Warning
This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.
14.3.4 Postman - Calling OCI REST API
Postman, the most used professional REST client tool, is more convenient to use through a GUI. Since OCI Request Signature is not yet natively supported, I would like to explain how to call OCI REST API using Postman’s pre-script.
To make a call through OCI Request Signature, Postman must use pre-script. Like Insomina, it does not provide plug-in functionality. Pre-script can be set in units of REST request, and can also be set in units of folders and collections.
If pre-script is set in a folder, pre-script is executed first before all REST requests under the folder. For ease of administration, we will use the pre-scripts in the folder.
Step 0. Download Postman
Download the app from the official site.
Step 1. Load RSA library to be used in pre-script
※ Loading external RSA JavaScript library The Cryto library included by default in pre-script does not support RSA encryption used by OCI Request Signature. So, add an external encryption library by bypassing it in the following way.
Make a GET request
Copy the following to the Test tab
pm.globals.set("jsrsasign-js", responseBody);Execute the request
Execution result
When executed as below, the encryption module is saved in the Postman global variable (jsrsasign-js).
Step 2. pre-script setting
Create a folder to contain the REST requests.
Right-click on the folder name and click Edit
Select the Pre-request Scripts tab in the folder settings.
Copy and paste the following JavaScript.
var navigator = {}; //fake a navigator object for the lib var window = {}; //fake a window object for the lib eval(pm.globals.get("jsrsasign-js")); //import javascript jsrsasign const isOracleCloud = pm.environment.get("isOracleCloud"); if (isOracleCloud != "true") return; const tenancyId = pm.environment.get('tenancyId'); const authUserId = pm.environment.get('authUserId'); const keyFingerprint = pm.environment.get('keyFingerprint'); var privateKey = pm.environment.get("privateKey"); var signAlgorithm = "RSA-SHA256"; var sigVersion = "1"; var now = new Date().toUTCString(); var host = getHost(request.url.trim()); var target = getTarget(request.url.trim()); var method = request.method; var keyId = tenancyId + "/" + authUserId + "/" + keyFingerprint; var headers = "(request-target) date host"; var request_target="(request-target): " + method.toLowerCase() + " " + target; var date_header = "date: " + now; var host_header = "host: " + host; var signing_string = request_target + "\n" + date_header + "\n" + host_header; var methodsThatRequireExtraHeaders = ["POST", "PUT"]; if(methodsThatRequireExtraHeaders.indexOf(method.toUpperCase()) !== -1) { var body = request.data; console.log(body); var signatureSign = CryptoJS.SHA256(body); var content_sha256 = signatureSign.toString(CryptoJS.enc.Base64); var content_type = "application/json"; var content_length = body.length; headers = headers + " x-content-sha256 content-type content-length"; var content_sha256_header = "x-content-sha256: " + content_sha256; var content_type_header = "content-type: " + content_type; var content_length_header = "content-length: " + content_length; signing_string = signing_string + "\n" + content_sha256_header + "\n" + content_type_header + "\n" + content_length_header; pm.environment.set("x-content-sha256_header", content_sha256); } // RSA signature generation var signatureSign = new KJUR.crypto.Signature({"alg": "SHA256withRSA"}); signatureSign.init(privateKey); signatureSign.updateString(signing_string); var signedSignatureHex = signatureSign.sign(); var signedSignature = hexToBase64(signedSignatureHex); const authorization = `Signature version="${sigVersion}", keyId="${keyId}", algorithm="${signAlgorithm.toLowerCase()}", headers="${headers}", signature="${signedSignature}"`; pm.environment.set("date_header", now); pm.environment.set("Authorization_header", authorization); function getHost(url) { // https://identity.us-ashburn-1.oraclecloud.com/20160918/users/ var n1 = url.indexOf("//"); var n2 = url.indexOf("/", n1 + 2); var start = n1 + 2; var length = n2 - start; var host = url.substr(start, length); return host; } function getTarget(url) { // https://identity.us-ashburn-1.oraclecloud.com/20160918/users/ url = url.replace(new RegExp('^https?://[^/]+/'),'/'); // strip hostname return url; } function hexToBase64(hexstring) { return btoa(hexstring.match(/\w{2}/g).map(function(a) { return String.fromCharCode(parseInt(a, 16)); }).join("")); }
Step 3. Setting environment variables
- Required environment variables
- isOracleCloud: Set to “true”, the set plugin is applied globally, and the detailed script works only when true.
- tenancyId: tenancy OCID
- authUserId: User OCID
- keyFingerprint: Fingerprint of API Key
- privateKey: Copy and paste the text of the private key that matches the public key registered with the API key.
Step 4. Run User Query REST API
Make a REST request under the folder you created earlier.
Select the environment variable set in the upper right corner.
Add date and Authorization to Header of REST request as shown in the figure.
- date : {{date_header}}
- Authorization : {{Authorization_header}}
- Actual values of date and Authorization are set at the time of execution while pre-script is executed.
- Except for POST and PUT, set only the above two HTTP operations.
Execution result
Step 5. Run REST API - CreateUser
Make a REST request under the folder you created earlier.
Select the environment variable set in the upper right corner.
Add date and Authorization to Header of REST request as shown in the figure.
- date : {{date_header}}
- Authorization : {{Authorization_header}}
- Content-Type : application/json
- x-content-sha256 : {{x-content-sha256_header}}
- Except for Content-Type, the three actual values are set at the time of execution as the pre-script is executed.
- For POST and PUT, set the above four. This is because there is a request message, so the request message is also added to the signature.
Execution result
When requesting with POST or PUT, copy and write the above REST request.
References
Refer to the following link for the use of external RSA JavaScript library in Postman’s pre-script.
As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.