feat: Postman 预请求处理脚本

2019-04-22 15:03:08 +08:00 · 2019-04-22 15:03:08 +08:00 · 6c8194bb0a
commit 6c8194bb0a
parent 3bde304986
1 changed files with 358 additions and 0 deletions
--- a/instagram-prerequest-script.js
+++ b/instagram-prerequest-script.js
@ -0,0 +1,358 @@
+function Base64 () {
+  // private property
+  this._keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+}
+//public method for encoding
+Base64.prototype.encode = function (input) {
+  let output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0;
+  input = this._utf8_encode(input);
+  while (i < input.length) {
+    chr1 = input.charCodeAt(i++);
+    chr2 = input.charCodeAt(i++);
+    chr3 = input.charCodeAt(i++);
+    enc1 = chr1 >> 2;
+    enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+    enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+    enc4 = chr3 & 63;
+    if (isNaN(chr2)) {
+      enc3 = enc4 = 64;
+    } else if (isNaN(chr3)) {
+      enc4 = 64;
+    }
+    output = output +
+      this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
+      this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
+  }
+  return output;
+}
+
+// public method for decoding
+Base64.prototype.decode = function (input) {
+  let output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0;
+  input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
+  while (i < input.length) {
+    enc1 = this._keyStr.indexOf(input.charAt(i++));
+    enc2 = this._keyStr.indexOf(input.charAt(i++));
+    enc3 = this._keyStr.indexOf(input.charAt(i++));
+    enc4 = this._keyStr.indexOf(input.charAt(i++));
+    chr1 = (enc1 << 2) | (enc2 >> 4);
+    chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+    chr3 = ((enc3 & 3) << 6) | enc4;
+    output = output + String.fromCharCode(chr1);
+    if (enc3 != 64) {
+      output = output + String.fromCharCode(chr2);
+    }
+    if (enc4 != 64) {
+      output = output + String.fromCharCode(chr3);
+    }
+  }
+  output = this._utf8_decode(output);
+  return output;
+}
+
+// private method for UTF-8 encoding
+Base64.prototype._utf8_encode = function (string) {
+  string = string.replace(/\r\n/g, "\n");
+  let utftext = "";
+  for (let n = 0; n < string.length; n++) {
+    let c = string.charCodeAt(n);
+    if (c < 128) {
+      utftext += String.fromCharCode(c);
+    } else if ((c > 127) && (c < 2048)) {
+      utftext += String.fromCharCode((c >> 6) | 192);
+      utftext += String.fromCharCode((c & 63) | 128);
+    } else {
+      utftext += String.fromCharCode((c >> 12) | 224);
+      utftext += String.fromCharCode(((c >> 6) & 63) | 128);
+      utftext += String.fromCharCode((c & 63) | 128);
+    }
+
+  }
+  return utftext;
+}
+
+// private method for UTF-8 decoding
+Base64.prototype._utf8_decode = function (utftext) {
+  let string = "", i = 0, c = 0, c1 = 0, c2 = 0, c3 = 0;
+  while (i < utftext.length) {
+    c = utftext.charCodeAt(i);
+    if (c < 128) {
+      string += String.fromCharCode(c);
+      i++;
+    } else if ((c > 191) && (c < 224)) {
+      c2 = utftext.charCodeAt(i + 1);
+      string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
+      i += 2;
+    } else {
+      c2 = utftext.charCodeAt(i + 1);
+      c3 = utftext.charCodeAt(i + 2);
+      string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
+      i += 3;
+    }
+  }
+  return string;
+}
+
+let Base = new Base64();
+
+function md5 (str) {
+  return CryptoJS.MD5(str).toString()
+}
+function addinterruptchars (str) {
+  let $chars = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678';
+  let maxPos = $chars.length;
+  let newstr = '';
+  for (let i = 0; i < str.length; i++) {
+    newstr = newstr + str.charAt(i) + $chars.charAt(Math.floor(Math.random() * maxPos));
+  }
+  return newstr;
+}
+function authcode (string, isencrypt) {
+  let timestamp = Date.parse(new Date()) / 1000;//;
+  if (isencrypt)
+    string = string + timestamp;
+  let ckey_length = 5;
+  // 密匙
+  // let key = postman.getEnvironmentletiable("encryptkey");
+  let key = pm.environment.get('encryptkey')
+  key = md5(key)
+  // 密匙a会参与加解密
+  let keya = md5(key.substr(0, 12));
+  //console.log('keya:'+keya)
+  // 密匙b会用来做数据完整性验证
+  let keyb = md5(key.substr(12, 20));
+  // 密匙c用于变化生成的密文
+  //console.log('keyb:'+keyb)
+  let keyc = isencrypt ? md5(timestamp).substr(32 - ckey_length) : string.substr(0, ckey_length);
+  //console.log('keyc:'+keyc)
+  // 参与运算的密匙
+  let cryptkey = keya + md5(keya + keyc);
+  let key_length = cryptkey.length;
+  console.log('cryptkey:' + cryptkey)
+
+  let tempstr = md5(string + keyb).substr(0, 18);//检验字符串
+  string = isencrypt ? (timestamp + 120) + tempstr + string : Base.decode(string.substr(ckey_length));//timestamp+120过期时间
+
+  let string_length = string.length;
+  //console.log('string='+string+' length='+string_length);
+  let result = '';
+  let box = [];
+  let rndkey = [];
+
+  // 128是ascrii码,字符范围,也可取256以内其它数字,产生密匙簿,加解密的cryptkey是相同的,由当时时间md5生成的
+  for (let i = 0; i < 128; i++) {
+    rndkey[i] = cryptkey.charCodeAt(i % key_length);
+    box[i] = i;
+  }
+  let tmp;
+  // 用固定的算法，打乱密匙簿，增加随机性，好像很复杂，实际上对并不会增加密文的强度
+  for (let j = 0, i = 0; i < 128; i++) {
+    j = (j + box[i] + rndkey[i]) % 128;//rndkey[i]是随机数,j是也是随机,加起来也是随机数
+    tmp = box[i];
+    box[i] = box[j];
+    box[j] = tmp;
+  }
+
+  // 核心加解密部分
+  for (let a = j = i = 0; i < string_length; i++) {
+    a = (a + 1) % 128;
+    j = (j + box[a]) % 128;
+    tmp = box[a];//再次打乱
+    box[a] = box[j];
+    box[j] = tmp;
+    // 从密匙簿得出密匙进行异或，再转成字符
+
+    let b = box[(box[a] + box[j]) % 128];
+
+    let c = a ^ b;
+    let d = String.fromCharCode(c);
+    result += String.fromCharCode(string.charCodeAt(i) ^ (box[(box[a] + box[j]) % 128]));
+  }
+
+  //console.log('result='+result);
+  if (isencrypt) {
+    // 把动态密匙保存在密文里，这也是为什么同样的明文，生产不同密文后能解密的原因
+    // 因为加密后的密文可能是一些特殊字符，复制过程可能会丢失，所以用base64编码
+    return keyc + Base.encode(result);
+  }
+  else {
+    return result.substr(28)
+  }
+
+}
+function randomString (len) {
+  len = len || 32;
+  let $chars = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678';
+  let maxPos = $chars.length;
+  let pwd = '';
+  for (let i = 0; i < len; i++) {
+    pwd += $chars.charAt(Math.floor(Math.random() * maxPos));
+  }
+  return pwd;
+}
+function aesEncrypt (message, key, iv) {
+  let ciphertext = CryptoJS.AES.encrypt(message, key, {
+    iv: iv,
+    mode: CryptoJS.mode.CBC,
+    padding: CryptoJS.pad.Pkcs7
+  });
+  //return ciphertext;//密码对象(Obejct类型，非WordArray类型)，Base64编码。
+  return ciphertext.toString();//密码对象的Base64字符串
+
+}
+
+if (pm.environment.get("isencrypt") == 1) {
+  hasparam = 1
+  // try {
+  //   ps = pm.request.body.urlencoded.members
+  // }
+  // catch (err) {
+  //   console.log('没有设置参数')
+  //   hasparam = 0
+  //   pm.request.body.urlencoded = new Array()
+  // }
+
+  //let param={'key':'zyh','value':'lisi'}
+  //pm.request.body.urlencoded.members.push(param)
+  console.log('hasparam值：', hasparam)
+  console.log('请求参数：', pm.request.body.urlencoded.members)
+  // if (hasparam == 0) {
+  //   console.log('请求参数：', pm.request.body.urlencoded.members)
+  // }
+  let oldparams = {};
+  let params = {};
+  let ps = pm.request.body.urlencoded.members;
+  // if (!ps) {
+  //   ps = []
+  // }
+  let regex = /\{{2}(\w+)\}{2}/
+  for (let i = 0; i < ps.length; i++) {
+    let param = ps[i]
+    let value = param.value
+    let vReg = regex.exec(value)
+    let key = param.key
+    oldparams[key] = value
+    if (param.disabled == true || key == "receipt") {
+      //console.log('disabled:'+key)
+      continue
+    }
+    if (key == 'params') {
+      continue
+    }
+    
+    if (vReg !== null && vReg.length > 1) {
+      console.log(key, pm.environment.get(vReg[1]))
+      params[encodeURIComponent(key)] = pm.environment.get(vReg[1])
+    } else {
+      params[encodeURIComponent(key)] = value;
+    }
+  }
+  console.log('params:', params)
+  if (!oldparams.hasOwnProperty('app_bundle_id')) {
+    params['app_bundle_id'] = pm.environment.get('app_bundle_id');
+  }
+  if (!oldparams.hasOwnProperty('device_id')) {
+    params['device_id'] = pm.environment.get('device_id');
+  }
+  if (!oldparams.hasOwnProperty('token')) {
+    params['token'] = pm.environment.get('token');
+  }
+  // 其他基础参数
+  params['lang'] = pm.environment.get('lang');
+  params['timezone'] = pm.environment.get('timezone');
+  params['platform'] = pm.environment.get('platform');
+  params['app_name'] = pm.environment.get('app_name');
+  params['device_version'] = pm.environment.get('device_version');
+
+  let jsonstr = JSON.stringify(params);
+  // let jsonstr='{"app_bundle_id":"com.ylp.qrforfollowers","app_name":"qrforfollowers","app_version":"1.2","device_id":"EA7FA2BA-92FC-4538-93F7-B00E1B90A4F3","device_version":"12.1.2","instagram_id":"2207136901","lang":"zh-Hans-CN","password":"edee9KBx+HBBzOm8WS1pJHgB6aTIMMlYJLAZ8HT9Ban55MTkvTgUvB0NBcVgtO0Mb","platform":"iOS","timezone":"Asia/Shanghai","username":"sherryboa","token":"b6ea6b8fd7a4e00cb9e172a17a035ef5"}'
+
+  let CryptoJS = require("crypto-js");
+  let iv = randomString(16)
+  //let iv='JdG3kecbQPSWKHKp'
+  console.log('iv转类型  ' + CryptoJS.enc.Utf8.parse(iv))
+
+  //let iv='1111111111111111'
+  // let cryptkey = postman.getEnvironmentletiable("encryptkey");
+  let cryptkey = pm.environment.get('encryptkey')
+  console.log('jsonstr  ' + jsonstr)
+  //测试
+  let ciphertext = aesEncrypt(jsonstr, CryptoJS.enc.Utf8.parse(cryptkey), CryptoJS.enc.Utf8.parse(iv));//加密
+  console.log('iv  ' + iv)
+  console.log('ciphertext  ' + ciphertext)
+  let checkdata = CryptoJS.HmacSHA256(jsonstr, cryptkey);
+  console.log('HmacSHA256checkdata  ' + checkdata)
+
+  checkdata = CryptoJS.enc.Base64.stringify(checkdata)
+  console.log('Base64checkdata  ' + checkdata)
+
+  
+  let encstr = btoa(iv + atob(checkdata) + atob(ciphertext))
+  console.log('[BASE64]btoa结果:', encstr)
+  encstr = encstr.replace(/\//g, '_a')
+  encstr = encstr.replace(/\+/g, '_b')
+  encstr = encstr.replace(/\=/g, '_c')
+
+  console.log('[BASE64]加密前:', encstr)
+  if (pm.environment.get("authcode_encrypt") == 1) {
+    encstr = authcode(encstr, 1)
+    console.log('[BASE64]authcode:', encstr)
+  }
+
+  if (pm.environment.get("interrupt_encrypt") == 1) {
+    encstr = addinterruptchars(encstr)
+    console.log('[BASE64]interupt:', encstr)
+  }
+
+  pm.environment.set("params", encstr)
+  console.log('[BASE64]加密后:', encstr)
+
+  // let requestCfg = {
+  //   url: pm.environment.get('host') + '/index/instagram/base64encrypt',
+  //   method: 'POST',
+  //   body: {
+  //     mode: 'urlencoded',
+  //     urlencoded: [
+  //       {
+  //         key: 'encstr',
+  //         value: ciphertext,
+  //         disabled: false
+  //       },
+  //       {
+  //         key: 'checkdata',
+  //         value: checkdata,
+  //         disabled: false
+  //       },
+  //       {
+  //         key: 'iv',
+  //         value: iv,
+  //         disabled: false
+  //       },
+  //     ]
+  //   }
+  // }
+  // pm.sendRequest(requestCfg, function (err, response) {
+  //   try {
+  //     console.log('base64encrypt', response.json())
+  //     encstr = response.json()['msg']
+  //     console.log('[BASE64]加密前:', encstr)
+  //     if (pm.environment.get("authcode_encrypt") == 1) {
+  //       encstr = authcode(encstr, 1);
+  //       console.log('[BASE64]authcode:', encstr)
+  //     }
+
+  //     if (pm.environment.get("interrupt_encrypt") == 1) {
+  //       encstr = addinterruptchars(encstr)
+  //       console.log('[BASE64]interupt:', encstr)
+  //     }
+
+  //     pm.environment.set("params", encstr);
+  //     console.log('[BASE64]加密后:', encstr)
+  //   } catch (e) {
+  //     console.error(e.message, e)
+  //     console.log('[BASE64]response:', response.text())
+  //   }
+  // })
+}
+
+