Shulou(Shulou.com)06/01 Report--

Today, the editor will share with you the relevant knowledge points about how to use Requests to test the signed interface in python3. The content is detailed and the logic is clear. I believe most people still know too much about this, so share this article for your reference. I hope you can get something after reading this article.

Use Requests to test signed interfaces

For the sake of security, some businesses need to verify the signature of the interface request data.

Generally make some rules.

1. When the business side accesses the system, you need to apply for the service ID and the encryption key, which appear in pairs and are server-oriented and cannot be passed on the front end or the client.

2. All parameters with non-null values must participate in the signature

3. Signature algorithm:

a. Sort all parameters in ascending dictionary order by parameter name

b. All the sorted parameters are sorted according to key1=value1&key2=value2&key3=value. Is concatenated into a string, marked as signStr

c. After signStr, continue to add & key= encryption key

d. MD5 signature to signStr

An example of a get interface is given to illustrate the non-sign parameter url_params = {'type':'orderList',' userId':'198049148', 'country':86,' typeGroup':'', 'status':'',' rows':'20' passed by the domain name domain= "http://******/***/vip2.ldo?"#get tested by #! / sign #" 'page':'1',' businessId':'2',} sign= "sign=#" # delete a parameter with a null value To sign for key in list (url_params.keys ()): if not url_params.get (key): del url_ params [key] # in ascending order, you get a list The element of the list is url_params1 = sorted (url_params.items (), key=lambda DVOD [0], reverse=False) values = [] for li in url_params1: newsmbol = ('=',) # add a new element in the tuple li = li [: 1] + newsmbol+li [1:] # the tuple is converted to a string, the integer cannot be converted, and list contains numbers Cannot be directly converted into the string value = ".join ('% s'% id for id in li) values.append (value) # list replication cannot be used = need to use copy or list [:] values1 = values [:] values1.append (sign) sign1 =" & ".join (values1) # md5 call library function sign2 = hashlib.md5 (sign1.encode ('utf-8')). Hexdigest () sign=' sign='+sign2values.append (sign) para Join (values) url = domain+ paraprint (url) res = requests.get (url) print ('*-- *-- *') print (res.content) print ('*-- * *-- *') print (res.headers) print ('*-- * *-- *) print (res.status_code) if res.status_code = 200: print ('request) Successful') print ('* *-- *-- *) # json format print print (json.dumps (res.json ()) Indent=4)) print ('* *-- *-- *) # two methods if json.loads (res.text) ['msg'] =' success': print ('True') else: print (' error') if res.json () ['msg'] =' success': print ('True') else: print (' error')

In the for loop, which is equivalent to an operation on a linked list, it automatically calls the next method! The dictionary iterator iterates through its keys, and in the process

You can't change this dictionary! If you cannot delete or add data, you should first record the index of the element to be deleted, and then delete it after traversal. Url_params.keys () is in python2.

Is a separate list, python3 is an iterator, requires our list transformation to generate a separate list.

For key in list (url_params.keys ()): if not url_params.get (key): del url_ params [key]

Using the built-in sorted () function, you can sort dictionaries in ascending or descending order by key or value, and the sorting result converts the dictionary into a list in which the elements of the dictionary become a tuple.

In ascending order by key

Url_params1 = sorted (url_params.items (), key=lambda dvl d [0], reverse=False)

Flashback according to value

Url_params1 = sorted (url_params.items (), key=lambda dvd [1], reverse=True) Python signature interface test

In previous essays, we have learned how to use JMeter and Postman to implement interface tests for sign signature interface verification. Today we will learn how to write Python scripts to implement interface tests for signature interfaces.

Signature interface

Address: http://localhost:8080/pinter/com/userInfo

The parameters are:

{"phoneNum": "123434", "optCode": "testfan", "timestamp": "1211212", "sign": "fdsfdsaafsasfas"}

The sign field is the data encrypted according to a specific algorithm.

The signature algorithm for this API is sign=Md5 (phoneNum+ optCode+ timestamp)

The code is as follows: import timeimport randomimport hashlibimport requestsimport json#1. Generate a 5-digit random number phone=random.randint (10000 999999) # 2. Generate a 13-digit timestamp timeStamp=int (round (time.time () * 1000)) print (timeStamp) optCode= "testfan" # 3. Random number and timestamp concatenation t=str (phone+timeStamp) # 4.sign= random number phoneNum+optCodesign=t+optCode#5. Instantiate a md5 object md5=hashlib.md5 () # 6.sign field for md5 encryption md5.update (sign.encode ("utf-8")) print (md5.hexdigest ()) def md5_sign (): url= "http://localhost:8080/pinter/com/userInfo" header= {" Content-Type ":" application/json "} body= {" phoneNum ": phone," optCode ":" testfan "," timestamp ": timeStamp," sign ": md5.hexdigest ()} respon = requests.post (url=url, headers=header) Data=body) return respon.json () if _ _ name__ ='_ _ main__': print (md5_sign ()) are all the contents of the article "how to use Requests to test signed interfaces in python3" Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.