Hash Creation in Postman

aakashjain8693 · 8 November 2020 12:05

Hi Team,

we are using the marvel developer APIs for QA hiring purpose but we observed hash issues, who we will create the hash in the API.
You can create account from “https://developer.marvel.com/account” website if doesn’t have already.

End Point: https://gateway.marvel.com:443/v1/public/characters
Error occurred and says

To remove error, we need to give the public key as a parameter as highlighted below

When I added public key as parameter, I got the error as “hash unavailable”
Could you please suggest how we can create hash parameter

I found something from google but not exact the same

hash - a md5 digest of the ts parameter, your private key and your public key (e.g. md5(ts+privateKey+publicKey)
CryptoJS.MD5(timestamp+privateKey+publicKey)

Could someone please let me know I can create hash from timestamp, private and public key.

yusuftaymann · 8 November 2020 17:53

Hey @aakashjain8693,

Welcome to the community

Actually, it asks you to send ts (timestamp) and apiKey and hash when sending requests. If the API key will be your public key hash, it should be timestamp + privateKey + publicKey as you said.

https://www.md5hashgenerator.com/ you can generate a sample hash here.

You can easily access information from this document. https://developer.marvel.com/documentation/authorization

You can hire me. I’m just kidding

aakashjain8693 · 9 November 2020 11:19

Thanks, Got the missing points.
Definitely let me connect you for the hiring process

Just for the reference, I created pre-request Script too.

const public1=pm.environment.get("public");
const private1=pm.environment.get("private");
const time=pm.environment.get("ts");
hash= CryptoJS.MD5(time+private1+public1).toString();
pm.environment.set('hash', hash);
console.log(hash);

Do you have any idea why we can not go ahead with timestamp value as “{{$timestamp}}” to get the system generated values?

dannydainton · 9 November 2020 09:21

This would need to be replaced with const time=pm.environment.replaceIn("{{$timestamp}}"); if you wanted to use that dynamic variable in the request.

aakashjain8693 · 9 November 2020 09:58

Script as

const public1=pm.environment.get("public");
const private1=pm.environment.get("private");
const time=pm.environment.replaceIn("{{$timestamp}}");
hash= CryptoJS.MD5(time+private1+public1).toString();
pm.environment.set('hash', hash);
console.log(hash);

Nope, Error introduced as

{
    "code": "InvalidCredentials",
    "message": "That hash, timestamp and key combination is invalid."
}

dannydainton · 9 November 2020 10:11

Without knowing what ts was in the environment variable and why you needed to change this to {{$timestamp}} - This code doesn’t really mean anything.

The code will create something with a timestamp, using that dynamic variable.

const public1 = pm.environment.get("public"),
    private1 = pm.environment.get("private"),
    time = pm.environment.replaceIn("{{$timestamp}}"),
    hash = CryptoJS.MD5(time + private1 + public1).toString();
    
pm.environment.set('hash', hash);

console.log({time})
console.log({hash})

It feels like using something that you don’t know how to use, as a portal for hiring someone new seems strange.

aakashjain8693 · 9 November 2020 13:46

Thanks @dannydainton.
Yup, Strange but org. looking into different perspective.

Anyway thanks for the solution. I was just looking for different views on ts hard code value as “1” and timestamp system generated encrypted code.