-
-
Save yosrixp/02a4f1d7ffb5e0d1917a16690f50ffa3 to your computer and use it in GitHub Desktop.
JWT tokenize - Postman Pre-Request Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function base64url(source) { | |
// Encode in classical base64 | |
encodedSource = CryptoJS.enc.Base64.stringify(source); | |
// Remove padding equal characters | |
encodedSource = encodedSource.replace(/=+$/, ''); | |
// Replace characters according to base64url specifications | |
encodedSource = encodedSource.replace(/\+/g, '-'); | |
encodedSource = encodedSource.replace(/\//g, '_'); | |
return encodedSource; | |
} | |
function addIAT(request) { | |
var iat = Math.floor(Date.now() / 1000) + 257; | |
data.iat = iat; | |
return data; | |
} | |
var header = { | |
"typ": "JWT", | |
"alg": "HS256" | |
}; | |
var data = { | |
"fname": "name", | |
"lname": "name", | |
"email": "email@domain.com", | |
"password": "abc123$" | |
}; | |
data = addIAT(data); | |
var secret = 'myjwtsecret'; | |
// encode header | |
var stringifiedHeader = CryptoJS.enc.Utf8.parse(JSON.stringify(header)); | |
var encodedHeader = base64url(stringifiedHeader); | |
// encode data | |
var stringifiedData = CryptoJS.enc.Utf8.parse(JSON.stringify(data)); | |
var encodedData = base64url(stringifiedData); | |
// build token | |
var token = encodedHeader + "." + encodedData; | |
// sign token | |
var signature = CryptoJS.HmacSHA256(token, secret); | |
signature = base64url(signature); | |
var signedToken = token + "." + signature; | |
postman.setEnvironmentVariable("payload", signedToken); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment