| mode: 'urlencoded', | |
| urlencoded: [{ | |
| type: 'text', | |
| key: 'key', | |
| value: pm.globals.get('firebase_api_key') | |
| }, | |
| { | |
| type: 'text', | |
| key: 'grant_type', | |
| value: 'refresh_token' | |
| }, | |
| { | |
| type: 'text', | |
| key: 'refresh_token', | |
| value: pm.globals.get('refresh_token') | |
| }, | |
| ] | |
| } | |
| }); | |
| pm.sendRequest(tokenRequest, function(err, response) { | |
| pm.test('request for access token was ok', function() { | |
| pm.expect(response).to.be.ok(); | |
| }); | |
| const json = response.json(); | |
| pm.expect(json).to.an('object'); | |
| pm.test('response json has needed properties', function() { | |
| pm.expect(json).to.have.own.property('access_token'); | |
| pm.expect(json).to.have.own.property('token_type'); | |
| pm.expect(json).to.have.own.property('refresh_token'); | |
| const accessToken = json.access_token; | |
| const tokenType = json.token_type; | |
| const refreshToken = json.refresh_token; | |
| pm.environment.set('auth_jwt', tokenType + ' ' + accessToken); | |
| pm.globals.set('refresh_token', refreshToken); | |
| }); | |
| }); |
thank you so much @moneal!
@rahulvyas copy and paste the script into Pre-Request Script of either your request or your whole collection. Thus the script will be run everytime you trigger the request and will provide you a valid jwt. Make sure to fix the test as suggested by @roboworski
You can also remove this piece tokenType + ' ' + of this line pm.environment.set('auth_jwt', tokenType + ' ' + accessToken);. You can then use {{auth_jwt}} as token of authorization method "bearer". This is especially helpful to inherit the authorization method to all requests within a collection.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
How we can import this in postman app ?