From 6e3d656f84c3d6fe889e2dadbc3f913e64edd207 Mon Sep 17 00:00:00 2001 From: Alexandr Marchenko Date: Thu, 14 Dec 2023 21:18:38 +0200 Subject: [PATCH 1/4] github app: generate jwt with powershell Powershell is quite powerful and adopted alternative to Bash and Python, even GitHub Actions have it out of the box, so here is an example of how we can create an JWT token using it. The beauty of this approach is that there is no external 3rd party dependencies needed. --- ...g-a-json-web-token-jwt-for-a-github-app.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md b/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md index 487eb7fa4832..21c032eef1ee 100644 --- a/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md +++ b/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md @@ -175,3 +175,30 @@ signature=$( JWT="${header_payload}"."${signature}" printf '%s\n' "JWT: $JWT" ``` + +### Example: Using PowerShell to generate a JWT + +```pwsh copy +#!/usr/bin/env pwsh + +$app_id = 123456 +$private_key_path = "my-awesome-app.2023-12-14.private-key.pem" + +$header = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((ConvertTo-Json -InputObject @{ + alg = "RS256" + typ = "JWT" +}))).TrimEnd('=').Replace('+', '-').Replace('/', '_'); + +$payload = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((ConvertTo-Json -InputObject @{ + iat = [System.DateTimeOffset]::UtcNow.AddSeconds(-10).ToUnixTimeSeconds() + exp = [System.DateTimeOffset]::UtcNow.AddMinutes(10).ToUnixTimeSeconds() + iss = $app_id +}))).TrimEnd('=').Replace('+', '-').Replace('/', '_'); + +$rsa = [System.Security.Cryptography.RSA]::Create() +$rsa.ImportFromPem((Get-Content $private_key_path -Raw)) + +$signature = [Convert]::ToBase64String($rsa.SignData([System.Text.Encoding]::UTF8.GetBytes("$header.$payload"), [System.Security.Cryptography.HashAlgorithmName]::SHA256, [System.Security.Cryptography.RSASignaturePadding]::Pkcs1)).TrimEnd('=').Replace('+', '-').Replace('/', '_') +$jwt = "$header.$payload.$signature" +Write-Host $jwt +``` From 719f62670dba55b953e4faa048b9d41883355b4d Mon Sep 17 00:00:00 2001 From: Alexandr Marchenko Date: Thu, 14 Dec 2023 22:23:05 +0200 Subject: [PATCH 2/4] Update generating-a-json-web-token-jwt-for-a-github-app.md --- .../generating-a-json-web-token-jwt-for-a-github-app.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md b/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md index 21c032eef1ee..4840251fbd48 100644 --- a/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md +++ b/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md @@ -178,7 +178,7 @@ printf '%s\n' "JWT: $JWT" ### Example: Using PowerShell to generate a JWT -```pwsh copy +```ps1 copy #!/usr/bin/env pwsh $app_id = 123456 From 37d9a0f91177ef143080e2d52aa05302ea8cdea9 Mon Sep 17 00:00:00 2001 From: Sarah Edwards Date: Tue, 19 Dec 2023 09:45:24 -0800 Subject: [PATCH 3/4] Apply suggestions from code review --- .../generating-a-json-web-token-jwt-for-a-github-app.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md b/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md index 4840251fbd48..2f4c990cf638 100644 --- a/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md +++ b/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md @@ -178,11 +178,13 @@ printf '%s\n' "JWT: $JWT" ### Example: Using PowerShell to generate a JWT +In the following example, replace `YOUR_PATH_TO_PEM` with the file path where your private key is stored. Replace `YOUR_APP_ID` with the ID of your app. Make sure to enclose the values for `YOUR_PATH_TO_PEM` in double quotes. + ```ps1 copy #!/usr/bin/env pwsh -$app_id = 123456 -$private_key_path = "my-awesome-app.2023-12-14.private-key.pem" +$app_id = YOUR_APP_ID +$private_key_path = "YOUR_PATH_TO_PEM" $header = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((ConvertTo-Json -InputObject @{ alg = "RS256" From fa219c328f5a36f7324363bc74e7a030a721ecbb Mon Sep 17 00:00:00 2001 From: Sarah Edwards Date: Tue, 19 Dec 2023 10:25:45 -0800 Subject: [PATCH 4/4] language tag --- .../generating-a-json-web-token-jwt-for-a-github-app.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md b/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md index 2f4c990cf638..7d98b195bfde 100644 --- a/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md +++ b/content/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app.md @@ -180,7 +180,7 @@ printf '%s\n' "JWT: $JWT" In the following example, replace `YOUR_PATH_TO_PEM` with the file path where your private key is stored. Replace `YOUR_APP_ID` with the ID of your app. Make sure to enclose the values for `YOUR_PATH_TO_PEM` in double quotes. -```ps1 copy +```powershell copy #!/usr/bin/env pwsh $app_id = YOUR_APP_ID