Add this to your .profile, .bashrc, .zshrc...
BASE64_DECODER="base64 -d" # option -d for Linux base64 tool
echo AAAA | base64 -d > /dev/null 2>&1 || BASE64_DECODER="base64 -D" # option -D on MacOS
decode_base64_url() {
local len=$((${#1} % 4))
local result="$1"
if [ $len -eq 2 ]; then result="$1"'=='
elif [ $len -eq 3 ]; then result="$1"'='
fi
echo "$result" | tr '_-' '/+' | $BASE64_DECODER
}
decode_jose(){
decode_base64_url $(echo -n $2 | cut -d "." -f $1) | jq .
}
decode_jwt_part(){
decode_jose $1 $2 | jq 'if .iat then (.iatStr = (.iat|todate)) else . end | if .exp then (.expStr = (.exp|todate)) else . end | if .nbf then (.nbfStr = (.nbf|todate)) else . end'
}
decode_jwt(){
decode_jwt_part 1 $1
decode_jwt_part 2 $1
}
# Decode JWT header
alias jwth="decode_jwt_part 1"
# Decode JWT Payload
alias jwtp="decode_jwt_part 2"
# Decode JWT header and payload
alias jwthp="decode_jwt"
# Decode JWE header
alias jweh="decode_jose 1"- Compute a dummy sample JWT
HEADER=$(cat << EOF |
{
"kid": "MY_KEY_ID",
"alg": "RS256"
}
EOF
base64)
PAYLOAD=$(cat << EOF |
{
"iss": "MY_ISSUER",
"aud": "MY_AUDIENCE",
"exp": 1547031984,
"jti": "AMaPLqDeRizB_WP161AK8w",
"iat": 1547024784,
"nbf": 1547024664,
"sub": "MY_SUBJECT"
}
EOF
base64)
SIGNATURE=FOOBAR==- Print the JWT header and payload
JWT=$HEADER.$PAYLOAD.$SIGNATURE
echo JWT Header:
jwth $JWT
echo JWT Payload:
jwtp $JWT
echo JWT Header and Payload:
jwthp $JWT
JWT Header:{
"kid": "MY_KEY_ID",
"alg": "RS256"
}JWT Payload:{
"iss": "MY_ISSUER",
"aud": "MY_AUDIENCE",
"exp": 1547031984,
"jti": "AMaPLqDeRizB_WP161AK8w",
"iat": 1547024784,
"nbf": 1547024664,
"sub": "MY_SUBJECT",
"iatStr": "2019-01-09T09:06:24Z",
"expStr": "2019-01-09T11:06:24Z",
"nbfStr": "2019-01-09T09:04:24Z"
}JWT Header and Payload:{
"kid": "MY_KEY_ID",
"alg": "RS256"
}
{
"iss": "MY_ISSUER",
"aud": "MY_AUDIENCE",
"exp": 1547031984,
"jti": "AMaPLqDeRizB_WP161AK8w",
"iat": 1547024784,
"nbf": 1547024664,
"sub": "MY_SUBJECT",
"iatStr": "2019-01-09T09:06:24Z",
"expStr": "2019-01-09T11:06:24Z",
"nbfStr": "2019-01-09T09:04:24Z"
}