https://github.com/kyu28/jwt.sh

Encode, decode and verify JWT in POSIX Shell
https://github.com/kyu28/jwt.sh

jwt posix-shell shell

Last synced: 3 months ago
JSON representation

Encode, decode and verify JWT in POSIX Shell

• Host: GitHub
• URL: https://github.com/kyu28/jwt.sh
• Owner: kyu28
• License: mit
• Created: 2024-12-03T04:48:25.000Z (6 months ago)
• Default Branch: main
• Last Pushed: 2025-01-16T10:20:13.000Z (4 months ago)
• Last Synced: 2025-01-16T11:56:48.812Z (4 months ago)
• Topics: jwt, posix-shell, shell
• Language: Shell
• Homepage:
• Size: 3.91 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# jwt.sh

encode, decode and verify JWT

## Supported algorithm

```

none

HS256

HS384

HS512

RS256

RS384

RS512

```

## Dependency

```

openssl

base64

xxd

sed

```

Debian

```sh

# vim for xxd

apt install openssl sed vim

```

Alpine

```sh

# base64, xxd, sed are included in busybox

apk add openssl-misc

```

## Usage

```sh

jwt.sh enc [alg] [payload] [secret]

jwt.sh dec [token] [secret]

jwt.sh dec [token] --pub [pubkey]

alg:    none HS256 HS384 HS512 RS256 RS384 RS512

secret: string when using HS256, HS384, HS512

        private key path when using RS256, RS384, RS512

        this field will be omitted when using none alg

pubkey: public key path when using RS256, RS384, RS512

```

### Encode and sign a JWT using none alg

```sh

jwt.sh enc none '{"hello": "world"}'

```

### Encode and sign a JWT using HS256, HS384, HS512

```sh

jwt.sh enc HS256 '{"hello": "world"}' 'i_am_a_secret_key'

jwt.sh enc HS384 '{"hello": "world"}' 'i_am_a_secret_key'

jwt.sh enc HS512 '{"hello": "world"}' 'i_am_a_secret_key'

```

### Encode and sign a JWT using RS256, RS384, RS512

```sh

jwt.sh enc RS256 '{"hello": "world"}' '/path/to/rsa/private_key.pem'

jwt.sh enc RS384 '{"hello": "world"}' '/path/to/rsa/private_key.pem'

jwt.sh enc RS512 '{"hello": "world"}' '/path/to/rsa/private_key.pem'

```

### Decode and verify a JWT

```sh

# HS256, HS384, HS512

jwt.sh dec 'eyJhbGciOiJIUzI1NiJ9.eyJrIjoidiJ9.oLV5ZIHTfktQGg8nBYBo4XkDu5xwuri10tC7fa7QYmk' 'a_secret'

# RS256, RS384, RS512 with private key

jwt.sh dec [token] '/path/to/rsa/private_key.pem'

# RS256, RS384, RS512 with public key

jwt.sh dec [token] --pub '/path/to/rsa/public_key.pem'

```

### Decode a JWT without verifying

```sh

# alg none is supported

jwt.sh dec eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJoZWxsbyI6IndvcmxkIn0.

jwt.sh dec 'eyJhbGciOiJIUzI1NiJ9.eyJrIjoidiJ9.oLV5ZIHTfktQGg8nBYBo4XkDu5xwuri10tC7fa7QYmk'

```