Archiwa tagu: WSSE

WSSE – Postman Pre-request Script

przez kszyh | 9 marca 2017 - 16:20 |9 marca 2017 Java Script

Dodaj komentarz

JavaScript

// Symfony SHA512 encryption provider var cipher = function (secret, salt) { var salted = secret + '{' + salt + '}'; var digest = CryptoJS.SHA512(salted); for (var i = 1; i < 5000; i++) { var parsed = CryptoJS.enc.Utf8.parse(salted); var cc = digest.concat(parsed) digest = CryptoJS.SHA512(cc); } digest = digest.toString(CryptoJS.enc.Base64); return digest; }; // Date formater to UTC var formatDate = function (d) { // Padding for date creation var pad = function (num) { return ("0" + num).slice(-2); }; return [d.getUTCFullYear(), pad(d.getUTCMonth() + 1), pad(d.getUTCDate())].join("-") + "T" + [pad(d.getUTCHours()), pad(d.getUTCMinutes()), pad(d.getUTCSeconds())].join(":") + "Z"; }; var randomString = function (length) { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < length; i++) { text += possible.charAt(Math.floor(Math.random() * possible.length)); } return text; }; var base64Encode = function (input) { var keyStr = 'ABCDEFGHIJKLMNOP' + 'QRSTUVWXYZabcdef' + 'ghijklmnopqrstuv' + 'wxyz0123456789+/' + '='; var output = ""; var chr1, chr2, chr3 = ""; var enc1, enc2, enc3, enc4 = ""; var i = 0; do { chr1 = input.charCodeAt(i++); chr2 = input.charCodeAt(i++); chr3 = input.charCodeAt(i++); enc1 = chr1 >> 2; enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); enc4 = chr3 & 63; if (isNaN(chr2)) { enc3 = enc4 = 64; } else if (isNaN(chr3)) { enc4 = 64; } output = output + keyStr.charAt(enc1) + keyStr.charAt(enc2) + keyStr.charAt(enc3) + keyStr.charAt(enc4); chr1 = chr2 = chr3 = ""; enc1 = enc2 = enc3 = enc4 = ""; } while (i < input.length); return output; } var username = "admin"; var password = "pass"; var salt = "salt"; var secret = cipher(password, salt) // Generate nonce var nonce = randomString(30); // Creation time of the token var created = formatDate(new Date()); // Generating digest from secret, creation and nonce var salted = secret + '{' + salt + '}'; var hash = CryptoJS.SHA1(nonce + created + salted); var digest = hash.toString(CryptoJS.enc.Base64); // Base64 Encode digest var b64nonce = base64Encode(nonce); // Return generated token var token = 'UsernameToken Username="' + username + '", PasswordDigest="' + digest + '", Nonce="' + b64nonce + '", Created="' + created + '"'; postman.setGlobalVariable("token", token);

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105

// Symfony SHA512 encryption provider var cipher = function (secret, salt) { var salted = secret + '{' + salt + '}'; var digest = CryptoJS.SHA512(salted); for (var i = 1; i < 5000; i++) { var parsed = CryptoJS.enc.Utf8.parse(salted); var cc = digest.concat(parsed) digest = CryptoJS.SHA512(cc); } digest = digest.toString(CryptoJS.enc.Base64);   return digest; };   // Date formater to UTC var formatDate = function (d) { // Padding for date creation var pad = function (num) { return ("0" + num).slice(-2); };   return [d.getUTCFullYear(), pad(d.getUTCMonth() + 1), pad(d.getUTCDate())].join("-") + "T" + [pad(d.getUTCHours()), pad(d.getUTCMinutes()), pad(d.getUTCSeconds())].join(":") + "Z"; };   var randomString = function (length) { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < length; i++) { text += possible.charAt(Math.floor(Math.random() * possible.length)); } return text; };   var base64Encode = function (input) { var keyStr = 'ABCDEFGHIJKLMNOP' + 'QRSTUVWXYZabcdef' + 'ghijklmnopqrstuv' + 'wxyz0123456789+/' + '=';   var output = ""; var chr1, chr2, chr3 = ""; var enc1, enc2, enc3, enc4 = ""; var i = 0;   do { chr1 = input.charCodeAt(i++); chr2 = input.charCodeAt(i++); chr3 = input.charCodeAt(i++);   enc1 = chr1 >> 2; enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); enc4 = chr3 & 63;   if (isNaN(chr2)) { enc3 = enc4 = 64; } else if (isNaN(chr3)) { enc4 = 64; }   output = output + keyStr.charAt(enc1) + keyStr.charAt(enc2) + keyStr.charAt(enc3) + keyStr.charAt(enc4); chr1 = chr2 = chr3 = ""; enc1 = enc2 = enc3 = enc4 = ""; } while (i < input.length);   return output; }   var username = "admin"; var password = "pass"; var salt = "salt"; var secret = cipher(password, salt) // Generate nonce var nonce = randomString(30);   // Creation time of the token var created = formatDate(new Date());   // Generating digest from secret, creation and nonce var salted = secret + '{' + salt + '}'; var hash = CryptoJS.SHA1(nonce + created + salted); var digest = hash.toString(CryptoJS.enc.Base64);   // Base64 Encode digest var b64nonce = base64Encode(nonce);   // Return generated token var token = 'UsernameToken Username="' + username + '", PasswordDigest="' + digest + '", Nonce="' + b64nonce + '", Created="' + created + '"';   postman.setGlobalVariable("token", token);