/ref-java-jwt

Command line tool for creating and verifying JWT tokens. Created with Java, GraalVM native image, Picocli and JReleaser.

Primary LanguageJavaApache License 2.0Apache-2.0

JWT CLI

Command line tool for creating and verifying JWT tokens. Created with Java, GraalVM native image, Picocli and JReleaser.

Release Code quality checks Quality Gate Status GitHub release (latest by date) GitHub last commit GitHub commit activity GitHub pull requests GitHub issues GitHub contributors GitHub watchers Known Vulnerabilities

Contributors

Made with contrib.rocks.

Key FeaturesGetting startedHow to useConfigurationRelated projectsGitPod EnvironmentLicenseCode Quality

Key Features

This is a JWT CLI tool that is intended to serve as a reference implementation. This reference GitHub repo is built using
  • Java
  • Maven
  • Picocli
  • JReleaser
  • CodeCov for code coverage
  • Codeclimate and SonarCloud for quality checks
  • GitHub Actions and Workflows
  • GitPod environment
  • JUnit tests

Getting started

Once you have built and released the application, you can use the following commands to deploy the application to your Mac, Linux or Windows machine. This is powered by GraalVM native image and distribution using JReleaser and GitHub Actions and Workflow.

# Substitute your username
# Deploy to Mac
brew tap rrajesh1979/tap
brew install jwtc

To upgrade version

brew update
brew upgrade jwtc
==> Upgrading 1 outdated package:
rrajesh1979/tap/jwtc 0.0.3 -> 0.0.4
==> Downloading https://github.com/rrajesh1979/ref-java-jwt/releases/download/v0.0.4/jwtc-0.0.4-osx-x86_64.zip
==> Downloading from https://objects.githubusercontent.com/github-production-release-asset-2e65be/445972514/8ad8375b-3107-490d-a826-3ad6e913632a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4
######################################################################## 100.0%
==> Upgrading rrajesh1979/tap/jwtc
  0.0.3 -> 0.0.4

🍺  /usr/local/Cellar/jwtc/0.0.4: 5 files, 32.4MB, built in 3 seconds
==> Running `brew cleanup jwtc`...
Removing: /usr/local/Cellar/jwtc/0.0.3... (5 files, 32.2MB)
Removing: /Users/rajesh/Library/Caches/Homebrew/jwtc--0.0.3.zip... (10.4MB)

For command auto completion, you can use the following command.

source jwtc_completion
jwtc[TAB][TAB]
#Auto completion displays available sub-commands
jwtc
decode  encode  help

Once installed you can invoke jwtc with the file name and algorithm as shown below.

Invoking the command displays the usage information as shown below. This is powered by Picocli.

jwtc help
Usage: jwtc [-hV] [COMMAND]
Encode and decode JWT tokens.
  -h, --help      Show this help message and exit.
  -V, --version   Print version information and exit.
Commands:
  help    Displays help information about the specified command
  encode  Encode a JWT token
  decode  Decode JWT token
jwtc encode help
Unmatched argument at index 1: 'help'
Usage: jwtc encode [-iat] [-a=<alg>] [-aud=<aud>] [-i=<iss>] [-p=<userInput>]
                   [-s=<sub>] [-t=<ttlMillis>] [-ty=<typ>]
  -a, --algorithm=<alg>   Algorithm to be used. Default is HS256. Supported
                            algorithms are HS256, HS384, HS512, RS256, RS384,
                            RS512, ES256, ES384, ES512
      -aud, --audience=<aud>
                          Recipients the JWT is intended for.
  -i, --issuer=<iss>      Principal that issued the JWT.
      -iat, --issuedAt    Include issued at in JWT.
  -p, --userInput=<userInput>
                          User provided payload in JSON format.
  -s, --subject=<sub>     Subject of the JWT.
  -t, --ttl=<ttlMillis>   Time to Live in Milliseconds.
      -ty, --typ=<typ>    Token Type. Default is JWT.
jwtc decode help
Missing required options: '--jwt=<jwt>', '--key=<key>'
Usage: jwtc decode -j=<jwt> -k=<key>
  -j, --jwt=<jwt>   JWT String to be decoded.
  -k, --key=<key>   Key to be used for decoding.

Some valid commands are shown below.

jwtc encode
16:17:48.928 [main] INFO org.rrajesh1979.tool.JWTCEncode - Starting JWTCEncode
16:17:48.955 [main] INFO org.rrajesh1979.tool.JWTCEncode - JWT: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJycmFqZXNoMTk3OSIsImV4cCI6MjYwNzMxMTE4MTM1MjU5fQ.5aa6651mlTOf8NOGrrugi3pvHoSYhDah67vlTVWw1fA
16:17:48.955 [main] INFO org.rrajesh1979.tool.JWTCEncode - Secret Key: QeQvvdxnvB9XEk0y0nnNh6w4V8BWfJ2uBwrNlnp84w0=
jwtc decode -j="eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJKV1QgRW5jb2RlciIsImF1ZCI6IkhlbGxvIEpXVCIsIm5hbWUiOiJKb2UiLCJpc3MiOiJycmFqZXNoMTk3OSIsInBpY3R1cmUiOiJodHRwczovL2V4YW1wbGUuY29tL2ltYWdlLnBuZyJ9.l1j1JyW3nvWJ90De8taOe1tZ80sHHHDMaibYEPv78LfA3Bw-uGgCECy5MwkE6nY3hP7isup433X5VqS2xP22fw" -k="mOYKXJKdhBYQFWNr9cHHsgGvHseKRR9Rw7E379oeUuzfG18MmlcO3c8i7tBMMufziy6xMoZZAiO7bNKxZl7Rfw=="
16:18:07.913 [main] INFO org.rrajesh1979.tool.JWTCDecode - Starting JWTCDecode
16:18:07.921 [main] INFO org.rrajesh1979.tool.JWTCDecode - Decoded JWT Header: {typ=JWT, alg=HS512}
16:18:07.922 [main] INFO org.rrajesh1979.tool.JWTCDecode - Decoded JWT Payload: {sub=JWT Encoder, aud=Hello JWT, name=Joe, iss=rrajesh1979, picture=https://example.com/image.png}
jwtc encode -a="HS512" -aud="Hello World" -i="rrajesh1979" -iat=true -s="Subject" --ttl=36000
16:21:10.986 [main] INFO org.rrajesh1979.tool.JWTCEncode - Starting JWTCEncode
16:21:11.015 [main] INFO org.rrajesh1979.tool.JWTCEncode - JWT: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJTdWJqZWN0IiwiYXVkIjoiSGVsbG8gV29ybGQiLCJpc3MiOiJycmFqZXNoMTk3OSIsImV4cCI6MjU3MzY5MjE1MDg0ODExLCJpYXQiOjI1NzMzMzIxNTA4MjM1OH0.Kcnk5qBEy0BajIFzRm6RhQxxuYvd7wXodM-OGS2QD6Sw19KHQ8tpU3KVa6Fk-JrlM9YDAiC5SvYMJmmMEeisOw
16:21:11.015 [main] INFO org.rrajesh1979.tool.JWTCEncode - Secret Key: XF+okDOyZc4HgA/cOgwb7Vday3ihlR/8XFtD8Vo/4FTBV2XWVC+quTDEYFNu93QkOCS8bqvMUd6oCuCqHaFHDQ==

How to use

You can fork this repository and build your own reference implementation.

Configuration

Following needs to be done to build the reference implementation.

Maven pom.xml with required

application name, mainClass and other personalization

JReleaser config: jreleaser.yml

CodeCov - CODECOV_TOKEN in repository secrets

CodeClimate - CODECLIMATE_TOKEN in repository secrets

Release Token RELEASE_TOKEN in repository secrets

GitHub Actions and Workflows: release.yml

GitHub Actions and Workflows: code-quality-checks.yml

GitPod Environment

Fork and develop online using this ready to use GitPod environment.

setup automated

Related projects

🧸 kcctl – Your Cuddly CLI for Apache Kafka Connect: https://github.com/kcctl/kcctl. The work done by Gunnar Morling, Andres Almiray and team is a great source of learning for building this repo. Especially the Maven assembly and the GitHub actions workflow.

License

GitHub

Code Quality

codecov

Maintainability