{"info":{"_postman_id":"4c451c6a-4f82-48d7-b1db-942047f518f9","name":"PipelineCrew - Blacklist API","description":"<html><head></head><body><p>Colección de endpoints para la API de gestión de blacklist de emails</p>\n</body></html>","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"48225661","collectionId":"4c451c6a-4f82-48d7-b1db-942047f518f9","publishedId":"2sBXitD7Yb","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2026-04-11T23:37:33.000Z"},"item":[{"name":"1. Generar Token JWT","event":[{"listen":"test","script":{"id":"fd2612cc-930a-4293-b241-de65ba485a37","exec":["pm.test('Status 200', function () {","    pm.response.to.have.status(200);","});","","pm.test('La respuesta es JSON válido', function () {","    pm.expect(() => pm.response.json()).to.not.throw();","});","","const jsonData = pm.response.json();","","pm.test('Existe access_token', function () {","    pm.expect(jsonData).to.have.property('access_token');","    pm.expect(jsonData.access_token).to.be.a('string').and.not.empty;","});","","pm.collectionVariables.set('token', jsonData.access_token);"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"92d88253-7de3-4aa3-90fd-c38b5953868b","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"690e8628-b150-4ac3-957c-b90e0201b2da","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"http://p1e1-blacklist-env.eba-tihwm3np.us-east-1.elasticbeanstalk.com/generate-token","description":"<p>Genera un token JWT válido. Ejecuta este primero, automáticamente guardará el token en la variable  para los demás requests.</p>\n","urlObject":{"protocol":"http","path":["generate-token"],"host":["p1e1-blacklist-env","eba-tihwm3np","us-east-1","elasticbeanstalk","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"690e8628-b150-4ac3-957c-b90e0201b2da"},{"name":"2. Agregar email a blacklist (POST)","event":[{"listen":"test","script":{"id":"3fdec571-4963-4716-ac82-6c6330816371","exec":["const expectedStatuses = [200, 201];\r","const responseTimeLimit = 5000;\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code esperado para crear/agregar email', function () {\r","    pm.expect(expectedStatuses).to.include(pm.response.code);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r","    pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Existe token en variable de colección para request autenticado', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'La variable token debe existir').to.be.a('string').and.not.empty;\r","});\r","\r","pm.test('La respuesta tiene un tipo soportado', function () {\r","    pm.expect(contentType.length > 0 || rawBody.length >= 0).to.be.true;\r","});\r","\r","let jsonData = null;\r","const isJson = contentType.includes('application/json');\r","if (isJson && rawBody) {\r","    try { jsonData = pm.response.json(); } catch (e) {}\r","}\r","\r","pm.test('Si responde JSON, el body es un objeto o arreglo válido', function () {\r","    if (isJson && rawBody) {\r","        pm.expect(jsonData).to.not.equal(null);\r","        pm.expect(['object', 'array']).to.include(Array.isArray(jsonData) ? 'array' : typeof jsonData);\r","    } else {\r","        pm.expect(true).to.be.true;\r","    }\r","});\r","\r","pm.test('La respuesta indica éxito de forma tolerante', function () {\r","    if (!rawBody || !rawBody.trim()) {\r","        pm.expect([200, 201, 204]).to.include(pm.response.code);\r","        return;\r","    }\r","\r","    if (jsonData && typeof jsonData === 'object') {\r","        const flattened = JSON.stringify(jsonData).toLowerCase();\r","        const successFlag = jsonData.success;\r","        const allowedIndicators = ['blacklist', 'blocked', 'added', 'created', 'success', 'ok', 'registr'];\r","        const hasIndicator = allowedIndicators.some(word => flattened.includes(word));\r","\r","        if (typeof successFlag === 'boolean') {\r","            pm.expect(successFlag || hasIndicator).to.be.true;\r","        } else {\r","            pm.expect(hasIndicator || pm.response.code === 201 || pm.response.code === 200).to.be.true;\r","        }\r","    } else {\r","        pm.expect(rawBody.toLowerCase()).to.match(/blacklist|blocked|added|created|success|ok/);\r","    }\r","});\r","\r","pm.test('Si el body expone el email, corresponde al esperado', function () {\r","    const expectedEmail = pm.collectionVariables.get('blacklisted_email');\r","    if (jsonData && typeof jsonData === 'object') {\r","        const possibleEmail = jsonData.email || jsonData.data?.email || jsonData.result?.email;\r","        if (possibleEmail !== undefined) {\r","            pm.expect(String(possibleEmail).toLowerCase()).to.eql(expectedEmail);\r","        } else {\r","            pm.expect(true).to.be.true;\r","        }\r","    } else {\r","        pm.expect(true).to.be.true;\r","    }\r","});"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"b61cfdf5-51d3-45d0-af05-5e85ac5e3c98","exec":["const unique = Date.now() + '_' + Math.floor(Math.random() * 100000);\r","const email = `blacklist_${unique}@example.com`;\r","\r","pm.collectionVariables.set('blacklisted_email', email);\r","\r","if (!pm.collectionVariables.get('blocked_reason')) {\r","    pm.collectionVariables.set('blocked_reason', 'Actividad sospechosa detectada');\r","}\r","\r","if (!pm.collectionVariables.get('ip_address')) {\r","    pm.collectionVariables.set('ip_address', '192.168.1.1');\r","}\r","\r","pm.test('Existe token para autenticación', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"559821d9-c63a-40a5-8db1-40603be521bb","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"auth":{"type":"noauth","isInherited":false},"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\n    \"email\": \"\",\n    \"app_uuid\": \"550e8400-e29b-41d4-a716-446655440000\",\n    \"blocked_reason\": \"Actividad sospechosa detectada\"\n}"},"url":"http://p1e1-blacklist-env.eba-tihwm3np.us-east-1.elasticbeanstalk.com/blacklists","description":"<p>Agrega un email a la blacklist (requiere token JWT)</p>\n","urlObject":{"protocol":"http","path":["blacklists"],"host":["p1e1-blacklist-env","eba-tihwm3np","us-east-1","elasticbeanstalk","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"559821d9-c63a-40a5-8db1-40603be521bb"},{"name":"3. Verificar si email está en blacklist (GET)","event":[{"listen":"test","script":{"id":"23ed7536-fc00-49b9-86db-05d53c90a982","exec":["const expectedStatuses = [200];\r","const responseTimeLimit = 5000;\r","const queriedEmail = 'attacker@suspicious.com';\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code es 200', function () {\r","    pm.expect(pm.response.code).to.equal(200);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r","    pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Existe token en variable de colección para request autenticado', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'La variable token debe existir').to.be.a('string').and.not.empty;\r","});\r","\r","let jsonData = null;\r","const isJson = contentType.includes('application/json');\r","\r","pm.test('La respuesta tiene contenido útil', function () {\r","    pm.expect(rawBody.length).to.be.greaterThan(0);\r","});\r","\r","pm.test('Si responde JSON, el body es JSON válido', function () {\r","    if (isJson) {\r","        jsonData = pm.response.json();\r","        pm.expect(jsonData).to.be.an('object');\r","    } else {\r","        pm.expect(true).to.be.true;\r","    }\r","});\r","\r","pm.test('La respuesta sugiere que el email consultado está en blacklist', function () {\r","    if (jsonData && typeof jsonData === 'object') {\r","        const flattened = JSON.stringify(jsonData).toLowerCase();\r","        const blacklistFlags = [jsonData.blacklisted, jsonData.in_blacklist, jsonData.blocked, jsonData.exists];\r","        const hasTrueFlag = blacklistFlags.some(v => v === true);\r","        const hasIndicator = ['blacklist', 'blocked', 'listed', 'found', 'exists', queriedEmail.toLowerCase()].some(word => flattened.includes(word));\r","        pm.expect(hasTrueFlag || hasIndicator).to.be.true;\r","    } else {\r","        pm.expect(rawBody.toLowerCase()).to.match(/blacklist|blocked|listed|found|exists|attacker@suspicious.com/);\r","    }\r","});\r","\r","pm.test('Si el body expone el email, corresponde al consultado', function () {\r","    if (jsonData && typeof jsonData === 'object') {\r","        const possibleEmail = jsonData.email || jsonData.data?.email || jsonData.result?.email;\r","        if (possibleEmail !== undefined) {\r","            pm.expect(String(possibleEmail).toLowerCase()).to.eql(queriedEmail);\r","        } else {\r","            pm.expect(true).to.be.true;\r","        }\r","    } else {\r","        pm.expect(true).to.be.true;\r","    }\r","});"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"7e003d59-9f07-4eb0-8102-7c93fc5be065","exec":["pm.test('Existe token para autenticación', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"ecff732e-1fd4-493a-80ff-bfc7e1d6a12f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"http://p1e1-blacklist-env.eba-tihwm3np.us-east-1.elasticbeanstalk.com/blacklists/","description":"<p>Consulta si un email específico está en la blacklist</p>\n","urlObject":{"protocol":"http","path":["blacklists",""],"host":["p1e1-blacklist-env","eba-tihwm3np","us-east-1","elasticbeanstalk","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"ecff732e-1fd4-493a-80ff-bfc7e1d6a12f"},{"name":"4. Verificar email válido (no en blacklist)","event":[{"listen":"test","script":{"id":"98bcc480-14d7-4fa1-842e-290b595c654f","exec":["const expectedStatuses = [200, 204, 404];\r","const responseTimeLimit = 5000;\r","const queriedEmail = 'validemail@example.com';\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code dentro de los esperados para email no blacklisteado', function () {\r","    pm.expect(expectedStatuses).to.include(pm.response.code);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r","    pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Existe token en variable de colección para request autenticado', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'La variable token debe existir').to.be.a('string').and.not.empty;\r","});\r","\r","let jsonData = null;\r","const isJson = contentType.includes('application/json');\r","if (isJson && rawBody) {\r","    try { jsonData = pm.response.json(); } catch (e) {}\r","}\r","\r","pm.test('La respuesta es coherente con un email válido no bloqueado', function () {\r","    if (pm.response.code === 204) {\r","        pm.expect(rawBody).to.satisfy(body => body === '' || body === null);\r","        return;\r","    }\r","\r","    if (!rawBody || !rawBody.trim()) {\r","        pm.expect([204, 404]).to.include(pm.response.code);\r","        return;\r","    }\r","\r","    if (jsonData && typeof jsonData === 'object') {\r","        const flattened = JSON.stringify(jsonData).toLowerCase();\r","        const negativeFlags = [jsonData.blacklisted, jsonData.in_blacklist, jsonData.blocked, jsonData.exists];\r","        const hasExplicitNegativeFlag = negativeFlags.some(v => v === false);\r","        const hasNegativeIndicator = ['not found', 'not in blacklist', 'not blacklisted', 'false', 'valid', 'no existe', 'no está'].some(word => flattened.includes(word));\r","        pm.expect(hasExplicitNegativeFlag || hasNegativeIndicator || pm.response.code === 404 || pm.response.code === 204).to.be.true;\r","    } else {\r","        pm.expect(rawBody.toLowerCase()).to.match(/not found|not in blacklist|not blacklisted|valid|no existe|no está/);\r","    }\r","});\r","\r","pm.test('Si el body expone el email, corresponde al consultado', function () {\r","    if (jsonData && typeof jsonData === 'object') {\r","        const possibleEmail = jsonData.email || jsonData.data?.email || jsonData.result?.email;\r","        if (possibleEmail !== undefined) {\r","            pm.expect(String(possibleEmail).toLowerCase()).to.eql(queriedEmail);\r","        } else {\r","            pm.expect(true).to.be.true;\r","        }\r","    } else {\r","        pm.expect(true).to.be.true;\r","    }\r","});"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"7bec1135-f1c9-4341-8cb4-86a28b8be0e7","exec":["pm.test('Existe token para autenticación', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"14604b63-22f5-4cdb-86ee-fd73c10bfcb4","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"http://p1e1-blacklist-env.eba-tihwm3np.us-east-1.elasticbeanstalk.com/blacklists/","description":"<p>Consulta un email que existe pero no está en la blacklist</p>\n","urlObject":{"protocol":"http","path":["blacklists",""],"host":["p1e1-blacklist-env","eba-tihwm3np","us-east-1","elasticbeanstalk","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"14604b63-22f5-4cdb-86ee-fd73c10bfcb4"},{"name":"5. Verificar email con formato inválido","event":[{"listen":"test","script":{"id":"9ebfb6b8-6e6d-487e-bec3-974db80a462c","exec":["const expectedStatuses = [400, 404, 422];\r","const responseTimeLimit = 5000;\r","const invalidEmail = 'invalidemail';\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code dentro de los esperados para email inválido', function () {\r","    pm.expect(expectedStatuses).to.include(pm.response.code);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r","    pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Existe token en variable de colección para request autenticado', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'La variable token debe existir').to.be.a('string').and.not.empty;\r","});\r","\r","let jsonData = null;\r","const isJson = contentType.includes('application/json');\r","if (isJson && rawBody) {\r","    try { jsonData = pm.response.json(); } catch (e) {}\r","}\r","\r","pm.test('La respuesta comunica error o validación de formato inválido', function () {\r","    if (!rawBody || !rawBody.trim()) {\r","        pm.expect([400, 404, 422]).to.include(pm.response.code);\r","        return;\r","    }\r","\r","    if (jsonData && typeof jsonData === 'object') {\r","        const flattened = JSON.stringify(jsonData).toLowerCase();\r","        const indicatorWords = ['invalid', 'email', 'format', 'validation', 'bad request', 'incorrect', 'malformed', 'error'];\r","        const hasIndicator = indicatorWords.some(word => flattened.includes(word));\r","        const hasErrorShape = jsonData.error !== undefined || jsonData.message !== undefined || jsonData.detail !== undefined || jsonData.errors !== undefined;\r","        pm.expect(hasIndicator || hasErrorShape).to.be.true;\r","    } else {\r","        pm.expect(rawBody.toLowerCase()).to.match(/invalid|email|format|validation|bad request|incorrect|malformed|error/);\r","    }\r","});\r","\r","pm.test('Si el body expone el valor inválido, corresponde al consultado', function () {\r","    if (jsonData && typeof jsonData === 'object') {\r","        const possibleEmail = jsonData.email || jsonData.input || jsonData.data?.email || jsonData.result?.email;\r","        if (possibleEmail !== undefined) {\r","            pm.expect(String(possibleEmail).toLowerCase()).to.include(invalidEmail);\r","        } else {\r","            pm.expect(true).to.be.true;\r","        }\r","    } else {\r","        pm.expect(true).to.be.true;\r","    }\r","});"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"d75a3b4c-bc50-4d51-ace0-a1398c817143","exec":["pm.test('Existe token para autenticación', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"d8735e63-aa4c-4769-b813-eeb8980b0c6f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"http://p1e1-blacklist-env.eba-tihwm3np.us-east-1.elasticbeanstalk.com/blacklists/invalidemail","description":"<p>Consulta un email con formato inválido (sin @)</p>\n","urlObject":{"protocol":"http","path":["blacklists","invalidemail"],"host":["p1e1-blacklist-env","eba-tihwm3np","us-east-1","elasticbeanstalk","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"d8735e63-aa4c-4769-b813-eeb8980b0c6f"},{"name":"6. Agregar email a blacklist (sin app_uuid)","event":[{"listen":"prerequest","script":{"id":"4c072efb-2cfb-4fcb-9ea8-4d6cd7c1d952","exec":["const unique = Date.now() + '_' + Math.floor(Math.random() * 100000);\r","const email = `blacklist_${unique}@example.com`;\r","\r","pm.collectionVariables.set('blacklisted_email', email);\r","\r","if (!pm.collectionVariables.get('blocked_reason')) {\r","    pm.collectionVariables.set('blocked_reason', 'Actividad sospechosa detectada');\r","}\r","\r","if (!pm.collectionVariables.get('ip_address')) {\r","    pm.collectionVariables.set('ip_address', '192.168.1.1');\r","}\r","\r","pm.test('Existe token para autenticación', function () {\r","    const token = pm.collectionVariables.get('token');\r","    pm.expect(token, 'token de colección').to.be.a('string').and.not.empty;\r","});"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"test","script":{"id":"72d01557-1d65-4963-b5a5-a1c0a67a7178","exec":["const expectedStatuses = [400];\r","const responseTimeLimit = 5000;\r","const rawBody = pm.response.text();\r","const contentType = (pm.response.headers.get('Content-Type') || '').toLowerCase();\r","\r","pm.test('Status code 401 esperado para crear/agregar email', function () {\r","    pm.expect(expectedStatuses).to.include(pm.response.code);\r","});\r","\r","pm.test('Tiempo de respuesta menor a 5000 ms', function () {\r","    pm.expect(pm.response.responseTime).to.be.below(responseTimeLimit);\r","});\r","\r","pm.test('Mensaje de respuesta', function(){\r","    pm.expect(rawBody).to.include('app_uuid es obligatorio');\r","})"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"e42bbd92-61c3-4421-9e92-fd8c8d91ee12","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\r\n    \"email\": \"\",\r\n    \"blocked_reason\": \"Actividad sospechosa detectada\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://p1e1-blacklist-env.eba-tihwm3np.us-east-1.elasticbeanstalk.com/blacklists","urlObject":{"protocol":"http","path":["blacklists"],"host":["p1e1-blacklist-env","eba-tihwm3np","us-east-1","elasticbeanstalk","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"e42bbd92-61c3-4421-9e92-fd8c8d91ee12"}],"event":[{"listen":"prerequest","script":{"id":"28e144d9-d973-43cd-9cc8-7f787e5f668f","type":"text/javascript","packages":{},"requests":{},"exec":[""]}},{"listen":"test","script":{"id":"6d5e3d7a-161c-4c5d-87ed-e7abf06a7419","type":"text/javascript","packages":{},"requests":{},"exec":[""]}}],"variable":[{"key":"token","value":""},{"key":"blacklisted_email","value":""},{"key":"valid_email","value":""},{"key":"invalid_email","value":""},{"key":"app_uuid","value":""},{"key":"blocked_reason","value":""},{"key":"ip_address","value":""}]}