Created
March 18, 2025 14:47
-
-
Save thepatrickniyo/ab249acff9caa13d7087b7ec29ebdaa6 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Postman Test Script for Automatic Token Decryption | |
| // Add this script to the "Tests" tab in your Postman request | |
| // Configuration - Change this to match your secret key | |
| const secretKey = "SECRET_KEY"; | |
| // Parse the response body | |
| const responseBody = pm.response.json(); | |
| let decryptedData = null; | |
| // Check if the response contains a token | |
| if (responseBody && responseBody.data) { | |
| const encryptedToken = responseBody.data; | |
| // Derive a 128-bit key from the secret key string using SHA-256 | |
| function getSecretKeyFromString(keyStr) { | |
| const hash = CryptoJS.SHA256(keyStr).toString(CryptoJS.enc.Hex); | |
| // Take the first 32 hex digits (16 bytes) for AES-128 | |
| return CryptoJS.enc.Hex.parse(hash.substring(0, 32)); | |
| } | |
| // Decrypt function matching the React component implementation | |
| function decrypt(cipherText) { | |
| try { | |
| // Generate the proper key from the input string | |
| const processedKey = getSecretKeyFromString(secretKey); | |
| // Decrypt using the same parameters as the original code | |
| const decrypted = CryptoJS.AES.decrypt( | |
| cipherText.trim(), | |
| processedKey, | |
| { | |
| mode: CryptoJS.mode.ECB, | |
| padding: CryptoJS.pad.Pkcs7, | |
| } | |
| ); | |
| const decryptedStr = decrypted.toString(CryptoJS.enc.Utf8); | |
| if (!decryptedStr) { | |
| throw new Error("Decryption resulted in empty string"); | |
| } | |
| return decryptedStr; | |
| } catch (error) { | |
| console.error("Decryption error:", error); | |
| throw error; | |
| } | |
| } | |
| try { | |
| // Decrypt the token | |
| decryptedData = decrypt(encryptedToken); | |
| // Store the decrypted data in Postman variables | |
| pm.variables.set("decryptedToken", decryptedData); | |
| // Try to parse as JSON | |
| try { | |
| const jsonData = JSON.parse(decryptedData); | |
| pm.variables.set("decryptedTokenJSON", JSON.stringify(jsonData, null, 2)); | |
| } catch (e) { | |
| // Not valid JSON, just use the string version | |
| } | |
| } catch (error) { | |
| console.error("Failed to decrypt token:", error); | |
| } | |
| } | |
| // Create a visualization of the decrypted data | |
| const template = ` | |
| <style> | |
| .container { font-family: Arial, sans-serif; padding: 20px; } | |
| .header { font-size: 16px; font-weight: bold; margin-bottom: 10px; } | |
| .content { background-color: #f5f5f5; padding: 15px; border-radius: 5px; white-space: pre-wrap; } | |
| .original { margin-top: 20px; color: #666; } | |
| </style> | |
| <div class="container"> | |
| <div class="header">Decrypted Response:</div> | |
| <div class="content">{{decrypted}}</div> | |
| <div class="original"> | |
| <div class="header">Original Response:</div> | |
| <div class="content">{{original}}</div> | |
| </div> | |
| </div> | |
| `; | |
| // Prepare the visualization data | |
| let decryptedFormatted; | |
| try { | |
| const jsonData = decryptedData ? JSON.parse(decryptedData) : null; | |
| decryptedFormatted = jsonData ? JSON.stringify(jsonData, null, 2) : (decryptedData || "No decrypted data"); | |
| } catch (e) { | |
| decryptedFormatted = decryptedData || "No decrypted data"; | |
| } | |
| const visualizationData = { | |
| decrypted: decryptedFormatted, | |
| original: JSON.stringify(responseBody, null, 2) | |
| }; | |
| // Set the visualization | |
| pm.visualizer.set(template, visualizationData); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment