diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 14 |
1 files changed, 7 insertions, 7 deletions
@@ -81,7 +81,13 @@ We can also limit the number of results and skip N results forward with the para curl -s -H "Authorization: Bearer $JWT" 'http://localhost:80/sc/v0/get?limit=5&skip=2' | json_pp -json_opt utf8,pretty -There is also a convenience script `do-as` which simplifies performing actions as a particular user. +## Tips and tricks + +There is a convenience script `do-as` which simplifies performing actions as a particular user. + +You can decode a JWT using jq by piping to `jq -r '.access_token | split(".") | .[0],.[1] | @base64d' | jq`. Full example: + + curl http://localhost:8000/api/v1.0/auth -X POST -p -u user1:pwd | jq -r '.access_token | split(".") | .[0],.[1] | @base64d' | jq ## Development @@ -91,9 +97,3 @@ There are two docker-compose files used for development: - `auth-server-poc/docker-compose.yml` for the JWT server. To apply changes, `source env-vars.sh` and do e.g. `docker-compose -f docker/docker-compose-dev.yaml up -d --build collector`. - -## JWT mechanics (work in progress) - -2021-11-24: Currently no checks except that the JWT is valid are performed when -adding observations. When retrieving observations, the JWTs "domains" claim is -used. In auth-server-poc, domains is hard-coded to `["sunet.se"]` as an example. |