// This code is a script used in Postman
// It can generate auth token for BigONE OpenAPI

function base64url(source) {
	// Encode in classical base64
	encodedSource = CryptoJS.enc.Base64.stringify(source);

	// Remove padding equal characters
	encodedSource = encodedSource.replace(/=+$/, '');

	// Replace characters according to base64url specifications
	encodedSource = encodedSource.replace(/\+/g, '-');
	encodedSource = encodedSource.replace(/\//g, '_');

	return encodedSource;
}

function addIAT(request) {
	var iat = Math.floor(Date.now() / 1000) + 257;
	data.iat = iat;
	return data;
}


var header = {
	"typ": "JWT",
	"alg": "HS256"
};

// var nonce = (Date.now() * Math.pow(10, 6)).toString();
var nonce = (Date.now() * Math.pow(10, 6));

var data = {
	"sub": pm.variables.get("api_key"),
	"type": "OpenAPI",
	"nonce": nonce,
	"recv_window": "10",
};

// data = addIAT(data);

var secret = pm.variables.get("api_secret");

// encode header
var stringifiedHeader = CryptoJS.enc.Utf8.parse(JSON.stringify(header));
var encodedHeader = base64url(stringifiedHeader);

// encode data
var stringifiedData = CryptoJS.enc.Utf8.parse(JSON.stringify(data));
var encodedData = base64url(stringifiedData);

// build token
var token = encodedHeader + "." + encodedData;

// sign token
var signature = CryptoJS.HmacSHA256(token, secret);
signature = base64url(signature);
var signedToken = token + "." + signature;

// You should use `jwt_sign` variable in your header
postman.setEnvironmentVariable("jwt_sign", signedToken);