下面介绍一种在 Postman 使用脚本自动生成签名的方法。通过此方法可在 Postman 调试接口时自动完成签名计算与请求发送,无需手动使用工具计算签名并填写 Authorization。
下面以云服务器(CVM)的 DescribeInstances 接口为例,来说明配置步骤。
步骤1: 添加请求前置脚本
1. 请求方式选择
POST,在地址栏输入接口请求域名,域名可在接口说明文档中查看。
2. 单击 Pre-request Script,添加脚本。如下图所示:
脚本内容如下:
const crypto = require("crypto-js");function sha256(message, secret = "", encoding) {const hmac = crypto.HmacSHA256(message, secret);// return hmac.toString(crypto.enc.Hex);return hmac;}function getHash(message, encoding = "hex") {const hash = crypto.SHA256(message);// return hash.toString(crypto.enc.Hex);return hash;}function getDate(timestamp) {const date = new Date(timestamp * 1000);const year = date.getUTCFullYear();const month = ("0" + (date.getUTCMonth() + 1)).slice(-2);const day = ("0" + date.getUTCDate()).slice(-2);return `${year}-${month}-${day}`;}function main() {// 1.替换为自己的AK、SKconst SECRET_ID = "";const SECRET_KEY = "";// 2.替换为自己真实的云API公共参数const endpoint = "cvm.tencentcloudapi.com";const service = "cvm";const region = "ap-guangzhou";const action = "DescribeInstances";const version = "2017-03-12";const timestamp = Math.floor(Date.now() / 1000);const date = getDate(timestamp);// ************* Step 1: Concatenate the CanonicalRequest string *************// 3.重要:payload 替换为自己真实的业务接口请求参数!const payload ='{\\"Filters\\":[{\\"Name\\":\\"instance-charge-type\\",\\"Values\\":[\\"PREPAID\\"]}]}';const hashedRequestPayload = getHash(payload);const httpRequestMethod = "POST";const canonicalUri = "/";const canonicalQueryString = "";const canonicalHeaders ="content-type:application/json; charset=utf-8\\n" +"host:" +endpoint +"\\n" +"x-tc-action:" +action.toLowerCase() +"\\n";const signedHeaders = "content-type;host;x-tc-action";const canonicalRequest =httpRequestMethod +"\\n" +canonicalUri +"\\n" +canonicalQueryString +"\\n" +canonicalHeaders +"\\n" +signedHeaders +"\\n" +hashedRequestPayload;console.log("----------------------------canonicalRequest");console.log(canonicalRequest);console.log("----------------------------canonicalRequest");// ************* Step 2: Concatenate the string to sign *************const algorithm = "TC3-HMAC-SHA256";const hashedCanonicalRequest = getHash(canonicalRequest);const credentialScope = date + "/" + service + "/" + "tc3_request";const stringToSign =algorithm +"\\n" +timestamp +"\\n" +credentialScope +"\\n" +hashedCanonicalRequest;console.log("----------------------------stringToSign");console.log(stringToSign);console.log("----------------------------stringToSign");// ************* Step 3: Calculate the signature *************const kDate = sha256(date, "TC3" + SECRET_KEY);const kService = sha256(service, kDate);const kSigning = sha256("tc3_request", kService);const signature = sha256(stringToSign, kSigning, "hex");console.log("----------------------------signature");console.log(signature.toString(crypto.enc.Hex));console.log("----------------------------signature");// ************* Step 4: Concatenate the Authorization *************const authorization =algorithm +" " +"Credential=" +SECRET_ID +"/" +credentialScope +", " +"SignedHeaders=" +signedHeaders +", " +"Signature=" +signature;console.log("----------------------------authorization");console.log(authorization);console.log("----------------------------authorization");const Call_Information ="curl -X POST " +"https://" +endpoint +' -H "Authorization: ' +authorization +'"' +' -H "Content-Type: application/json; charset=utf-8"' +' -H "Host: ' +endpoint +'"' +' -H "X-TC-Action: ' +action +'"' +' -H "X-TC-Timestamp: ' +timestamp.toString() +'"' +' -H "X-TC-Version: ' +version +'"' +' -H "X-TC-Region: ' +region +'"' +" -d '" +payload +"'";console.log("----------------------------Call_Information");console.log(Call_Information);console.log("----------------------------Call_Information");// 注入Postman全局变量pm.globals.set("authorization", authorization)pm.globals.set("payload", payload)pm.globals.set("host", endpoint)pm.globals.set("action", action)pm.globals.set("version", version)pm.globals.set("region", region)pm.globals.set("timestamp", timestamp.toString())}main();
请注意,以上脚本中的三个部分需要根据您的实际情况进行替换。
替换1:将
SECRET_ID和SECRRT_KEY 替换为您自己的访问密钥(AK、SK)。您可以在 API 密钥管理 平台获取这些密钥。// 1.替换为自己的AK、SKconst SECRET_ID = "";const SECRET_KEY = "";
替换2:将下面的公共参数值替换为实际请求 API 的参数值。您可以在接口文档中找到这些参数值。
// 2.替换为自己真实的云API公共参数const endpoint = "cvm.tencentcloudapi.com";const service = "cvm";const region = "ap-guangzhou";const action = "DescribeInstances";const version = "2017-03-12";
替换3:将
payload替换为真实的请求入参。// 3.重要:payload 替换为自己真实的业务接口请求参数!const payload ='{\\"Filters\\":[{\\"Name\\":\\"instance-charge-type\\",\\"Values\\":[\\"PREPAID\\"]}]}';
步骤2:在 Headers 中添加头部信息
在 Headers 部分添加以下键值对:
Authorization:{{authorization}}Content-Type:application/json; charset=utf-8Host:{{host}}X-TC-Action:{{action}}X-TC-Timestamp:{{timestamp}}X-TC-Version:{{version}}X-TC-Region:{{region}}
步骤3:替换 Body 为 {{payload}}
在 Body 部分,选择 Raw,然后选择 Json,在输入框中输入
{{payload}}。
通过这样的设置,我们将脚本中的变量值存储到 Postman 的全局变量中,从而完成了请求的构建。
步骤4:发起请求
单击 Send,即可发起请求。在 Response 的 Body 部分,您可以查看到接口的响应结果。
通过以上步骤,我们在 Postman 完成了自动计算签名能力的配置。后续的接口调试,您只需在脚本中修改接口的公共参数及入参即可发起调用,无需再进行手工签名计算。
