kenmuse/jwt.sh

## jwt.sh
#!/bin/bash
set -euo pipefail

while getopts a:f: flag
do
    case "${flag}" in
        a) app_id=${OPTARG};;
        f) pem_path=${OPTARG};;
    esac
done

encode() {
    openssl enc -base64 -A -e |  tr '+/' '-_' | tr -d '='
}

trim_encode() {
    tr -d '\n' | encode
}

jwt() {
    local header payload enc_header enc_payload sig token
    header=$(jq -n -j -c \
                --arg alg RS256 \
                --arg type JWT \
                '{alg: $alg, typ: $type }')
    payload=$(jq -n -j -c \
                --argjson iat "$(date +%s)" \
                --argjson appId $app_id \
                --arg alg RS256 \
                --arg type JWT \
                '{iat: ($iat - 60), exp: ($iat + 600), iss: $appId}')
    enc_header=$(trim_encode <<< $header)
    enc_payload=$(trim_encode <<< $payload)
    sig=$(printf '%s.%s' $enc_header $enc_payload | openssl dgst -binary -sha256 -sign $pem_path | encode)
    token=$enc_header.$enc_payload.$sig
    printf $token
}

###

jwt_token=$(jwt)

curl --request GET \
     --url 'https://api.github.com/app' \
     --header "Authorization: Bearer ${jwt_token}" \
     --header "Accept: application/vnd.github+json" \
     --header "X-GitHub-Api-Version: 2022-11-28"

curl --request GET \
     --url 'https://api.github.com/app/installations' \
     --header "Authorization: Bearer ${jwt_token}" \
     --header "Accept: application/vnd.github+json" \
     --header "X-GitHub-Api-Version: 2022-11-28"

curl --request GET \
     --url 'https://api.github.com/repos/kenmuse-org/webgoat/installation' \
     --header "Authorization: Bearer ${jwt_token}" \
     --header "Accept: application/vnd.github+json" \
     --header "X-GitHub-Api-Version: 2022-11-28"

curl --request POST \
     --url 'https://api.github.com/app/installations/40229382/access_tokens' \
     --header "Authorization: Bearer ${jwt_token}" \
     --header "Accept: application/vnd.github+json" \
     --header "X-GitHub-Api-Version: 2022-11-28"
	#!/bin/bash
	set -euo pipefail

	while getopts a:f: flag
	do
	case "${flag}" in
	a) app_id=${OPTARG};;
	f) pem_path=${OPTARG};;
	esac
	done

	encode() {
	openssl enc -base64 -A -e \| tr '+/' '-_' \| tr -d '='
	}

	trim_encode() {
	tr -d '\n' \| encode
	}

	jwt() {
	local header payload enc_header enc_payload sig token
	header=$(jq -n -j -c \
	--arg alg RS256 \
	--arg type JWT \
	'{alg: $alg, typ: $type }')
	payload=$(jq -n -j -c \
	--argjson iat "$(date +%s)" \
	--argjson appId $app_id \
	--arg alg RS256 \
	--arg type JWT \
	'{iat: ($iat - 60), exp: ($iat + 600), iss: $appId}')
	enc_header=$(trim_encode <<< $header)
	enc_payload=$(trim_encode <<< $payload)
	sig=$(printf '%s.%s' $enc_header $enc_payload \| openssl dgst -binary -sha256 -sign $pem_path \| encode)
	token=$enc_header.$enc_payload.$sig
	printf $token
	}

	###

	jwt_token=$(jwt)

	curl --request GET \
	--url 'https://api.github.com/app' \
	--header "Authorization: Bearer ${jwt_token}" \
	--header "Accept: application/vnd.github+json" \
	--header "X-GitHub-Api-Version: 2022-11-28"

	curl --request GET \
	--url 'https://api.github.com/app/installations' \
	--header "Authorization: Bearer ${jwt_token}" \
	--header "Accept: application/vnd.github+json" \
	--header "X-GitHub-Api-Version: 2022-11-28"

	curl --request GET \
	--url 'https://api.github.com/repos/kenmuse-org/webgoat/installation' \
	--header "Authorization: Bearer ${jwt_token}" \
	--header "Accept: application/vnd.github+json" \
	--header "X-GitHub-Api-Version: 2022-11-28"

	curl --request POST \
	--url 'https://api.github.com/app/installations/40229382/access_tokens' \
	--header "Authorization: Bearer ${jwt_token}" \
	--header "Accept: application/vnd.github+json" \
	--header "X-GitHub-Api-Version: 2022-11-28"