85 lines
2.7 KiB
Bash
Executable File
85 lines
2.7 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# Generate a JWT token for testing Lendair API calls.
|
|
# Usage: ./scripts/create_test_token <user-id> [secret-env-var]
|
|
#
|
|
# Reads the JWT secret from the environment (default: CLERK_SECRET_KEY).
|
|
# Falls back to .env file in the project root.
|
|
#
|
|
# Example:
|
|
# CLERK_SECRET_KEY=sk_test_xxx ./scripts/create_test_token user_123
|
|
# ./scripts/create_test_token user_123 CLERK_SECRET_KEY
|
|
|
|
set -euo pipefail
|
|
|
|
if [ $# -lt 1 ]; then
|
|
echo "Usage: $(basename "$0") <user-id> [secret-env-var]" >&2
|
|
echo "" >&2
|
|
echo "Generates a JWT token with the given user-id as subject." >&2
|
|
echo "The secret is read from the environment variable (default: CLERK_SECRET_KEY)" >&2
|
|
echo "or from a .env file in the project root." >&2
|
|
exit 1
|
|
fi
|
|
|
|
USER_ID="$1"
|
|
SECRET_VAR="${2:-CLERK_SECRET_KEY}"
|
|
SECRET="${!SECRET_VAR:-}"
|
|
|
|
# Fallback: try loading from .env in project root
|
|
if [ -z "$SECRET" ]; then
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
|
|
ENV_FILE="$PROJECT_DIR/../.env"
|
|
if [ -f "$ENV_FILE" ]; then
|
|
set -a
|
|
source "$ENV_FILE" 2>/dev/null || true
|
|
set +a
|
|
SECRET="${!SECRET_VAR:-}"
|
|
fi
|
|
fi
|
|
|
|
if [ -z "$SECRET" ]; then
|
|
echo "Error: $SECRET_VAR is not set and no .env file found" >&2
|
|
echo "" >&2
|
|
echo "Set it inline:" >&2
|
|
echo " $SECRET_VAR=sk_test_xxx $(basename "$0") $USER_ID" >&2
|
|
echo "Or add to .env in the repo root:" >&2
|
|
echo " $SECRET_VAR=sk_test_xxx" >&2
|
|
exit 1
|
|
fi
|
|
|
|
generate_jwt_via_node() {
|
|
node --input-type=module - "$1" "$2" <<'JWTSCRIPT' 2>/dev/null
|
|
import { createHmac } from 'node:crypto';
|
|
|
|
const userId = process.argv[1];
|
|
const secret = process.argv[2];
|
|
const header = Buffer.from(JSON.stringify({ alg: 'HS256', typ: 'JWT' })).toString('base64url');
|
|
const now = Math.floor(Date.now() / 1000);
|
|
const payload = Buffer.from(JSON.stringify({
|
|
sub: userId,
|
|
iat: now,
|
|
exp: now + 2592000
|
|
})).toString('base64url');
|
|
const sig = createHmac('sha256', secret).update(header + '.' + payload).digest('base64url');
|
|
console.log(header + '.' + payload + '.' + sig);
|
|
JWTSCRIPT
|
|
}
|
|
|
|
generate_jwt_via_openssl() {
|
|
local now header payload sig
|
|
now=$(date +%s)
|
|
header=$(echo -n '{"alg":"HS256","typ":"JWT"}' | base64 | tr '+/' '-_' | tr -d '=')
|
|
payload=$(echo -n "{\"sub\":\"$USER_ID\",\"iat\":$now,\"exp\":$((now + 2592000))}" | base64 | tr '+/' '-_' | tr -d '=')
|
|
sig=$(echo -n "$header.$payload" | openssl dgst -sha256 -hmac "$SECRET" -binary | base64 | tr '+/' '-_' | tr -d '=')
|
|
echo "$header.$payload.$sig"
|
|
}
|
|
|
|
if command -v node &>/dev/null; then
|
|
generate_jwt_via_node "$USER_ID" "$SECRET"
|
|
elif command -v openssl &>/dev/null; then
|
|
generate_jwt_via_openssl
|
|
else
|
|
echo "Error: need either node or openssl to generate JWT" >&2
|
|
exit 1
|
|
fi
|