HMAC/sha256 Token In Postman Pre-Req - Convert From js Sample

I am trying to send a payload to an API which requires auth in the header where a HMAC needs to be generated and encoded in base64. I am using postman and I believe that I will need to use the pre-req to generate the token and then map the generated token to the header as a variable but I'm a bit lost!

Below is the js sample from the suppliers spec and then below that is what I have converted it to in Postman (pre-req). I am getting value returned but I am sure my conversion is wrong and need some help getting it correct please! Also to set it as a variable so I can then add it into the header, if someone could help with that as well please it would be appreciated.

**Supplier Spec **

In order to generate your Basic Authentication Token you will require the two API keys and username you stored earlier. They are used in combination to generate an HMAC. Generate an HMAC based on the ClientAPIKey and the ContactAPIKey. You will then base64 encode the following values username + “:” + HMAC this should result it a string similar to this -

Basic c3hpcGRoZW7yeTpFWmZZTjBZa09SWFNGMFk0K0k2RVR1YjRVZnEveGZIeU9vbkh5S0gwbzc0PQ==

Below is a JS sample code used to generate the token.

const clientKey = ''; //\<------Paste Client/System API Key inside of the quotes
const contactKey = ''; //\<------Paste Contact/User API Key inside of the quotes
const username = ''; //\<------Paste Username inside of the quotes
function print() {
console.log("Basic " + genBasicToken(clientKey, contactKey, username));
}

function genBasicToken(clientAPIKey, contactAPIKey, username) {
var hmac = require('crypto').createHmac('sha256',
clientAPIKey).update(contactAPIKey).digest('base64');
return new Buffer(username + ":" + hmac).toString('base64');
}
print();

** My Conversion In Postman Pre-req**

const crypto = require('crypto-js');

const signToken = () =\> {
const clientKey = '50e36348-xxxxxxxxxxxxxxxxxxxx';
const contactKey = '0c24bd95-xxxxxxxxxxxxxxxxxxx';
const username = 'fakevalue';

return   crypto.SHA256(`basic:${clientKey}::${contactKey}::${username}`).toString(crypto.enc.Base64);

}

const signedToken = signToken();
console.log(`basic : ${signedToken}`)

In the postman console there was a value logged "basic : VtPjGxZv8TreQAwHj9lEx4ppSg9xxxxxxxxxxxxxxxxx"

The require() statement, commonly used in Node.js to include modules, is not supported in Postman's scripting environment because Postman scripts run in a sandboxed environment, the sandbox is designed to be secure and isolated from the local file system and network.

For cryptographic operations, Postman provides the CryptoJS library

Detail information in here

Code steps in Pre-request Script Tab

HMAC Generation: The function uses CryptoJS.HmacSHA256 to create an HMAC (Hash-based Message Authentication Code) by hashing the contactAPIKey with the clientAPIKey. HMACs are used for securely combining two pieces of data (in this case, the keys).

Base64 Encoding of HMAC: The generated HMAC, which is a hash value, is then encoded into a Base64 string using CryptoJS.enc.Base64.stringify. Base64 is a common encoding method used to represent binary data in a text format.

Concatenation: The function concatenates the username with the Base64 encoded HMAC, separating them with a colon (:). This follows the standard format for basic authentication credentials, which is clientKey:contactKey:username.

Final Base64 Encoding: The concatenated string is then converted into a UTF-8 format using CryptoJS.enc.Utf8.parse and subsequently encoded into Base64. This is the final token format.

Postman code At Pre-request Script Tab

const clientKey = '50e36348-xxxxxxxxxxxxxxxxxxxx';
const contactKey = '0c24bd95-xxxxxxxxxxxxxxxxxxx';
const username = 'fakevalue';

function genBasicToken(clientAPIKey, contactAPIKey, username) {
    var hmac = CryptoJS.HmacSHA256(contactAPIKey, clientAPIKey);
    var base64Hmac = CryptoJS.enc.Base64.stringify(hmac);
    return CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(username + ":" + base64Hmac));
}

console.log("Basic " + genBasicToken(clientKey, contactKey, username));

Node.js code

const clientKey = '50e36348-xxxxxxxxxxxxxxxxxxxx';
const contactKey = '0c24bd95-xxxxxxxxxxxxxxxxxxx';
const username = 'fakevalue'

function print() {
    console.log("Basic " + genBasicToken(clientKey, contactKey, username));
}

function genBasicToken(clientAPIKey, contactAPIKey, username) {
    var hmac = require('crypto').createHmac('sha256',
        clientAPIKey).update(contactAPIKey).digest('base64');
    return new Buffer(username + ":" + hmac).toString('base64');
}
print();

Result

It matched between node.js and Postman log for generated token.