-
-
Save adrianriobo/967fdb9f6c7e04a9353a761dd4673ed9 to your computer and use it in GitHub Desktop.
Script to generate JWT for use with Github apps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Generate JWT for Github App | |
| # | |
| # Inspired by implementation by Will Haley at: | |
| # http://willhaley.com/blog/generate-jwt-with-bash/ | |
| # From: | |
| # https://stackoverflow.com/questions/46657001/how-do-you-create-an-rs256-jwt-assertion-with-bash-shell-scripting | |
| thisdir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" | |
| set -o pipefail | |
| # Change these variables: | |
| app_id=1337 | |
| app_private_key="$(< $thisdir/app.key)" | |
| # Shared content to use as template | |
| header='{ | |
| "alg": "RS256", | |
| "typ": "JWT" | |
| }' | |
| payload_template='{}' | |
| build_payload() { | |
| jq -c \ | |
| --arg iat_str "$(date +%s)" \ | |
| --arg app_id "${app_id}" \ | |
| ' | |
| ($iat_str | tonumber) as $iat | |
| | .iat = $iat | |
| | .exp = ($iat + 300) | |
| | .iss = ($app_id | tonumber) | |
| ' <<< "${payload_template}" | tr -d '\n' | |
| } | |
| b64enc() { openssl enc -base64 -A | tr '+/' '-_' | tr -d '='; } | |
| json() { jq -c . | LC_CTYPE=C tr -d '\n'; } | |
| rs256_sign() { openssl dgst -binary -sha256 -sign <(printf '%s\n' "$1"); } | |
| sign() { | |
| local algo payload sig | |
| algo=${1:-RS256}; algo=${algo^^} | |
| payload=$(build_payload) || return | |
| signed_content="$(json <<<"$header" | b64enc).$(json <<<"$payload" | b64enc)" | |
| sig=$(printf %s "$signed_content" | rs256_sign "$app_private_key" | b64enc) | |
| printf '%s.%s\n' "${signed_content}" "${sig}" | |
| } | |
| sign |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment