UNPKG

postman-runtime

Version:

Underlying library of executing Postman Collections (used by Newman)

github.com/postmanlabs/postman-runtime

postmanlabs/postman-runtime

100 lines (82 loc) 3.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
It's very easy to add new authentication mechanisms in Runtime and SDK. This document outlines the steps to be done to add a new auth mechanism. For the purposes of this documentation, we'll call the new auth method `demo`. ## Add your new authentication to Runtime Create a new file `demo.js` in `postman-runtime/lib/authorizer/` Every auth method needs to expose four different hooks, `pre`, `post`, `init` and `sign`. These are called in the {@tutorial request-send-flow}. ```javascript module.exports = { pre: function (context, requester, done) { done(null, true); }, init: function (context, requester, done) { done(null); }, post: function (context, requester, done) { done(null, true); }, sign: function (params, request) { return request; } }; ``` ### `pre` This function accepts three parameters, the context, a requester and a callback. The context contains information about the current [Item](http://www.postmanlabs.com/postman-collection/Item.html), the cursor, etc. The requester allows you to perform intermediate requests if necessary. Ultimately, this function should check whether the required authentication parameters are present, and return a boolean value indicating whether the pre-verification was successful. e.g: ```javascript pre: function demoAuthPreverification (context, requester, done) { var auth = context.auth.demo.toObject(); // if username or password is not present, fail the pre-verification step. if (!(auth.username && auth.password)) { return done(null, false); } done(null, true); } ``` ### `init` If the pre-verification step returns a falsey value, the {@link Authorizer} will call this function. This function should ideally fetch all required parameters, by either sending requests or by asking the user for input, or any other mechanism. e.g: ```javascript init: function demoAuthInitialize (context, requester, done) { var auth = context.auth.demo.toObject(); requester.request(new sdk.Item({ request: 'http://demoserver.com' }), function(err, response) { auth.challenge = response.headers.get('authorization'); }); } ``` ### `post` Once the request is sent and the response is received, the {@link Authorizer} will call this function. The job of this function is to determine whether the request should be replayed. If the post-verification fails, the request is replayed (sent again). e.g: ```javascript post: function demoAuthPost (context, requester, done) { var auth = context.auth.demo.toObject(); requester.request(new sdk.Item({ request: 'http://demoserver.com' }), function(err, response) { if (response.code === 401) { return done(null, false); // replay the request } return done(null, true); // don't replay }); } ``` ### `sign` This function is in charge of signing the request e.g: ```javascript sign: function demoSign (params, request) { var auth = context.auth.demo.toObject(); request.addHeader({ key: 'Authorization', value: 'Basic ' + btoa(auth.username + ':' + auth.password), system: true }); return request; } ```