errore with messageSignature sha256 in postman (base64 is notdefined.)

Question

I'm testing an api that i have to send in body those data acording to documentation:

studentId,
apiKey,
timeStamp (current iso time as a string),
messageSignature: apikey+studentId+timeStamp encrypted using sha256,

i wrote a script to generate message signature using sha256 in Pre-request Script. Pre-request Script:


    var dateIso = new Date().toISOString();
    pm.globals.set("isoDateTostring", dateIso);
    console.log('timestamp var is:', pm.globals.get("isoDateTostring"));
    
    let msg = "apiKeyvalue" + "studentId" + pm.globals.get("isoDateTostring");+ JSON.stringify(msg)
    
    const hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA256, "secretKey");
    hmac.update(msg);
    const messageSignature = hmac.finalize().toString();

Details (like screenshots): in body i wrote:

{
"studentId":"********",
"apiKey":"************",
"timeStamp":{{$isoDateTostring}},
"messageSignature": {{$messageSignature}}
}

when i send the request i get base64 is notdefined.

lucas-nguyen-17 · Accepted Answer · 2023-02-21T09:03:13.817

2

Code would be like:

In Tab Body:

{{$isoDateTostring}} --> "{{isoDateTostring}}"

{{$messageSignature}} --> "{{messageSignature}}"

{
    "studentId": "123",
    "apiKey": "123abc",
    "timeStamp": "{{isoDateTostring}}",
    "messageSignature": "{{messageSignature}}"
}

In tab Pre-request: I fake studentId and apiKey

const dateIso = new Date().toISOString();
pm.globals.set("isoDateTostring", dateIso);

const studentId = "123";
const apiKeyvalue = "123abc"
let msg = apiKeyvalue + studentId + pm.globals.get("isoDateTostring");

const messageSignature = CryptoJS.SHA256(msg).toString();
pm.globals.set("messageSignature", messageSignature);

Result:

{
    "studentId": "123",
    "apiKey": "123abc",
    "timeStamp": "2021-10-26T13:20:09.068Z",
    "messageSignature": "783e65ff1cfb2374fb5f84daa35c01d18b8a1898b3a1837e84934e91a3c0720d"
}

edited Feb 21 '23 at 09:03

answered Oct 26 '21 at 13:24

lucas-nguyen-17

5,516
2
9
20

I corret it as you told me, but i'm still get this error:{"status": 400,"error": {"expose": true,"statusCode": 400,"status": 400,"body": "{\r\n \"studentId\":\"stId\",\r\n \"apiKey\":\"12345A\",\r\n \"timeStamp \":2021-10-26T13:42:14.944Z,\r\n \"messageSignature\": 0az039883D\r\n}", "type": "entity.parse.failed"},"message": "Unexpected number in JSON at position 96", "stack": "SyntaxError: Unexpected number in JSON at position 96\n – albertyaz Oct 26 '21 at 13:50
at JSON.parse ()\n at parse (/usr/src/app/node_modules/body-parser/lib/types/json.js:89:19)\n at /usr/src/app/node_modules/body-parser/lib/read.js:121:18\n at invokeCallback (/usr/src/app/node_modules/raw-body/index.js:224:16)\n at done (/usr/src/app/node_modules/raw-body/index.js:213:7)\n at IncomingMessage.onEnd (/usr/src/app/node_modules/raw-body/index.js:273:7)\n at IncomingMessage.emit (events.js:228:7)\n at endReadableNT (_stream_readable.js:1185:12)\n at processTicksAndRejections (internal/process/task_queues.js:81:21)"} – albertyaz Oct 26 '21 at 13:51
No, you're not following my suggestion. Please douple check the request body. `2021-10-26T13:42:14.944Z`--> `"2021-10-26T13:42:14.944Z"`, `0az039883D` -> `"0az039883D"` – lucas-nguyen-17 Oct 26 '21 at 14:24
This is my body request (fake studentId and apiKey) : { "studentId": "123", "apiKey": "123abc", "timeStamp ": {{isoDateTostring}}, "messageSignature": {{messageSignature}} } – albertyaz Oct 26 '21 at 15:37
1

Can you simply copy my code? It takes too nuch time for very simple thing. You are missing double quote for string for date and message. – lucas-nguyen-17 Oct 26 '21 at 23:35
Thks, it's ok for this part, but now it sent error 407Proxy Authentication Required ( "message": "Invalid Message Signature") – albertyaz Oct 27 '21 at 07:41
i added image of the error in the first question, i think maybe it's a problem with message signature – albertyaz Oct 27 '21 at 07:54
I just use https://cryptojs.gitbook.io/docs/#hashing to hash, no secret here. So the problem might be server using different hash algo. Please check with dev and it's helpful if you have correct sample. – lucas-nguyen-17 Oct 27 '21 at 08:28
i think so, the server use different algo, your code and your effort were very helpful. – albertyaz Oct 27 '21 at 08:36
i checked with developer, he uses this code to hash: const crypto = require('crypto'); //hash is the message signature const hash = crypto .createHmac('sha256', secretKey) .update(concatenatedData) .digest('hex'); i'm tried with this code on posteman var hash = CryptoJS.HmacSHA256("msg", "secret_key"); var hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA256, "secret_key"); var hash = CryptoJS.HmacSHA1(msg, "secret_key"); hmac.update(msg); var hash = hmac.finalize(); but it sent array – albertyaz Oct 27 '21 at 10:07
@albertyaz Can you update to your question. thanks – lucas-nguyen-17 Oct 27 '21 at 10:09
it's ok, the script i wrote in question past to dev requirement ;) – albertyaz Oct 27 '21 at 10:37
@albertyaz cool, good to here that. – lucas-nguyen-17 Oct 27 '21 at 10:38

errore with messageSignature sha256 in postman (base64 is notdefined.)

1 Answers1