文档中心>云 API>开发指南>Postman自动计算签名方案说明

Postman自动计算签名方案说明

最近更新时间:2024-02-29 16:04:51

我的收藏
下面介绍一种在 Postman 使用脚本自动生成签名的方法。通过此方法可在 Postman 调试接口时自动完成签名计算与请求发送,无需手动使用工具计算签名并填写 Authorization。
下面以云服务器(CVM)的 DescribeInstances 接口为例,来说明配置步骤。

步骤1: 添加请求前置脚本

1. 请求方式选择 POST,在地址栏输入接口请求域名,域名可在接口说明文档中查看。



2. 单击 Pre-request Script,添加脚本。如下图所示:



脚本内容如下:
const crypto = require("crypto-js");
function sha256(message, secret = "", encoding) {
const hmac = crypto.HmacSHA256(message, secret);
// return hmac.toString(crypto.enc.Hex);
return hmac;
}
function getHash(message, encoding = "hex") {
const hash = crypto.SHA256(message);
// return hash.toString(crypto.enc.Hex);
return hash;
}
function getDate(timestamp) {
const date = new Date(timestamp * 1000);
const year = date.getUTCFullYear();
const month = ("0" + (date.getUTCMonth() + 1)).slice(-2);
const day = ("0" + date.getUTCDate()).slice(-2);
return `${year}-${month}-${day}`;
}
function main() {
// 1.替换为自己的AK、SK
const SECRET_ID = "";
const SECRET_KEY = "";
// 2.替换为自己真实的云API公共参数
const endpoint = "cvm.tencentcloudapi.com";
const service = "cvm";
const region = "ap-guangzhou";
const action = "DescribeInstances";
const version = "2017-03-12";
const timestamp = Math.floor(Date.now() / 1000);
const date = getDate(timestamp);
// ************* Step 1: Concatenate the CanonicalRequest string *************
// 3.重要:payload 替换为自己真实的业务接口请求参数!
const payload =
'{\\"Filters\\":[{\\"Name\\":\\"instance-charge-type\\",\\"Values\\":[\\"PREPAID\\"]}]}';
const hashedRequestPayload = getHash(payload);
const httpRequestMethod = "POST";
const canonicalUri = "/";
const canonicalQueryString = "";
const canonicalHeaders =
"content-type:application/json; charset=utf-8\\n" +
"host:" +
endpoint +
"\\n" +
"x-tc-action:" +
action.toLowerCase() +
"\\n";
const signedHeaders = "content-type;host;x-tc-action";
const canonicalRequest =
httpRequestMethod +
"\\n" +
canonicalUri +
"\\n" +
canonicalQueryString +
"\\n" +
canonicalHeaders +
"\\n" +
signedHeaders +
"\\n" +
hashedRequestPayload;
console.log("----------------------------canonicalRequest");
console.log(canonicalRequest);
console.log("----------------------------canonicalRequest");
// ************* Step 2: Concatenate the string to sign *************
const algorithm = "TC3-HMAC-SHA256";
const hashedCanonicalRequest = getHash(canonicalRequest);
const credentialScope = date + "/" + service + "/" + "tc3_request";
const stringToSign =
algorithm +
"\\n" +
timestamp +
"\\n" +
credentialScope +
"\\n" +
hashedCanonicalRequest;
console.log("----------------------------stringToSign");
console.log(stringToSign);
console.log("----------------------------stringToSign");
// ************* Step 3: Calculate the signature *************
const kDate = sha256(date, "TC3" + SECRET_KEY);
const kService = sha256(service, kDate);
const kSigning = sha256("tc3_request", kService);
const signature = sha256(stringToSign, kSigning, "hex");
console.log("----------------------------signature");
console.log(signature.toString(crypto.enc.Hex));
console.log("----------------------------signature");
// ************* Step 4: Concatenate the Authorization *************
const authorization =
algorithm +
" " +
"Credential=" +
SECRET_ID +
"/" +
credentialScope +
", " +
"SignedHeaders=" +
signedHeaders +
", " +
"Signature=" +
signature;
console.log("----------------------------authorization");
console.log(authorization);
console.log("----------------------------authorization");
const Call_Information =
"curl -X POST " +
"https://" +
endpoint +
' -H "Authorization: ' +
authorization +
'"' +
' -H "Content-Type: application/json; charset=utf-8"' +
' -H "Host: ' +
endpoint +
'"' +
' -H "X-TC-Action: ' +
action +
'"' +
' -H "X-TC-Timestamp: ' +
timestamp.toString() +
'"' +
' -H "X-TC-Version: ' +
version +
'"' +
' -H "X-TC-Region: ' +
region +
'"' +
" -d '" +
payload +
"'";
console.log("----------------------------Call_Information");
console.log(Call_Information);
console.log("----------------------------Call_Information");
// 注入Postman全局变量
pm.globals.set("authorization", authorization)
pm.globals.set("payload", payload)
pm.globals.set("host", endpoint)
pm.globals.set("action", action)
pm.globals.set("version", version)
pm.globals.set("region", region)
pm.globals.set("timestamp", timestamp.toString())
}
main();
请注意,以上脚本中的三个部分需要根据您的实际情况进行替换。
替换1:将 SECRET_IDSECRRT_KEY 替换为您自己的访问密钥(AK、SK)。您可以在 API 密钥管理 平台获取这些密钥。
// 1.替换为自己的AK、SK
const SECRET_ID = "";
const SECRET_KEY = "";
替换2:将下面的公共参数值替换为实际请求 API 的参数值。您可以在接口文档中找到这些参数值。
// 2.替换为自己真实的云API公共参数
const endpoint = "cvm.tencentcloudapi.com";
const service = "cvm";
const region = "ap-guangzhou";
const action = "DescribeInstances";
const version = "2017-03-12";
替换3:将payload替换为真实的请求入参。
// 3.重要:payload 替换为自己真实的业务接口请求参数!
const payload =
'{\\"Filters\\":[{\\"Name\\":\\"instance-charge-type\\",\\"Values\\":[\\"PREPAID\\"]}]}';

步骤2:在 Headers 添加头部信息

在 Headers 部分添加以下键值对:
Authorization:{{authorization}}
Content-Type:application/json; charset=utf-8
Host:{{host}}
X-TC-Action:{{action}}
X-TC-Timestamp:{{timestamp}}
X-TC-Version:{{version}}
X-TC-Region:{{region}}




步骤3:替换 Body 为 {{payload}}

在 Body 部分,选择 Raw,然后选择 Json,在输入框中输入 {{payload}}



通过这样的设置,我们将脚本中的变量值存储到 Postman 的全局变量中,从而完成了请求的构建。

步骤4:发起请求

单击 Send,即可发起请求。在 Response 的 Body 部分,您可以查看到接口的响应结果。



通过以上步骤,我们在 Postman 完成了自动计算签名能力的配置。后续的接口调试,您只需在脚本中修改接口的公共参数及入参即可发起调用,无需再进行手工签名计算。