{"id":14062697,"url":"https://github.com/DigitalAXPP/jwtPS","last_synced_at":"2025-07-29T14:31:15.821Z","repository":{"id":51317464,"uuid":"319140719","full_name":"DigitalAXPP/jwtPS","owner":"DigitalAXPP","description":"This module generates JSON Web Tokens in PowerShell.","archived":false,"fork":false,"pushed_at":"2023-12-11T21:00:26.000Z","size":1294,"stargazers_count":17,"open_issues_count":1,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-08-13T07:03:04.583Z","etag":null,"topics":["fsharp","jwt","powershell"],"latest_commit_sha":null,"homepage":"","language":"F#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DigitalAXPP.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-06T22:02:03.000Z","updated_at":"2024-08-13T07:03:11.857Z","dependencies_parsed_at":"2024-08-13T07:13:15.530Z","dependency_job_id":null,"html_url":"https://github.com/DigitalAXPP/jwtPS","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DigitalAXPP%2FjwtPS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DigitalAXPP%2FjwtPS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DigitalAXPP%2FjwtPS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DigitalAXPP%2FjwtPS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DigitalAXPP","download_url":"https://codeload.github.com/DigitalAXPP/jwtPS/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228022736,"owners_count":17857593,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fsharp","jwt","powershell"],"created_at":"2024-08-13T07:01:52.221Z","updated_at":"2024-12-04T00:30:41.342Z","avatar_url":"https://github.com/DigitalAXPP.png","language":"F#","funding_links":[],"categories":["F# #"],"sub_categories":[],"readme":"# jwtPS\nThe primary objective of this module is to generate a JSON Web Token. You can find more information about JWT on the [official website](https://jwt.io).\n\n## Prerequisite\nThe new module version doesn't use OpenSSL anymore for the creation or validation of the JWT, instead it uses the internal library *System.Security.Cryptography*. \n[OpenSSL](https://www.openssl.org) can still be used to generate the private/public key pair to create RSA or ECDsa tokens. To install OpenSSL for PowerShell you can follow this [link](https://adamtheautomator.com/install-openssl-powershell/). Alternatively, OpenSSL is included in Git. If you have Git installed, you can open 'Git Bash' and run `openssl` there.\nTo test whether OpenSSL is installed and available in your PowerShell terminal, please enter:\n```PowerShell\nPS \u003e openssl version\nOpenSSL 1.1.1  11 Sep 2018\n```\nThe command should return the current version of OpenSSL.\n\n## Introduction\nYou can easily install jwtPS from the PSGallery and import the module.\n```PowerShell\nInstall-Module -Name jwtPS\nImport-Module -Name jwtPS\n```\nOnce installed and imported, you have two commands at your disposal. With `New-JWT` you create a new JSON Web Token and `ConvertFrom-JWT` is a function which returns the human-readable content of the provided JWT. It returns the content of the header as well as the payload.\n\n## Create a JWT\nTo create a JWT you need three things: \n1. You need to have the path of your private key\n2. You need to provide the payload as a hashtable\n3. You need to select the algorithm. \nThe algorithm in the new version is a bit cumbersome to set up. The algorithm consists out of two discriminating unions. `encryption` sets the encryption level of the algorithm and `algorithm` sets up the algorithm. Finally, both types make up `cryptographyType`. The classes written in F# look like that:\n```fsharp\ntype encryption = SHA256 | SHA384 | SHA512\ntype algorithm =\n    | HMAC of encryption\n    | RSA of encryption\n    | ECDsa of encryption\n    | PSS of encryption\ntype cryptographyType = \n{\n    Algorithm: algorithm\n    Encryption: encryption\n}\n```\nTo create this class in PowerShell you need to cast them like this:\n```PowerShell\n$encryption = [jwtTypes+encryption]::SHA256\n$algorithm = [jwtTypes+algorithm]::HMAC\n$alg = [jwtTypes+cryptographyType]::new($algorithm, $encryption)\n```\nFinally, you can see below the code to create a JWT using RSA encryption with SHA384.\n```PowerShell\n$key = \"C:\\Users\\Path\\To\\Private\\Key.pem\"\n# The content must be joined otherwise you would have a string array.\n$keyContent = (Get-Content -Path $key) -join \"\"\n$payload = @{\n    aud = \"jwtPS\"        \n    iss = \"DigitalAXPP-$(Get-Random -Maximum 10000)\"        \n    sub = \"RS384 Test\"        \n    nbf = \"0\"        \n    exp = ([System.DateTimeOffset]::Now.AddHours(3)).ToUnixTimeSeconds()\n    iat = ([System.DateTimeOffset]::Now).ToUnixTimeSeconds()\n    jti = [guid]::NewGuid()\n}\n$encryption = [jwtTypes+encryption]::SHA384\n$algorithm = [jwtTypes+algorithm]::RSA\n$alg = [jwtTypes+cryptographyType]::new($algorithm, $encryption)\n$jwt = New-JWT -Payload $payload -Algorithm $alg -FilePath $key\n$jwt = New-JWT -Payload $payload -Algorithm $alg -Secret $keyContent\n```\n**Attention**, `New-Jwt` accepts the secret now either in **PEM** or **PKCS#8** format.\n\n\u003e [!IMPORTANT]  \n\u003e You can use now the `Header` property to provide a hashtable with custom keys for your JWT header.\n\u003e The hashtable you provide is accepted **as-is**. The function searches for `alg` and `typ`.\n\u003e If the keys are included in your hashtable, the values will not be overriden. If they are missing,\n\u003e `alg` will be added with the value from your `alg.Id` and `typ` gets added with `JWT`. \u003cbr\u003e\n\u003e Nevertheless, _the content will be encrypted with the algorithm you set in `-Algorithm`_!","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDigitalAXPP%2FjwtPS","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FDigitalAXPP%2FjwtPS","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDigitalAXPP%2FjwtPS/lists"}