Created
August 1, 2020 02:44
-
-
Save tobybellwood/741fc2ece8aa90db719777d75ef54b4d to your computer and use it in GitHub Desktop.
A BASH drop-in replacement for the create_jwt.py used in Lagoon (requires openssl & jq)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# | |
# JWT Encoder Bash Script | |
# modified from https://willhaley.com/blog/generate-jwt-with-bash/ | |
# | |
secret=${JWTSECRET} | |
# Static header fields. | |
header='{ | |
"typ": "JWT", | |
"alg": "HS256" | |
}' | |
# Use jq to set the dynamic `iat` and `exp` | |
# fields on the header using the current time. | |
# `iat` is set to now, and `exp` is now + 60 seconds. | |
# header=$( | |
# echo "${header}" | jq --arg time_str "$(date +%s)" \ | |
# ' | |
# ($time_str | tonumber) as $time_num | |
# | .iat=$time_num | |
# | .exp=($time_num + 60) | |
# ' | |
# ) | |
payload=$( | |
printf '{ | |
"role": "admin", | |
"iss": "auto-idler", | |
"aud": "%s", | |
"sub": "auto-idler" | |
}' "${JWTAUDIENCE}" | |
) | |
base64_encode() | |
{ | |
declare input=${1:-$(</dev/stdin)} | |
# Use `tr` to URL encode the output from base64. | |
printf '%s' "${input}" | base64 | tr -d '=' | tr '/+' '_-' | tr -d '\n' | |
} | |
json() { | |
declare input=${1:-$(</dev/stdin)} | |
printf '%s' "${input}" | jq -c . | |
} | |
hmacsha256_sign() | |
{ | |
declare input=${1:-$(</dev/stdin)} | |
printf '%s' "${input}" | openssl dgst -binary -sha256 -hmac "${secret}" | |
} | |
header_base64=$(echo "${header}" | json | base64_encode) | |
payload_base64=$(echo "${payload}" | json | base64_encode) | |
header_payload=$(echo "${header_base64}.${payload_base64}") | |
signature=$(echo "${header_payload}" | hmacsha256_sign | base64_encode) | |
echo "${header_payload}.${signature}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment