-
Notifications
You must be signed in to change notification settings - Fork 13
/
pre-request.js
111 lines (90 loc) · 4.27 KB
/
pre-request.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
/*
* This is a Pre-request script for Postman client to remediate OAuth 1.0a issue
* where certain request fails if the query parameter includes some specific characters.
* https://tools.ietf.org/html/rfc3986#section-2.2 (rfc3986, gen-delims reserved characters)
*
* NOTE: This Pre-script is intended to use with "GET" request but might be able to
* work with other methods that have no request body.
* For "POST" request, there's another workaround.
* See: https://github.com/twitterdev/postman-twitter-ads-api/issues/2
*
* In order to use this Pre-request script, you need to change your "Authorization" type to
* "No Auth" only for the target request and do not apply to the top-level object.
*/
const sdk = require('postman-collection');
function toArray(object) {
let array = [];
Object.keys(object).forEach(key => {
array.push(`${key}=${object[key]}`);
});
return array
}
// fetch all env variables that are currently defined
const env_variables = pm.environment.toObject({
excludeDisabled: true
});
const oauth_consumer_key = env_variables.consumer_key;
const oauth_consumer_secret = env_variables.consumer_secret;
const oauth_token = env_variables.access_token;
const oauth_secret = env_variables.token_secret;
const oauth_signing_key = `${oauth_consumer_secret}&${oauth_secret}`;
// create random oauth_nonce string
const random_source = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
var oauth_nonce = '';
for (var i = 0; i < 32; i++) {
oauth_nonce += random_source.charAt(Math.floor(Math.random() * random_source.length));
}
const oauth_parameter_string_object = {};
oauth_parameter_string_object.oauth_consumer_key = oauth_consumer_key;
oauth_parameter_string_object.oauth_token = oauth_token;
const oauth_nonce_array = CryptoJS.enc.Utf8.parse(oauth_nonce);
oauth_parameter_string_object.oauth_nonce = encodeURIComponent(CryptoJS.enc.Base64.stringify(oauth_nonce_array));
oauth_parameter_string_object.oauth_signature_method = 'HMAC-SHA1';
oauth_parameter_string_object.oauth_version = '1.0';
oauth_parameter_string_object.oauth_timestamp = Math.round((new Date()).getTime() / 1000);
// for Authorization request header (copy object)
const oauth_authorization_header_object = Object.assign({}, oauth_parameter_string_object);
// convert query string into object (+ encode)
const url_query_string_object = {};
const url_query_string_object_array = sdk.QueryParam.parse(
pm.request.url.getQueryString({
ignoreDisabled: true
})
);
url_query_string_object_array.forEach(item => {
url_query_string_object[item.key] = encodeURIComponent(item.value);
});
// merge query parameter
Object.assign(oauth_parameter_string_object, url_query_string_object);
// sort object by key
const oauth_parameter_string_object_ordered = {};
Object.keys(oauth_parameter_string_object).sort().forEach(function(key) {
oauth_parameter_string_object_ordered[key] = oauth_parameter_string_object[key];
});
// generate parameter string
const oauth_parameter_string = toArray(oauth_parameter_string_object_ordered).join('&');
// replace dynamic variables
let base_host = pm.request.url.getOAuth1BaseUrl();
let regexp = /{{(.*?)}}/g;
while (result = regexp.exec(base_host)) {
let value = env_variables[result[1]];
base_host = base_host.replace(new RegExp(`{{${result[1]}}}`, 'g'), value);
}
// generate base string
const oauth_base_string = `${pm.request.method}&${encodeURIComponent(base_host)}&${encodeURIComponent(oauth_parameter_string)}`;
// generate signature
const oauth_signature = CryptoJS.enc.Base64.stringify(CryptoJS.HmacSHA1(oauth_base_string, oauth_signing_key));
oauth_authorization_header_object.oauth_signature = encodeURIComponent(oauth_signature);
// generate Authorization header string
const oauth_authorization_header = toArray(oauth_authorization_header_object).join(', ');
// generate Authorization header
pm.request.headers.add({
key: 'Authorization',
value: `OAuth ${oauth_authorization_header}`
});
// Escape URI parameters using encodeURIComponent => RFC3986
if (Object.keys(url_query_string_object).length !== 0) {
// generate query parameter string
const request_parameter_string = toArray(url_query_string_object).join('&');
pm.request.url = `${pm.request.url.getOAuth1BaseUrl()}?${request_parameter_string}`;
}