I'm trying to use Postman to send a GET http request which contains a parameter which is dynamically generated by taking the full request query string (everything to the right of the question mark in the URL, after URL encoding), concatenating a previously assigned shared secret key, and then performing a SHA-1 hash of the resulting string.
I would use a Pre-request Script to achieve this.
Thank you.
I actually found a solution and would like to share it.
var params = [ ["client_id", "222"] ,["account_id", ""] ]; // Build the request body string from the Postman request.data object var requestBody = ""; var firstpass = true; for(var i=0;i < params.length; i++) { if(!firstpass){ requestBody += "&"; } requestBody += params[i][0] + "=" + params[i][1]; firstpass = false; postman.setGlobalVariable(params[i][0], params[i][1]); } requestBody += postman.getEnvironmentVariable("sharedSecretKey"); postman.setGlobalVariable("requestBody", requestBody); var mac = ""; if(requestBody){ // SHA1 hash mac = CryptoJS.SHA1(requestBody); } postman.setGlobalVariable("mac", mac);
Then I just need to set the parameters in the URL : {{baseUrl}}/get?client_id={{client_id}}&account_id={{account_id}}&mac={{mac}}
where {{baseUrl}} is an environment variable and {{client_id}}, {{account_id}} are global variables
Hope it can be helpful to someone.
Thank you.
Inspired by this answer , I used the following Postman pre-request script to create a SHA1 hash of a request.
Note that request.data
is an implied variable and the CryptoJS
library are provided by the Postman Sandbox for pre-request scripts .
const hash = CryptoJS.HmacSHA1(request.data, 'yourSecret');
pm.globals.set('hash', hash);
You can now reference the hash value as a postman global variable using {{hash}}
syntax.
My purpose in all this was to simulate the X-Hub-Signature
header provided by the GitHub Webhooks API because my web service validates all webhook payloads to match the signature. So for me to test my web service, I also needed postman to generate a valid signature header.
Here's an adaptation of the above code snippet for generating the X-Hub-Signature
request header value.
GITHUB_WEBHOOK_SECRET
with the value I specified when I created my GitHub App. const hash = CryptoJS.HmacSHA1(
request.data,
pm.environment.get('GITHUB_WEBHOOK_SECRET')
);
pm.globals.set('X-HUB-SIGNATURE', 'sha1=' + hash);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.