tools/jwt_producer.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

import getopt
import sys

import jwt


def usage():
    progname = sys.argv[0]

    print(f'Usage: {progname} [-p <path>] [-w <value>] [-r <value>]\n' +
          '  -p <path to private key>\n' +
          '  -w <write, comma separated list of domains>\n' +
          '  -r <read, comma separated list of domains>')
    sys.exit(0)


def create_token(private_key, write_domain, read_domain):
    payload = {
        'type': 'access',
        'write': [write_domain],
        'read': [read_domain]
    }

    with open(private_key, "r") as fd:
        key = fd.read()

    return jwt.encode(payload=payload, algorithm='ES256', key=key)


if __name__ == '__main__':
    read_domain = ''
    write_domain = ''

    try:
        opts, args = getopt.getopt(sys.argv[1:], 'p:w:r:h')
    except getopt.GetoptError:
        usage()

    if len(sys.argv) != 5:
        usage()

    for opt, arg in opts:
        if opt == '-p':
            private_key = arg
        elif opt == '-w':
            write_domain = arg
        elif opt == '-r':
            read_domain = arg
        elif opt == '-h':
            usage()
        else:
            usage()

    token = create_token(private_key, write_domain,
                         read_domain).decode('utf-8')

    print(f'{token}')