Skip to content

Instantly share code, notes, and snippets.

@steveosoule

steveosoule/00__README.md

Last active August 30, 2024 19:57
Show Gist options
  • Save steveosoule/4b47164d9b6b5160bd4e0b99dfac8775 to your computer and use it in GitHub Desktop.
Save steveosoule/4b47164d9b6b5160bd4e0b99dfac8775 to your computer and use it in GitHub Desktop.
Download ZIP
Miva JSON API - Add X-Miva-API-Authorization HMAC Signature with JavaScript's CryptoJS as a Postman Pre-Request Script
Raw
00__README.md

Add X-Miva-API-Authorization HMAC Signature to a Postman Request

Uses JavaScript's CryptoJS library within a Postman Pre-Request script to: parse the request-body, create a SHA256 HMAC signature, build the Miva JSON API's authorization HTTP Header, and add the header to the current Postman request.

Instructions

Setup Postman Environmental Variables

  1. Navigate to the "Miva Admin > Settings > Users > API Tokens"
  2. Edit a token
  3. Create a Postman Environmental Variable called API_Token that is set to the "Edit API Token > Access Token" value
  4. Create a Postman Environmental Variable called API_SigningKey that is set to the "Edit API Token > Signature" value

Add to a Single Request

  1. Edit a request in Postman
  2. Switch to the "Scripts" tab of the request
  3. Switch to the "Pre-request" code
  4. Populate it with 01__standalone-pre-request-script.js

OR Add Multiple Requests with a Postman Package

  1. Open the Postman > Package Library
    1. Edit a request in Postman
    2. Switch to the "Scripts" tab of the request
    3. Switch to the "Pre-request" code
    4. Click the "Open package library" link
  2. Create a "New Package"
  3. Populate it with 02__package--source.js
  4. "Save" your package
  5. Edit a request in Postman
  6. Switch to the "Scripts" tab of the request
  7. Switch to the "Pre-request" code
  8. In the "Packages" search-dropdown, select your package
  9. Require and use your package like it is done in 03__package--pre-request-script.js

Helpful Links

Raw
01__standalone-pre-request-script.js
const CryptoJS = require('crypto-js');
const token = pm.environment.get('API_Token');
const signingKey = pm.environment.get('API_SigningKey');
const requestBody = pm.variables.replaceIn(pm.request.body.toString());
const signature = CryptoJS.HmacSHA256(
CryptoJS.enc.Utf8.parse(requestBody),
CryptoJS.enc.Base64.parse(signingKey)
).toString(CryptoJS.enc.Base64);
pm.request.headers.add({
key: 'X-Miva-API-Authorization',
value: `MIVA-HMAC-SHA256 ${token}:${signature}`
});
Raw
02__package--source.js
const CryptoJS = require('crypto-js');
const addAuthorizationHeader = ({token = pm.environment.get('API_Token'), signingKey = pm.environment.get('API_SigningKey'), requestBody = pm.variables.replaceIn(pm.request.body.toString())} = {}) => {
const signature = CryptoJS.HmacSHA256(
CryptoJS.enc.Utf8.parse(requestBody),
CryptoJS.enc.Base64.parse(signingKey)
).toString(CryptoJS.enc.Base64);
pm.request.headers.add({
key: 'X-Miva-API-Authorization',
value: `MIVA-HMAC-SHA256 ${token}:${signature}`
});
};
module.exports = {
addAuthorizationHeader
};
Raw
03__package--pre-request-script.js
const miva = pm.require('@red-flare-1249/miva');
miva.addAuthorizationHeader();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment