{"info":{"_postman_id":"7b303b25-f003-4985-96ad-e0ae9c20d605","name":"Google Service Account Sheets Demo","description":"<html><head></head><body><p><a href=\"https://stackoverflow.com/questions/53965446/how-to-sign-a-jwt-with-a-private-key-pem-in-cryptojs\">https://stackoverflow.com/questions/53965446/how-to-sign-a-jwt-with-a-private-key-pem-in-cryptojs</a></p>\n<p>Side Load JSRSAssign to sign JWT tokens to be able to login into Google Sheets API </p>\n</body></html>","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"8140651","collectionId":"7b303b25-f003-4985-96ad-e0ae9c20d605","publishedId":"SWECYFyf","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"EF5B25"},"publishDate":"2019-12-19T02:28:59.000Z"},"item":[{"name":"Side Load JSRSASign ","event":[{"listen":"test","script":{"id":"20f894e9-6424-4d64-b713-2997a664acd5","exec":["pm.environment.set('jsrsasign-js', responseBody);"],"type":"text/javascript"}}],"id":"27b9311b-fa00-440c-b2c6-002607e9072a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"http://kjur.github.io/jsrsasign/jsrsasign-latest-all-min.js","description":"<p>Load the JS RSA Sign library\nWe can do this by calling a CDN of the library. \nThen save it to an environment and calling <code>eval</code> on it in the next script we want to use it in.</p>\n","urlObject":{"protocol":"http","path":["jsrsasign","jsrsasign-latest-all-min.js"],"host":["kjur","github","io"],"query":[],"variable":[]}},"response":[],"_postman_id":"27b9311b-fa00-440c-b2c6-002607e9072a"},{"name":"Google Get Token","event":[{"listen":"test","script":{"id":"efe39120-686a-4440-a22e-9eecfdb7e7e8","exec":["var response = pm.response.json()","var accessToken = response.access_token; ","pm.environment.set('accessToken', accessToken);","console.log(accessToken);"],"type":"text/javascript"}},{"listen":"prerequest","script":{"id":"517f73a9-5088-4baa-8bf0-4b3803590c27","exec":["var navigator = {};","var window = {};","eval(pm.environment.get(\"jsrsasign-js\"));","","var scope = pm.environment.get('scope');","var iss = pm.environment.get('iss');","var privateKey = pm.environment.get('privateKey');","","const header = {\"alg\" : \"RS256\", \"typ\" : \"JWT\"};","","const claimSet =","{","  \"iss\": iss,","  \"scope\": scope ,","  \"aud\":\"https://oauth2.googleapis.com/token\",","  \"exp\":KJUR.jws.IntDate.get(\"now + 1hour\").toString(),","  \"iat\": KJUR.jws.IntDate.get(\"now\").toString()","}","","console.log(`header: ${ JSON.stringify(header)}`);","console.log(`claim set: ${ JSON.stringify(claimSet) }`);","console.log(`Private Key: ${ privateKey }`);","","//  let jws = new KJUR.jws.JWS(); ","var jwt =  KJUR.jws.JWS.sign(null, header, claimSet, privateKey);","console.log(jwt);","","pm.environment.set('jwt', jwt);"],"type":"text/javascript"}}],"id":"fa914e7e-362a-4698-8a5a-0c81dfebf5f9","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/x-www-form-urlencoded","type":"text"}],"body":{"mode":"urlencoded","urlencoded":[{"key":"grant_type","value":"urn:ietf:params:oauth:grant-type:jwt-bearer","type":"text"},{"key":"assertion","value":"{{jwt}} ","type":"text"}]},"url":"https://oauth2.googleapis.com/token","description":"<p>Here we just pass in the required information about the service account and scopes we want to touch. \nThen sign the payload and send it over for an access token. </p>\n<p>//iss: email address of service account \n//scope A space-delimited list of the permissions that the application requests.\n//aud   A descriptor of the intended target of the assertion. When making an access token request this value is always <a href=\"https://oauth2.googleapis.com/token\">https://oauth2.googleapis.com/token</a>.\n//exp   The expiration time of the assertion, specified as seconds since 00:00:00 UTC, January 1, 1970. This value has a maximum of 1 hour after the issued time.\n//iat   The time the assertion was issued, specified as seconds since 00:00:00 UTC, January 1, 1970.</p>\n<p><a href=\"https://developers.google.com/identity/protocols/OAuth2ServiceAccount#makingrequest\">https://developers.google.com/identity/protocols/OAuth2ServiceAccount#makingrequest</a></p>\n<p><a href=\"https://gist.github.com/dinvlad/425a072c8d23c1895e9d345b67909af0\">https://gist.github.com/dinvlad/425a072c8d23c1895e9d345b67909af0</a></p>\n","urlObject":{"protocol":"https","path":["token"],"host":["oauth2","googleapis","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"fa914e7e-362a-4698-8a5a-0c81dfebf5f9"},{"name":"Update Sheet","id":"6b76251b-5ba9-48ba-9a26-f7629c174c9a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer {{accessToken}}","type":"text"}],"body":{"mode":"raw","raw":"{\n  \"values\": [\n    [ 'Hello', 'World', '!']\n  ]\n}"},"url":"https://sheets.googleapis.com/v4/spreadsheets/{{sheetId}}/values/{{range}}:append?valueInputOption=USER_ENTERED&insertDataOption=INSERT_ROWS","description":"<p>Now we can just pass in the token as if we got it from a consent screen in the Auth tab! </p>\n<p>Happy hacking!</p>\n","urlObject":{"protocol":"https","path":["v4","spreadsheets","{{sheetId}}","values","{{range}}:append"],"host":["sheets","googleapis","com"],"query":[{"key":"valueInputOption","value":"USER_ENTERED"},{"key":"insertDataOption","value":"INSERT_ROWS"}],"variable":[]}},"response":[],"_postman_id":"6b76251b-5ba9-48ba-9a26-f7629c174c9a"}]}