Last active
October 17, 2021 16:56
-
-
Save mtilson/8fe73ed5d10996601d04516714c91e99 to your computer and use it in GitHub Desktop.
how to get PKI JWT token and verify it using CLI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # generate RSA private key | |
| openssl genrsa -out 01-key.pem | |
| # get corresponding public key | |
| openssl pkey -in 01-key.pem -inform pem -out 02-pub.pem -outform pem -pubout | |
| # get JWT header | |
| echo -n '{"alg":"RS256","typ":"JWT"}' > 03-header.json | |
| # make sure the content doesn't have trailing newline | |
| md5sum 03-header.json > 04-header.json.md5 | |
| # get sample JWT payload | |
| echo -n '{"id":"1302","username":"dentist","iat":1594406600,"role":"struggler"}' > 05-payload.json | |
| # make sure the content doesn't have trailing newline | |
| md5sum 05-payload.json > 06-payload.json.md5 | |
| # create JWT header | |
| cat 03-header.json | base64 | sed -e 's/+/-/g; s/\//_/g; s/=//g' | tr -d '\n' > 07-header.base64.urlencoded | |
| # create JWT payload | |
| cat 05-payload.json | base64 | sed -e 's/+/-/g; s/\//_/g; s/=//g' | tr -d '\n' > 08-payload.base64.urlencoded | |
| # create JWT signature | |
| echo -n "$(cat 07-header.base64.urlencoded).$(cat 08-payload.base64.urlencoded)" | \ | |
| openssl dgst -sha256 -sign 01-key.pem -binary | \ | |
| base64 | sed -e 's/+/-/g; s/\//_/g; s/=/\n/g' | tr -d '\n' > 09-signature.base64.urlencoded | |
| # get JWT | |
| echo -n "$(cat 07-header.base64.urlencoded).$(cat 08-payload.base64.urlencoded).$(cat 09-signature.base64.urlencoded)" \ | |
| > 10-jwt | |
| # having token (as '10-jwt') and public key (as '02-pub.pem') verify the signature of token using the public key | |
| echo -n "$(cut -d'.' -f1 10-jwt).$(cut -d'.' -f2 10-jwt)" | \ | |
| openssl dgst \ | |
| -verify 02-pub.pem \ | |
| -sha256 \ | |
| -signature <({ cut -d'.' -f3 10-jwt | sed -e 's#-#+#g; s#_#/#g' | tr -d '\n' ; echo -n '====' ; } | \ | |
| fold -w 4 | sed '$ d' | tr -d '\n' | base64 -d) \ | |
| > 12-verification-result.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN RSA PRIVATE KEY----- | |
| MIIEpAIBAAKCAQEApqSvEOry0GO34LfJYuMhryAq04ssFTEcWzEfFXqbVYYAOC1r | |
| Rz1qTexHSrF2ckN38sL02E/knTaG13wp0a/96VNo5RcZSc+2Bnv63mheWAS6mnNY | |
| VW+BuOduhLv6UGkaA23wLGfXSs+CgbBezSC+ydJgyCINxW1JJEwLLwMbug+jDBQs | |
| 1bYc3pOZ17LU+At2qV2J6g9kmWE1PeWTH7o5lcim9vU0Uz57dJJQWtgM5M5svhx8 | |
| sR6p0SVNnT88f7+f+IpUy5lbrUSgYyjC7r8twP9+xG2n60HIcfDQrrSQAs9TgTnh | |
| pFsAMEvn8p9Y7FZoWafk/u7VbD+B2OJWFHvrewIDAQABAoIBAQCbFNuPRPdfk82F | |
| pcQW8QVh8u+oGvaVajTXcOlaldWFS8Vcgng5vh/2EJNwIaL3R26TT3eI7yD0ZdAr | |
| LXPFnqEPyP3vZQW1uUXO1wZqgHp8MzptjjaAm9r/dvFVOZMDzivVUTSYPrMO/fqY | |
| Msim4XhsXgqPdZGXT9MnolUuFRhyl6YGSh2hH6CYOrVEwF6MIZD1zuvwNUXs6JA2 | |
| HVQOHawuGDj8wyGk7BHAosBg6PsOlhE9I/WnprbLVjneBiK5Xdyzc3mZAR06OwV1 | |
| XHxK9zON3FEjtguGhPPSbRCRsiqlLBsYysrs9dXxcykBABXmTcHpojMjIN+I+Q6F | |
| LUIIXtChAoGBANcfZ5bYqJpjKkUwnFqkczUGO34ORym5p42GzC6S1McsxAQ9KUBM | |
| 5+ZtPyS9RwKyvgdEQa4GEEZQXYO/ztjpOLQkZMbyz1U0oyRTpJjm7Fj4piOwEJMU | |
| gqVZV3OhpzW1W1whG2SkkfQJGg8czzRMI+Alt0gwlSzxGenrYZXyjPSZAoGBAMZP | |
| Aq75g2Y5yJ9TravlVjONqNfOT9BrIKV/A+0v0M+rU7xIqujVkMWumRHckoad8xUZ | |
| U3iZBcg5T6DhZJl8HU5CxdtuAzFp2LLaG9Fqys21sBqIGzxTYetqdi020DQVbmQZ | |
| 9KZRyoeRfmFzqicZwXyLh+0HnqCOljZLhp0JDlkzAoGBANAeLs6N/teV9nAHrkw2 | |
| 6soypF24nHouhX3zGhg4ryeeFGjxbrYpcPTJXhxCDa/7ksJe85fTf+02lLIAX7IU | |
| N2p4BxM+Fv2ctfRQA151kdQlgj3meLKCVj53Z5aTnrvkH2XLFcBRQm6wW4ihW4iB | |
| 3PdeJanubnOTMXnP4ZH6nQmJAoGAcRZLhHa7jQc0tk8kwdsFnl6RQ4fekg8VTesx | |
| 1Qeof1THap7R//cSGPkpRztOv7/BCG4p4KL63iR4mVkPYkuZ9rAzXp/M6FfhAJVK | |
| udC5mDedFnQ5e9xdAb/zZnNUpe72xdTbZCFOaqL4vCAWjzer1BdJy0zGE+9cD9hg | |
| CptIeGsCgYBqMz5GWRktSKUUbn8Q1IW1dGp7tLPLdC3jTPPsVgVBmZKSBB64ZGQz | |
| 7cRduFFafg1gWybjCzEZMyszJC4B5JQvYEe0OcxNR+uvndBBzOEtQ/StHLlq5ti4 | |
| IiOEz2KtoZY4duV+q8xygMVo2o31KLh5ZV5fUhviPDatUcjfUP0WKg== | |
| -----END RSA PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN PUBLIC KEY----- | |
| MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqSvEOry0GO34LfJYuMh | |
| ryAq04ssFTEcWzEfFXqbVYYAOC1rRz1qTexHSrF2ckN38sL02E/knTaG13wp0a/9 | |
| 6VNo5RcZSc+2Bnv63mheWAS6mnNYVW+BuOduhLv6UGkaA23wLGfXSs+CgbBezSC+ | |
| ydJgyCINxW1JJEwLLwMbug+jDBQs1bYc3pOZ17LU+At2qV2J6g9kmWE1PeWTH7o5 | |
| lcim9vU0Uz57dJJQWtgM5M5svhx8sR6p0SVNnT88f7+f+IpUy5lbrUSgYyjC7r8t | |
| wP9+xG2n60HIcfDQrrSQAs9TgTnhpFsAMEvn8p9Y7FZoWafk/u7VbD+B2OJWFHvr | |
| ewIDAQAB | |
| -----END PUBLIC KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"alg":"RS256","typ":"JWT"} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 87db4e2ba3c0751033776826c7bc8de5 03-header.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"id":"1302","username":"dentist","iat":1594406600,"role":"struggler"} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 28c19832919ef7f28ccfb5282f9f0671 05-payload.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| eyJpZCI6IjEzMDIiLCJ1c2VybmFtZSI6ImRlbnRpc3QiLCJpYXQiOjE1OTQ0MDY2MDAsInJvbGUiOiJzdHJ1Z2dsZXIifQ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Z_yomI9vPgDiwBHW4MXXcrXgA_NRWiXwh469a3WNFhcJeHqv9GvcuizpedY_NSTedM0-Wj4-TpU4p9kLmIltFoqXoDxWZtpp5wAy6F0WkiVo9PFHTBOIl5MhlTgxKH119Q_jyJdyUoGdMmr5OFgmD52wHw2dOx_cEPQeFOoFjZZmKdn-kxsFOC2Nms4kk-zJuigxGxU2WD2ujc0Eebb_4NguhBZTZxvYMFOBKMh5GCeRZPed648PJXFqWj203hOjAdk1ADA-PSJLBYLsAV5Pzbuv8cfED1RbU_iWalaNFHYr5wDTdRNHS0hnzlZFaNX1o_6yomRvzHWsyV7x7WnPsA |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjEzMDIiLCJ1c2VybmFtZSI6ImRlbnRpc3QiLCJpYXQiOjE1OTQ0MDY2MDAsInJvbGUiOiJzdHJ1Z2dsZXIifQ.Z_yomI9vPgDiwBHW4MXXcrXgA_NRWiXwh469a3WNFhcJeHqv9GvcuizpedY_NSTedM0-Wj4-TpU4p9kLmIltFoqXoDxWZtpp5wAy6F0WkiVo9PFHTBOIl5MhlTgxKH119Q_jyJdyUoGdMmr5OFgmD52wHw2dOx_cEPQeFOoFjZZmKdn-kxsFOC2Nms4kk-zJuigxGxU2WD2ujc0Eebb_4NguhBZTZxvYMFOBKMh5GCeRZPed648PJXFqWj203hOjAdk1ADA-PSJLBYLsAV5Pzbuv8cfED1RbU_iWalaNFHYr5wDTdRNHS0hnzlZFaNX1o_6yomRvzHWsyV7x7WnPsA |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Verified OK |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment