Friday, 27 October 2017

Hastilude

Working with JSON Web Tokens (JWT) can be a bit awkward, particularly when using the command line to make requests, so I’ve created a little tool to make life easier.

It’s called hastilude and is available on NPM, to install run:

npm install -g hastilude or yarn global add hastilude

It allows for tokens to be generated from a static JSON file as well as to dissemble encrypted ones into a readable form.

Generating tokens

You probably already have a payload you want to send in a file (if not, you need to create one as a JSON string isn’t accepted as an argument), you can then use hastilude to generate a JWT token from it.

test.json

{
  "apples": "oranges",
  "black": "white"
}

from the command line, point at the file containing the the payload and set the secret:

hastilude generate --secret secret --payload test.json

This will output the token contents to command line. If you wanted to use it as a HTTP authorization header, say with HTTPie, you can add the --http flag to get the output:

Authorization:Bearer <generated token>

With HTTPie, that looks like:

http example.org "`hastilude generate -s secret -p test.json --http`"

Dismantling tokens

You can also use hastilude to dismantle a JWT for you:

hastilude dismantle -t <your jwt token>

{
  "apples": "oranges",
  "black": "white",
  "iat": 1518723649,
  "exp": 1518725449
}

All contributions welcome, the Project is on github.