tools/jwt_producer.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

import getopt
import sys

import jwt


def usage():
    progname = sys.argv[0]

    print(f'{progname} -p <path to private key> ' +
          '-d <domain, for example sunet.se> ',
          '-t <type, can be access or scanner>')
    sys.exit(0)


def create_token(private_key, token_type, domain):
    payload = {
        'type': 'access',
        'domains': [domain],  # We'll just do one domain now
        'user': token_type
    }

    with open(private_key, "r") as fd:
        key = fd.read()

    return jwt.encode(payload=payload, algorithm='ES256', key=key)


if __name__ == '__main__':
    try:
        opts, args = getopt.getopt(sys.argv[1:], 'p:d:t:')
    except getopt.GetoptError:
        usage()

    if len(sys.argv) != 7:
        usage()

    for opt, arg in opts:
        if opt == '-p':
            private_key = arg
        elif opt == '-d':
            domain = arg
        elif opt == '-t':
            token_type = arg

            if token_type != "access" and token_type != "scanner":
                usage()
        else:
            usage()

    token = create_token(private_key, token_type, domain).decode('utf-8')

    print(f'{token}')