hey everyone!
I’m using Postman to run my test queries and I’m wondering if there’s an easier way to generate the Authorization header.
Right now I’m using the python lib to generate the jwt envelope and pasting it into the Postman var. I also tried to use gcloud cli command to get the jwt but no luck
Unfortunately, at this time we do not have an officially supported streamlined solution for fetching or generating tokens in Postman.
For my own personal use I have been utilizing postman-util-lib inside of a pre-request script to generate tokens on-the-fly.
Here is an example of how it could be set up in your pre-request script:
// including this because removing newline via string.replace was not working in postman
// pre-request script
// TODO: find out why this is necessary and remove if possible
const stripNewLine = (privateKey) => {
let returnValues = [];
let lastCharWasEscapeChar = false;
for (let i = 0; i < privateKey.length; i++) {
if (lastCharWasEscapeChar) {
lastCharWasEscapeChar = false;
continue;
}
if (privateKey[i] === '\\') {
lastCharWasEscapeChar = true;
continue;
}
returnValues.push(privateKey[i]);
}
return returnValues.join("");
};
helpers = {
refreshToken: () => {
// This logic adds an api key header if a key is present in the environment variables
var apiKey = pm.environment.get('apiKey');
if (apiKey) {
pm.request.headers.add({
key: "x-api-key",
value: apiKey
});
}
// This logic uses the https://github.com/joolfe/postman-util-lib library to generate bearer tokens
// from a private key stored in the environment variables
pm.environment.set('jwt', null);
var privateKey = stripNewLine(pm.environment.get('privateKey'));
var clientEmail = pm.environment.get('clientEmail');
var baseUrl = pm.environment.get('baseUrl');
var errorMessage = "";
if (!privateKey) {
errorMessage += "privateKey variable is not set. ";
}
if (!clientEmail) {
errorMessage += "clientEmail variable is not set. ";
}
if (!baseUrl) {
errorMessage += "baseUrl variable is not set. ";
}
if (errorMessage.length > 0) {
throw new Error(errorMessage.trim());
}
var header = {
"alg": "RS256"
};
var currentTimestamp = Math.floor(Date.now() / 1000)
var payload = {
'iss': clientEmail || '',
'sub': clientEmail || '',
'aud': baseUrl || '',
'iat': currentTimestamp,
'exp': currentTimestamp + 30 * 60, // expiry time is 30 seconds from time of creation
}
eval(pm.collectionVariables.get('pmlib_code'))
let jwk;
try {
jwk = pmlib.rs.KEYUTIL.getJWK(privateKey);
} catch (e) {
throw new Error(`Error calling auth library to build jwk: ${e}`);
}
if (!jwk) {
throw new Error("Unable to convert private key to JWK");
}
let signed_jwt;
try {
signed_jwt = pmlib.jwtSign(jwk, payload, header, 3600, 'RS256')
} catch (e) {
throw new Error(`Error calling auth library to sign token: ${e}`);
}
if (!signed_jwt) {
throw new Error("Unable to generate token");
}
pm.environment.set('jwt', signed_jwt);
}
};
helpers.refreshToken();
Again, this is not officially supported by ComboCurve it is just an example of how I have done it in the past. It is a little finnicky though as I have not really had time to refine it.
hey @Jeff_Hopkins thanks for the pre-request-script, that should do it.