zoukankan      html  css  js  c++  java
  • postman prerequest动态加密数据构造

    app与服务端通信过程中有时需要加密,这样受保护的body更不易被破解。

    例子:

      工作中有遇到类似于http://test.baidu.com/ad/conf?m2=xx&ch=xxxxx&sign=xxx的请求,通过postman、jmeter在进行请求时由于无法直接获取到sign值,无法顺利走通接口,这时候下边的代码就work了。

    //签名规则:sign=md5(key1=value1&key2=value2&secret)
    var secret = "abcde";//secret
    var newtimestamp=Math.round(new Date().getTime());
    console.log("newtimestamp:"+newtimestamp);
    
    //请求参数名按照ASCII码升序排序
    keys = Object.keys(request.data).sort(); 
    
    //拼接待签名字符串
    var str = [];
    for (var p = 0; p < keys.length; p++) { 
        if(keys[p] == "sign" || request.data[keys[p]] === ""){
            // == 宽松相等,隐性类型转换,值相等,返回true;
            // === 严格相等,值和类型都相等,返回true
            continue;
        }
        if(keys[p] == "qbtime"){
            str.push(keys[p] + "=" + newtimestamp);
            continue;
        }
        str.push(keys[p] + "=" + request.data[keys[p]]);
    }
    
    var presign = str.join("&");
    presign = presign+"&"+secret; //添加secret
    console.log("presign:"+presign);
    var signSecret = CryptoJS.MD5(presign).toString();  //md5
    console.log("signSecret:"+signSecret);
    
    //重设环境变量
    pm.environment.unset("sign");
    pm.environment.unset("timestamp");
    pm.environment.set("sign", signSecret);
    pm.environment.set("timestamp", newtimestamp);
  • 相关阅读:
    Linux Ubuntu安装Mysql5.7
    Linux Ubuntu安装maven3.3.9
    Linux Ubuntu安装tomcat9
    Linux Ubuntu安装JDK1.8
    Win10 U盘安装ubuntu16.04 LTS 双系统
    Linux Mysql5.7 常用语句与函数
    在Linux CentOS 6.6上安装Python 2.7.9
    CentOS6下docker的安装和使用
    How to Install Apache Solr 4.5 on CentOS 6.4
    SpringBoot的日志管理
  • 原文地址:https://www.cnblogs.com/mncasey/p/11556081.html
Copyright © 2011-2022 走看看