My pre-request script has this.
var crypto = require('crypto-js');
I get this warning:
Using “crypto-js” library is deprecated. Use global “crypto” object instead.
How can I fix this?
1 Like
Hey @jimjonah 
Welcome to the Postman Community! 
Although the library is deprecated, it’s not going to be going away soon so you’re ok to still use that.
We have also just released a new feature, in the latest version that allows you to use external packages in the sandbox - you should be able to modify your script to this:
const crypto = pm.require('npm:[email protected]')
For example:
const crypto = pm.require('npm:[email protected]');
// Encrypt
var ciphertext = crypto.AES.encrypt('my message', 'secret key 123').toString();
// Decrypt
var bytes = crypto.AES.decrypt(ciphertext, 'secret key 123');
var originalText = bytes.toString(crypto.enc.Utf8);
console.log(originalText)
2 Likes
That is great, but what is the answer to the original question? How do I use the global “crypto” object instead?
Hey @scastrianni-gs
I have no insights into the scripts being used, as that wasn’t shared, but here’s an example.
I’m just using the crypto module without requiring it at the top of the script.
console.log(crypto.randomUUID());
async function sha256(message) {
const encoder = new TextEncoder();
const data = encoder.encode(message);
const hashBuffer = await crypto.subtle.digest('SHA-256', data);
const hashArray = Array.from(new Uint8Array(hashBuffer));
const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
console.log("SHA-256:", hashHex);
}
console.log(sha256("Hello, world!"));
What are you having issues with on your side?
If you can share more details, we will be able to help you. 
My current function is:
const Crypto = require("crypto-js");
function parseJWT(token, part) {
var partB64 = token.split('.')[part];
var partWds = Crypto.enc.Base64.parse(partB64);
var partStr = Crypto.enc.Utf8.stringify(partWds);
var partJson = JSON.parse(partStr);
return partJson;
}
My initial question is how to access this global “crypto” object? Do I have to import anything or do I just start referencing crypto in my code?
I tried just deleting the const Crypto = require("crypto-js"); line from my script and everything still works. Is there a global Crypto object that is a drop in replacement?
This could also be an option here without using the crypto module and use Buffer for decoding a JWT’s header or payload:
function parseJWT(token, part) {
const partB64Url = token.split('.')[part];
const partB64 = partB64Url.replace(/-/g, '+').replace(/_/g, '/');
const padded = partB64.padEnd(partB64.length + (4 - partB64.length % 4) % 4, '=');
const decoded = Buffer.from(padded, 'base64').toString('utf8');
return JSON.parse(decoded);
}
const token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.' +
'eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.' +
'SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';
// Parse header
const header = parseJWT(token, 0);
console.log("Header:", header);
// Parse payload
const payload = parseJWT(token, 1);
console.log("Payload:", payload);
Works beautifully! Thanks so much for this! You saved the day!
1 Like