授权承载令牌的邮递员预请求脚本

Question

我正在尝试编写脚本来为集合生成我的身份验证承载令牌。所以我不必每次都传递令牌，我会从父母那里继承身份验证。但我不知道我的脚本哪里错了，我无法生成令牌并且它给了我错误

There was an error in evaluating the Pre-request Script:  Error: No data, empty input at 1:1 ^

这是我的脚本，

var expiresOn = pm.variables.get('ExpiresOn');
    if (!expiresOn || new Date(expiresOn) <= new Date()) {

    var clientId = '565v7677676vfdrd';
    var apiToken =  '6565fdvdrdfd';

    var request = {
        url: 'http://.../auth/token',
        method: 'POST',
        header: 'Content-Type:application/Json',
        body: {
            mode: 'application/json',
            raw:  clientId + apiToken
        }
    };
            }
        };

        pm.sendRequest(request, function (err, res) {
            if (res !== null) {
                var json = res.json();
                pm.environment.set('Access_Token', json.access_token)

                var expiresOn = new Date(0);
                expiresOn.setUTCSeconds(json.expires_on);
                pm.environment.set('ExpiresOn', expiresOn);
            }
        });
    }

Answer 1

const echoPostRequest = {
  url: 'https://example.com/sign_in?client_id=dbdsA8b6V6Lw7wzu1x0T4CLxt58yd4Bf',
  method: 'POST',
  header: 'Accept: application/json\nUser-Agent: Example/2019.10.31-release (Android 6.0.1; LGE Nexus 5)\nUDID: 1d2c7e65f34b3882f8e42ab8d6a82b4b\nContent-Type: application/json; charset=utf-8\nHost: api-mobile.example.com',
  body: {
    mode: 'application/json',
    raw: JSON.stringify(
        {
        	client_id:'dbdsA8b6V6Lw7wzu1x0T4CLxt58yd4Bf',
        	client_secret:'aBK1xbehZvrBw0dtVYNY3BuJJOuDFrYs',
        	auth_method:'password',
        	create_if_not_found:false,
        	credentials:{identifier:'username',password:'pass'},
        	signature:'2:a899cdc0'
        })
  }
};

var getToken = true;

if (!pm.environment.get('accessTokenExpiry') || 
    !pm.environment.get('currentAccessToken')) {
    console.log('Token or expiry date are missing')
} else if (pm.environment.get('accessTokenExpiry') <= (new Date()).getTime()) {
    console.log('Token is expired')
} else {
    getToken = false;
    console.log('Token and expiry date are all good');
}

if (getToken === true) {
    pm.sendRequest(echoPostRequest, function (err, res) {
    console.log(err ? err : res.json());
        if (err === null) {
            console.log('Saving the token and expiry date')
            var responseJson = res.json();
            pm.environment.set('currentAccessToken', responseJson.access_token)
           
            var expiryDate = new Date();
            expiryDate.setSeconds(expiryDate.getSeconds() + responseJson.expires_in);
            pm.environment.set('accessTokenExpiry', expiryDate.getTime());
        }
    });
}

上面的例子是一个 Postman Pre-request 脚本来获取 access_token，以及 token 的过期时间。我认为这个例子将帮助你解决这个问题。 请检查邮递员的控制台 在 Windows 上按 Ctrl+Alt+C 打开 Postman 控制台（在 Mac 上按 Cmd + Alt+C）

Answer 2

语法错误

运行脚本时出现以下错误：

There was an error in evaluating the Pre-request Script:  SyntaxError: Unexpected token ';'

为了正常运行，应该是这样的：

    var expiresOn = pm.variables.get('ExpiresOn');
        if (!expiresOn || new Date(expiresOn) <= new Date()) {

        var clientId = '565v7677676vfdrd';
        var apiToken =  '6565fdvdrdfd';

        var request = {
            url: 'https://api.domain.io/api/user/session',
            method: 'POST',
            header: 'Content-Type:application/Json',
            body: {
                mode: 'application/json',
                raw:  clientId + apiToken
            }
        };
                }

            pm.sendRequest(request, function (err, res) {
                if (res !== null) {
                    var json = res.json();
                    pm.environment.set('Access_Token', json.access_token)

                    var expiresOn = new Date(0);
                    expiresOn.setUTCSeconds(json.expires_on);
                    pm.environment.set('ExpiresOn', expiresOn);
                }
            });

其他选项

我使用这两个选项之一来获取我的收藏的不记名令牌：

1. https://gist.github.com/bcnzer/073f0fc0b959928b0ca2b173230c0669#file-postman-pre-request-js
2. https://community.postman.com/t/how-to-automatically-set-a-bearer-token-for-your-postman-requests/10126/2

Answer 3

稍微修改了 Sebin Sunny 的答案，使用 JWT 针对 Azure + 资源 (/audience) 进行了测试。

在请求的标头中使用 Authorization {{$randomLoremSentence}}

const echoPostRequest = {
    url: 'https://login.microsoftonline.com/{tenant}/oauth2/token',
    method: 'POST',
    body: {
        mode: 'formdata',
        formdata: [
            { key: 'grant_type', value: 'client_credentials' },
            { key: 'client_Id', value: '*******************************' },
            { key: 'client_secret', value: '*******************************' },
            { key: 'resource', value: '*******************************' }
        ]
    }
};

var getToken = true;

var token = pm.globals.get('$randomLoremSentence') || '';
var exp = pm.globals.get('accessTokenExpiry');
var exps = new Date(exp);
if (token.indexOf('Bearer ') < 0) {
    console.log('Token or expiry date are missing')
} else if (exp <= (new Date()).getTime()) {
    console.log('Token is expired - ${exps}')
} else {
    getToken = false;
    console.log(`Token ${token.substr(0,10)}...${token.substr(-5)} and expiry ${exps} date are all good`);
}

if (getToken === true) {
    pm.sendRequest(echoPostRequest, function (err, res) {
    console.log(err ? err : res.json());
        if (err === null) {
            var responseJson = res.json();
            var token = responseJson.access_token;
            console.log(`Saving the token ${token.substr(0,5)}...${token.substr(-5)} and expiry ${exps} date`)
            pm.globals.set('$randomLoremSentence', "Bearer " + token);
           
            var expiryDate = new Date(responseJson.expires_on * 1000);
            pm.globals.set('accessTokenExpiry', expiryDate.getTime());
        }
    });
}
//pm.globals.set('$randomLoremSentence', 0); // reset token 2 test