main.go (1283B)
1 package main 2 3 import ( 4 "crypto/hmac" 5 "crypto/sha256" 6 "encoding/base64" 7 "strings" 8 9 //"encoding/json" 10 "fmt" 11 "os" 12 ) 13 14 var secretKey []byte 15 var encodedJWTHeader string = base64.RawURLEncoding.EncodeToString([]byte(`{"alg":"HS256","typ":"JWT"}`)) 16 17 func ComputeHmac256(message string) string { 18 h := hmac.New(sha256.New, secretKey) 19 h.Write([]byte(message)) 20 return base64.RawURLEncoding.EncodeToString(h.Sum(nil)) 21 } 22 23 func ComputeJWT(payload string) string { 24 data := encodedJWTHeader + "." + base64.RawURLEncoding.EncodeToString([]byte(payload)) 25 return fmt.Sprintf("%v.%v", data, ComputeHmac256(data)) 26 } 27 28 func JWTValid(jwt string) bool { 29 parts := strings.Split(jwt, ".") 30 if len(parts) != 3 { 31 return false 32 } 33 return parts[2] == ComputeHmac256(parts[0]+"."+parts[1]) 34 } 35 36 const useMessage = `Commands: 37 verify <jwt> : Verify JWT 38 gen <payload> : Generate JWP from arbitrary payload 39 ` 40 41 func main() { 42 key := os.Getenv("JWTEX_KEY") 43 if key == "" { 44 fmt.Println("Please define env var JWTEX_KEY") 45 os.Exit(1) 46 } 47 secretKey = []byte(key) 48 if len(os.Args) < 3 { 49 fmt.Println(useMessage) 50 os.Exit(0) 51 } 52 if os.Args[1] == "gen" { 53 fmt.Println(ComputeJWT(os.Args[2])) 54 } else { 55 if JWTValid(os.Args[2]) { 56 fmt.Println("JWT valid") 57 } else { 58 fmt.Println("JWT invalid!") 59 } 60 } 61 }