var jsrsasign = require("jsrsasign");
var cryptoJs = require("crypto-js");
var accessToken = pm.environment.get("ACCESS_TOKEN");
var accessTokenExpires = pm.environment.get("ACCESS_TOKEN_EXPIRES");
let request_encryption = pm.environment.get("REQUEST_ENCRYPTION");
let login_public_key = pm.environment.get("LOGIN_PUBLIC_KEY");
if (!login_public_key) {
login_public_key = pm.globals.get('LOGIN_PUBLIC_KEY');
}
var public_key = pm.environment.get("PUBLIC_KEY");
if (!request_encryption) {
request_encryption = pm.globals.get('REQUEST_ENCRYPTION');
}
if (
!accessToken ||
(accessTokenExpires && new Date(accessTokenExpires) <= new Date())
) {
sendLoginRequest();
} else {
if (accessToken && request_encryption == 1 && !public_key) {
getPublicKeyRequest();
} else {
sendRequest();
}
}
function sendRequest() {
if (request_encryption == 1) {
let randomKeys = random_keys(16);
let headers = pm.request.headers;
headers.add({
key: "Publickey",
value: public_key,
});
headers.add({
key: "Randomkeys",
value: randomKeys,
});
headers.add({
key: "Specialkey",
value: rsa_encrypt(randomKeys, public_key),
});
let contentType = pm.request.headers.get('content-type')
if (
contentType &&
pm.request.body.raw &&
contentType.toLowerCase().indexOf('application/json') !== -1
) {
try {
pm.request.body.update(aes_encrypt(pm.request.body.raw, randomKeys));
} catch (e) {
console.log('请求 body 不是 JSON 格式')
}
}
}
}
function aes_encrypt(params, randomKey) {
const srcs = cryptoJs.enc.Utf8.parse(
typeof params === 'object' ? JSON.stringify(params) : params
)
const key = cryptoJs.enc.Utf8.parse(randomKey)
const encryptedParams = cryptoJs.AES.encrypt(srcs, key, {
iv: cryptoJs.enc.Utf8.parse('coreqi20231111'),
mode: cryptoJs.mode.CBC,
padding: cryptoJs.pad.Pkcs7,
})
return encryptedParams.toString()
}
function random_keys(n) {
const charList = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678'
let str = ''
let len = charList.length
for (let i = 0; i < n; i++) {
str += charList[Math.floor(Math.random() * len)]
}
return str
}
function rsa_encrypt(params, key) {
console.log("key", key);
let pubk = "-----BEGIN PUBLIC KEY-----" + key + "-----END PUBLIC KEY-----"
let pub = jsrsasign.KEYUTIL.getKey(pubk);
let enc = jsrsasign.KJUR.crypto.Cipher.encrypt(params, pub, 'RSA');
return jsrsasign.hextob64(enc);
}
function getPublicKeyRequest() {
const baseUrl = pm.request.getBaseUrl();
const getPublicKeyRequest = {
url: baseUrl + "/api/Login/GetLoginBasicInfo",
method: "POST",
header: {
'User-Agent': 'Coreqi with fanqi',
'Connection': 'keep-alive',
'Accept': 'application/json',
"Content-Type": "application/json",
"Authorization": "Bearer " + accessToken,
},
body: {
mode: 'raw',
},
};
pm.sendRequest(getPublicKeyRequest, function (getErr, getRes) {
if (getErr) {
console.log(getErr);
} else {
public_key = getRes.json().publicKey;
pm.environment.set("PUBLIC_KEY", public_key);
sendRequest();
}
})
}
function sendLoginRequest() {
const baseUrl = pm.request.getBaseUrl();
let username = pm.environment.get("LOGIN_USERNAME");
if (!username) {
username = pm.globals.get('LOGIN_USERNAME');
}
let password = pm.environment.get("LOGIN_PASSWORD");
if (!password) {
password = pm.globals.get('LOGIN_PASSWORD');
}
let randomKeys = random_keys(16);
const loginRequest = {
url: baseUrl + "/api/Login/LoginByPwd",
method: "POST",
header: {
'User-Agent': 'Coreqi with fanqi',
'Connection': 'keep-alive',
'Accept': 'application/text',
"Content-Type": "application/json",
},
body: {
mode: 'raw',
raw: JSON.stringify({ LoginName: username, PassWord: password }),
},
};
if (request_encryption == 1) {
loginRequest.header.Publickey = login_public_key;
loginRequest.header.Randomkeys = randomKeys;
loginRequest.header.SpecialKey = rsa_encrypt(randomKeys, login_public_key);
loginRequest.body.raw = aes_encrypt({ LoginName: username, PassWord: password }, randomKeys);
}
pm.sendRequest(loginRequest, function (err, res) {
if (err) {
console.log(err);
} else {
const token = res.text();
accessToken = token;
accessTokenExpires = new Date().getTime() + 1000 * 60 * 50;
pm.environment.set("ACCESS_TOKEN", accessToken);
pm.environment.set("ACCESS_TOKEN_EXPIRES", accessTokenExpires);
getPublicKeyRequest();
}
});
}
标签:加密,get,environment,自用,key,var,Apifox,public,pm
From: https://www.cnblogs.com/fanqisoft/p/17814646.html