We all know that if we want to consume SAP OData service to perform some write operation on server, that is, create, update or delete, it's necessary to get a CSRF token first and then append it as header field of the actual OData service call.
Previously I test such scenario using Postman, and I have to always do the following things manually:
1. fetch a valid CSRF token from server by specifying HTTP header field x-csrf-token's value as "fetch":
2. append this token to the header field of the second HTTP post request:
Then one of my colleagues inspired me: can all these boring steps could be finished automatically with a single click?
Yes! It could be just achieved by a little scripting in Postman itself.
1. Click this icon to open Environments maintain screen:
Create a new environment named "TokenSuite" and a variable "csrftoken" within it:
2. In the first token retrieve HTTP request, write the following simple script to parse the token from HTTP response and set it to the environment variable just created in previous step:
var token = postman.getResponseHeader("x-csrf-token");
console.log("token:" + token);