42 lines
640 B
Bash
42 lines
640 B
Bash
#!/bin/bash
|
|
|
|
b64() { openssl base64 -e -A | tr '+/' '-_' | tr -d '='; }
|
|
|
|
usage() {
|
|
echo "Usage: $0 generate private-key-file [ttl-seconds]" >&2
|
|
exit 1
|
|
}
|
|
|
|
cmd="$1"
|
|
key_file="$2"
|
|
ttl="$3"
|
|
|
|
if [ "$cmd" != "generate" ]; then
|
|
usage
|
|
fi
|
|
|
|
if [ -z "$key_file" ]; then
|
|
usage
|
|
fi
|
|
|
|
if [ -z "$ttl" ]; then
|
|
ttl=3600
|
|
fi
|
|
|
|
case "$ttl" in
|
|
''|*[!0-9]*)
|
|
echo "invalid ttl-seconds: $ttl" >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
now=$(date +%s)
|
|
exp=$((now + ttl))
|
|
|
|
H=$(printf '{"alg":"RS256","typ":"JWT"}' | b64)
|
|
P=$(printf '{"sub":"123","iat":%s,"exp":%s}' "$now" "$exp" | b64)
|
|
D="$H.$P"
|
|
S=$(printf '%s' "$D" | openssl dgst -sha256 -sign "$key_file" | b64)
|
|
|
|
echo "$H.$P.$S"
|