diff options
| author | Kristofer Hallin <kristofer@sunet.se> | 2022-01-18 13:22:25 +0100 |
|---|---|---|
| committer | Kristofer Hallin <kristofer@sunet.se> | 2022-01-18 13:22:25 +0100 |
| commit | 5ee4799c88c48097e09b48b6afceb43571f07aaf (patch) | |
| tree | def8a83e7202d287890761bb2047ab78b85a9882 /tools | |
| parent | bb5029d512a58021718061aca439383c8b11e575 (diff) | |
| parent | 88b1a1aa213cc70443254a05f2a8968fb7c43a48 (diff) | |
Resolved conflict.
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/jwt_producer.py | 64 |
1 files changed, 45 insertions, 19 deletions
diff --git a/tools/jwt_producer.py b/tools/jwt_producer.py index ea033a6..a024c13 100644 --- a/tools/jwt_producer.py +++ b/tools/jwt_producer.py @@ -7,17 +7,30 @@ import jwt def usage(): progname = sys.argv[0] - print(f'{progname} -p <path to private key> ' + - '-d <domain, for example sunet.se> ', - '-t <type, can be access or scanner>') + print(f'Usage: {progname} [-p <path>] [-w <value>] [-r <value>]\n' + + ' -p <path to private key>\n' + + ' -w <write, comma separated list of domains>\n' + + ' -r <read, comma separated list of domains>\n' + + ' -e <print export statement') sys.exit(0) -def create_token(private_key, token_type, domain): +def create_token(private_key, write_domains, read_domains): + write_claim = list() + read_claim = list() + + if write_domains: + write_claim = write_domains.split(',') + + if read_domains: + read_claim = read_domains.split(',') + payload = { + 'sub': 'test', + 'fresh': False, 'type': 'access', - 'domains': [domain], # We'll just do one domain now - 'user': token_type + 'write': write_claim, + 'read': read_claim } with open(private_key, "r") as fd: @@ -27,27 +40,40 @@ def create_token(private_key, token_type, domain): if __name__ == '__main__': + read_domains = None + write_domains = None + private_key = None + export = False + try: - opts, args = getopt.getopt(sys.argv[1:], 'p:d:t:') + opts, args = getopt.getopt(sys.argv[1:], 'p:w:r:eh') except getopt.GetoptError: usage() - if len(sys.argv) != 7: - usage() - for opt, arg in opts: if opt == '-p': private_key = arg - elif opt == '-d': - domain = arg - elif opt == '-t': - token_type = arg - - if token_type != "access" and token_type != "scanner": - usage() + elif opt == '-w': + write_domains = arg + elif opt == '-r': + read_domains = arg + elif opt == '-e': + export = True + elif opt == '-h': + usage() else: usage() - token = create_token(private_key, token_type, domain).decode('utf-8') + if not private_key: + usage() + + if not write_domains and not read_domains: + usage() + + token = create_token(private_key, write_domains, + read_domains) - print(f'{token}') + if export: + print(f'export JWT_TOKEN={token}') + else: + print(f'{token}') |