Created
December 10, 2024 04:40
-
-
Save pragmatist-nz/e82f91271e1f9ea133b32f3d21e5c279 to your computer and use it in GitHub Desktop.
generate gh app jwt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -o pipefail | |
| client_id=$1 # Client ID as first argument | |
| pem=$( cat $2 ) # file path of the private key as second argument | |
| now=$(date +%s) | |
| iat=$((${now} - 60)) # Issues 60 seconds in the past | |
| exp=$((${now} + 600)) # Expires 10 minutes in the future | |
| b64enc() { openssl base64 | tr -d '=' | tr '/+' '_-' | tr -d '\n'; } | |
| header_json='{ | |
| "typ":"JWT", | |
| "alg":"RS256" | |
| }' | |
| # Header encode | |
| header=$( echo -n "${header_json}" | b64enc ) | |
| payload_json="{ | |
| \"iat\":${iat}, | |
| \"exp\":${exp}, | |
| \"iss\":\"${client_id}\" | |
| }" | |
| # Payload encode | |
| payload=$( echo -n "${payload_json}" | b64enc ) | |
| # Signature | |
| header_payload="${header}"."${payload}" | |
| signature=$( | |
| openssl dgst -sha256 -sign <(echo -n "${pem}") \ | |
| <(echo -n "${header_payload}") | b64enc | |
| ) | |
| # Create JWT | |
| JWT="${header_payload}"."${signature}" | |
| printf '%s\n' "$JWT" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment