feat: Postman 预请求处理脚本

2019-04-22 15:03:08 +08:00 · 2019-04-22 15:03:08 +08:00 · 6c8194bb0a
commit 6c8194bb0a
parent 3bde304986
1 changed files with 358 additions and 0 deletions
--- a/instagram-prerequest-script.js
+++ b/instagram-prerequest-script.js
@ -0,0 +1,358 @@
 function Base64 () {
  // private property
  this._keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
 }
 //public method for encoding
 Base64.prototype.encode = function (input) {
  let output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0;
  input = this._utf8_encode(input);
  while (i < input.length) {
    chr1 = input.charCodeAt(i++);
    chr2 = input.charCodeAt(i++);
    chr3 = input.charCodeAt(i++);
    enc1 = chr1 >> 2;
    enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
    enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
    enc4 = chr3 & 63;
    if (isNaN(chr2)) {
      enc3 = enc4 = 64;
    } else if (isNaN(chr3)) {
      enc4 = 64;
    }
    output = output +
      this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
      this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
  }
  return output;
 }
 // public method for decoding
 Base64.prototype.decode = function (input) {
  let output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0;
  input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
  while (i < input.length) {
    enc1 = this._keyStr.indexOf(input.charAt(i++));
    enc2 = this._keyStr.indexOf(input.charAt(i++));
    enc3 = this._keyStr.indexOf(input.charAt(i++));
    enc4 = this._keyStr.indexOf(input.charAt(i++));
    chr1 = (enc1 << 2) | (enc2 >> 4);
    chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
    chr3 = ((enc3 & 3) << 6) | enc4;
    output = output + String.fromCharCode(chr1);
    if (enc3 != 64) {
      output = output + String.fromCharCode(chr2);
    }
    if (enc4 != 64) {
      output = output + String.fromCharCode(chr3);
    }
  }
  output = this._utf8_decode(output);
  return output;
 }
 // private method for UTF-8 encoding
 Base64.prototype._utf8_encode = function (string) {
  string = string.replace(/\r\n/g, "\n");
  let utftext = "";
  for (let n = 0; n < string.length; n++) {
    let c = string.charCodeAt(n);
    if (c < 128) {
      utftext += String.fromCharCode(c);
    } else if ((c > 127) && (c < 2048)) {
      utftext += String.fromCharCode((c >> 6) | 192);
      utftext += String.fromCharCode((c & 63) | 128);
    } else {
      utftext += String.fromCharCode((c >> 12) | 224);
      utftext += String.fromCharCode(((c >> 6) & 63) | 128);
      utftext += String.fromCharCode((c & 63) | 128);
    }
  }
  return utftext;
 }
 // private method for UTF-8 decoding
 Base64.prototype._utf8_decode = function (utftext) {
  let string = "", i = 0, c = 0, c1 = 0, c2 = 0, c3 = 0;
  while (i < utftext.length) {
    c = utftext.charCodeAt(i);
    if (c < 128) {
      string += String.fromCharCode(c);
      i++;
    } else if ((c > 191) && (c < 224)) {
      c2 = utftext.charCodeAt(i + 1);
      string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
      i += 2;
    } else {
      c2 = utftext.charCodeAt(i + 1);
      c3 = utftext.charCodeAt(i + 2);
      string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
      i += 3;
    }
  }
  return string;
 }
 let Base = new Base64();
 function md5 (str) {
  return CryptoJS.MD5(str).toString()
 }
 function addinterruptchars (str) {
  let $chars = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678';
  let maxPos = $chars.length;
  let newstr = '';
  for (let i = 0; i < str.length; i++) {
    newstr = newstr + str.charAt(i) + $chars.charAt(Math.floor(Math.random() * maxPos));
  }
  return newstr;
 }
 function authcode (string, isencrypt) {
  let timestamp = Date.parse(new Date()) / 1000;//;
  if (isencrypt)
    string = string + timestamp;
  let ckey_length = 5;
  // 密匙
  // let key = postman.getEnvironmentletiable("encryptkey");
  let key = pm.environment.get('encryptkey')
  key = md5(key)
  // 密匙a会参与加解密
  let keya = md5(key.substr(0, 12));
  //console.log('keya:'+keya)
  // 密匙b会用来做数据完整性验证
  let keyb = md5(key.substr(12, 20));
  // 密匙c用于变化生成的密文
  //console.log('keyb:'+keyb)
  let keyc = isencrypt ? md5(timestamp).substr(32 - ckey_length) : string.substr(0, ckey_length);
  //console.log('keyc:'+keyc)
  // 参与运算的密匙
  let cryptkey = keya + md5(keya + keyc);
  let key_length = cryptkey.length;
  console.log('cryptkey:' + cryptkey)
  let tempstr = md5(string + keyb).substr(0, 18);//检验字符串
  string = isencrypt ? (timestamp + 120) + tempstr + string : Base.decode(string.substr(ckey_length));//timestamp+120过期时间
  let string_length = string.length;
  //console.log('string='+string+' length='+string_length);
  let result = '';
  let box = [];
  let rndkey = [];
  // 128是ascrii码,字符范围,也可取256以内其它数字,产生密匙簿,加解密的cryptkey是相同的,由当时时间md5生成的
  for (let i = 0; i < 128; i++) {
    rndkey[i] = cryptkey.charCodeAt(i % key_length);
    box[i] = i;
  }
  let tmp;
  // 用固定的算法，打乱密匙簿，增加随机性，好像很复杂，实际上对并不会增加密文的强度
  for (let j = 0, i = 0; i < 128; i++) {
    j = (j + box[i] + rndkey[i]) % 128;//rndkey[i]是随机数,j是也是随机,加起来也是随机数
    tmp = box[i];
    box[i] = box[j];
    box[j] = tmp;
  }
  // 核心加解密部分
  for (let a = j = i = 0; i < string_length; i++) {
    a = (a + 1) % 128;
    j = (j + box[a]) % 128;
    tmp = box[a];//再次打乱
    box[a] = box[j];
    box[j] = tmp;
    // 从密匙簿得出密匙进行异或，再转成字符
    let b = box[(box[a] + box[j]) % 128];
    let c = a ^ b;
    let d = String.fromCharCode(c);
    result += String.fromCharCode(string.charCodeAt(i) ^ (box[(box[a] + box[j]) % 128]));
  }
  //console.log('result='+result);
  if (isencrypt) {
    // 把动态密匙保存在密文里，这也是为什么同样的明文，生产不同密文后能解密的原因
    // 因为加密后的密文可能是一些特殊字符，复制过程可能会丢失，所以用base64编码
    return keyc + Base.encode(result);
  }
  else {
    return result.substr(28)
  }
 }
 function randomString (len) {
  len = len || 32;
  let $chars = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678';
  let maxPos = $chars.length;
  let pwd = '';
  for (let i = 0; i < len; i++) {
    pwd += $chars.charAt(Math.floor(Math.random() * maxPos));
  }
  return pwd;
 }
 function aesEncrypt (message, key, iv) {
  let ciphertext = CryptoJS.AES.encrypt(message, key, {
    iv: iv,
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.Pkcs7
  });
  //return ciphertext;//密码对象(Obejct类型，非WordArray类型)，Base64编码。
  return ciphertext.toString();//密码对象的Base64字符串
 }
 if (pm.environment.get("isencrypt") == 1) {
  hasparam = 1
  // try {
  //   ps = pm.request.body.urlencoded.members
  // }
  // catch (err) {
  //   console.log('没有设置参数')
  //   hasparam = 0
  //   pm.request.body.urlencoded = new Array()
  // }
  //let param={'key':'zyh','value':'lisi'}
  //pm.request.body.urlencoded.members.push(param)
  console.log('hasparam值：', hasparam)
  console.log('请求参数：', pm.request.body.urlencoded.members)
  // if (hasparam == 0) {
  //   console.log('请求参数：', pm.request.body.urlencoded.members)
  // }
  let oldparams = {};
  let params = {};
  let ps = pm.request.body.urlencoded.members;
  // if (!ps) {
  //   ps = []
  // }
  let regex = /\{{2}(\w+)\}{2}/
  for (let i = 0; i < ps.length; i++) {
    let param = ps[i]
    let value = param.value
    let vReg = regex.exec(value)
    let key = param.key
    oldparams[key] = value
    if (param.disabled == true || key == "receipt") {
      //console.log('disabled:'+key)
      continue
    }
    if (key == 'params') {
      continue
    }
    if (vReg !== null && vReg.length > 1) {
      console.log(key, pm.environment.get(vReg[1]))
      params[encodeURIComponent(key)] = pm.environment.get(vReg[1])
    } else {
      params[encodeURIComponent(key)] = value;
    }
  }
  console.log('params:', params)
  if (!oldparams.hasOwnProperty('app_bundle_id')) {
    params['app_bundle_id'] = pm.environment.get('app_bundle_id');
  }
  if (!oldparams.hasOwnProperty('device_id')) {
    params['device_id'] = pm.environment.get('device_id');
  }
  if (!oldparams.hasOwnProperty('token')) {
    params['token'] = pm.environment.get('token');
  }
  // 其他基础参数
  params['lang'] = pm.environment.get('lang');
  params['timezone'] = pm.environment.get('timezone');
  params['platform'] = pm.environment.get('platform');
  params['app_name'] = pm.environment.get('app_name');
  params['device_version'] = pm.environment.get('device_version');
  let jsonstr = JSON.stringify(params);
  // let jsonstr='{"app_bundle_id":"com.ylp.qrforfollowers","app_name":"qrforfollowers","app_version":"1.2","device_id":"EA7FA2BA-92FC-4538-93F7-B00E1B90A4F3","device_version":"12.1.2","instagram_id":"2207136901","lang":"zh-Hans-CN","password":"edee9KBx+HBBzOm8WS1pJHgB6aTIMMlYJLAZ8HT9Ban55MTkvTgUvB0NBcVgtO0Mb","platform":"iOS","timezone":"Asia/Shanghai","username":"sherryboa","token":"b6ea6b8fd7a4e00cb9e172a17a035ef5"}'
  let CryptoJS = require("crypto-js");
  let iv = randomString(16)
  //let iv='JdG3kecbQPSWKHKp'
  console.log('iv转类型  ' + CryptoJS.enc.Utf8.parse(iv))
  //let iv='1111111111111111'
  // let cryptkey = postman.getEnvironmentletiable("encryptkey");
  let cryptkey = pm.environment.get('encryptkey')
  console.log('jsonstr  ' + jsonstr)
  //测试
  let ciphertext = aesEncrypt(jsonstr, CryptoJS.enc.Utf8.parse(cryptkey), CryptoJS.enc.Utf8.parse(iv));//加密
  console.log('iv  ' + iv)
  console.log('ciphertext  ' + ciphertext)
  let checkdata = CryptoJS.HmacSHA256(jsonstr, cryptkey);
  console.log('HmacSHA256checkdata  ' + checkdata)
  checkdata = CryptoJS.enc.Base64.stringify(checkdata)
  console.log('Base64checkdata  ' + checkdata)
  let encstr = btoa(iv + atob(checkdata) + atob(ciphertext))
  console.log('[BASE64]btoa结果:', encstr)
  encstr = encstr.replace(/\//g, '_a')
  encstr = encstr.replace(/\+/g, '_b')
  encstr = encstr.replace(/\=/g, '_c')
  console.log('[BASE64]加密前:', encstr)
  if (pm.environment.get("authcode_encrypt") == 1) {
    encstr = authcode(encstr, 1)
    console.log('[BASE64]authcode:', encstr)
  }
  if (pm.environment.get("interrupt_encrypt") == 1) {
    encstr = addinterruptchars(encstr)
    console.log('[BASE64]interupt:', encstr)
  }
  pm.environment.set("params", encstr)
  console.log('[BASE64]加密后:', encstr)
  // let requestCfg = {
  //   url: pm.environment.get('host') + '/index/instagram/base64encrypt',
  //   method: 'POST',
  //   body: {
  //     mode: 'urlencoded',
  //     urlencoded: [
  //       {
  //         key: 'encstr',
  //         value: ciphertext,
  //         disabled: false
  //       },
  //       {
  //         key: 'checkdata',
  //         value: checkdata,
  //         disabled: false
  //       },
  //       {
  //         key: 'iv',
  //         value: iv,
  //         disabled: false
  //       },
  //     ]
  //   }
  // }
  // pm.sendRequest(requestCfg, function (err, response) {
  //   try {
  //     console.log('base64encrypt', response.json())
  //     encstr = response.json()['msg']
  //     console.log('[BASE64]加密前:', encstr)
  //     if (pm.environment.get("authcode_encrypt") == 1) {
  //       encstr = authcode(encstr, 1);
  //       console.log('[BASE64]authcode:', encstr)
  //     }
  //     if (pm.environment.get("interrupt_encrypt") == 1) {
  //       encstr = addinterruptchars(encstr)
  //       console.log('[BASE64]interupt:', encstr)
  //     }
  //     pm.environment.set("params", encstr);
  //     console.log('[BASE64]加密后:', encstr)
  //   } catch (e) {
  //     console.error(e.message, e)
  //     console.log('[BASE64]response:', response.text())
  //   }
  // })
 }