前置脚本
//获取环境变量var appid = pm.variables.get("appid")var appkey = pm.variables.get("appkey");var base_url = pm.variables.get("base_url");var hmac = pm.variables.get("hmac");//1. 获取环境变量中秘钥值.不同环境请输入不同的环境变量值console.log("appid:" + appid + ",appkey:" + appkey)//2. 准备请求参数var timestamp = pm.variables.replaceIn('{{$timestamp}}');console.log("timestamp:" + timestamp)//3. nonce 简化nonce值// var nonce=pm.variables.replaceIn('{{$guid}}')var nonce = createUuid();console.log("nonce:" + nonce)//2. 计算body md5值 作为payload 如果是设置了签名算法为hmac则不计算body payload_sigm// 默认为hmac-with-body 则需要计算bodyvar payload_sig = ""console.log("hmac:" + hmac);if(!hmac){var payload_sig = calcMd5();console.log("payload_sig:" + payload_sig);}// 加入所有请求参数,进行计算signatureparamsSort = paramsSort();console.log("paramsSort:" + paramsSort);tempsignature = paramsSort + "&key=" + appkey;var signature = CryptoJS.HmacSHA256(tempsignature, appkey).toString().toUpperCase()console.log("signature:" + signature)queryString = paramsSort + "&signature=" + signature;console.log("queryString:" + queryString)//URL 添加参数pm.request.addQueryParams("appid=" + appid);pm.request.addQueryParams("timestamp=" + timestamp);pm.request.addQueryParams("nonce=" + nonce);if (payload_sig) {pm.request.addQueryParams("payload_sig=" + payload_sig);}pm.request.addQueryParams("signature=" + signature);//发起请求 debug 脚本使用var fullUrl = request.url.split('?')[0] + "?" + queryString;fullUrl = fullUrl.replace('{{base_url}}', base_url);console.log("fullUrl:" + fullUrl)// const postRequest = {// url: fullUrl,// method: "POST",// body: pm.request.body.raw// };// pm.sendRequest(postRequest, function (err, response) {// console.log(response.json());// });// 请求参数排序function paramsSort() {var params = new Map();var contentType = pm.request.headers.get("content-type");if (contentType && contentType.startsWith('application/x-www-form-urlencoded')) {const formParams = request.data.split("&");formParams.forEach((p) => {const ss = p.split('=');params.set(ss[0], encodeRFC2396URI(ss[1]));})}const ss = request.url.split('?');if (ss.length > 1 && ss[1]) {const queryParams = ss[1].split('&');queryParams.forEach((p) => {const ss = p.split('=');params.set(ss[0], encodeRFC2396URI(ss[1]));})}params.set("appid", appid);params.set("timestamp", timestamp);params.set("nonce", nonce);if (payload_sig) {params.set("payload_sig", payload_sig);}var sortedKeys = Array.from(params.keys())sortedKeys.sort(function (a, b) {return a.toLowerCase().localeCompare(b.toLowerCase());});var qsfor (var k of sortedKeys) {var s = k + "=" + params.get(k);qs = qs ? qs + "&" + s : s;// console.log("key=" + k + " value=" + params.get(k));}return qs;}// 计算md5 body的请求值function calcMd5() {pm.request.addHeader("Content-Type:application/json");var contentType = pm.request.headers.get("Content-Type");var data = pm.request.body.raw;if (data && !contentType.startsWith('application/x-www-form-urlencoded')) {console.log("request.data:" + data);var md5 = CryptoJS.MD5(data).toString().toUpperCase();return md5;} else {return "";}}// 随机ID 生成算法function createUuid() {return 'xxxyxxx'.replace(/[xy]/g, function (c) {var r = Math.random() * 16 | 0, v = c == 'x' ? r : (r & 0x3 | 0x8);return v.toString(16);});}//java js RFC2396实现// https://www.cnblogs.com/linyufeng/p/14676964.html// 由于spring 框架会默认decode 一次function encodeRFC2396URI(str) {return encodeURIComponent(decodeURIComponent(str)).replace(/%20/g, "+").replace(/\)/g, "%29").replace(/\(/g, "%28").replace(/'/g, "%27").replace(/!/g, "%21").replace(/~/g, "%7E");}
测试
请求数据
{{baseurl}}/smallflowService/1.0/getAccountLicenceData实际请求
{{baseurl}}/smallflowService/1.0/getAccountLicenceData?appid=1111×tamp=1700128978&nonce=222&payload_sig=3333&signature=444