HMAC 保护的 API 和 Postman 请求
[英]HMAC protected API and Postman request
问题描述
I am trying to issue requests against an API which is HMAC protected.
我正在尝试针对受 HMAC 保护的 API 发出请求。
I can successfully send a request using a HMAC auth plugin for HTTPie like this:我可以使用 HTTPie 的 HMAC auth 插件成功发送请求,如下所示:
http --auth-type=hmackey --auth="key1:secret1" api_url
However, I've not had any success by issuing requests through Postman.但是,通过 Postman 发出请求,我没有取得任何成功。 I'm following the link below which explains how to use a pre-request script, but I'm always getting a 401:我正在关注下面的链接,该链接解释了如何使用预请求脚本,但我总是收到 401:
https://github.com/acquia/http-hmac-postman https://github.com/acquia/http-hmac-postman
Any thoguhts?有什么想法吗?
1 个解决方案
解决方案1
0 已采纳 2021-06-04 05:56:24
If you want to create a hmac for the post request and set it to the header, simply use cryptoJs as below in the pre-request script.如果要为 post 请求创建一个 hmac 并将其设置为 header,只需在 pre-request 脚本中使用如下 cryptoJs。
const secret = 'your_secret';
var hash = CryptoJS.HmacSHA256(pm.request.body.toString(), secret);
var hashBase64 = CryptoJS.enc.Base64.stringify(hash);
console.log(hashBase64);
//set it to the environment variable
pm.environment.set("HmacContentSha", "hashBase64");
The environment variable HmacContentSha need to pass in the request header.环境变量HmacContentSha需要传入请求 header。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.