Skip to content

Commit

Permalink
Update createToken.py
Browse files Browse the repository at this point in the history
  • Loading branch information
erikbosch authored and SebastianSchildt committed Mar 4, 2024
1 parent 495d627 commit 0bf0c75
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 18 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/check_license.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
steps:

- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
# required to grab the history of the PR
fetch-depth: 0
Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/pre-commit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,13 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
# required to grab the history of the PR
fetch-depth: 0
- uses: actions/setup-python@v3
- uses: pre-commit/[email protected]
- uses: actions/setup-python@v5
with:
python-version: '3.10'
- uses: pre-commit/[email protected]
with:
extra_args: --color=always --from-ref ${{ github.event.pull_request.base.sha }} --to-ref ${{ github.event.pull_request.head.sha }}
6 changes: 1 addition & 5 deletions jwt/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,26 +5,22 @@ For more information on token format see [documentation](./authorization.md).

## Available tokens


* `actuate-provide-all.token` - gives access to set target value and actual value for all signals
* `provide-all.token` - gives access to set actual value for all signals, but not target value
* `read-all.token` - gives access to read actual and current value for all signals
* `provide-vehicle-speed.token` - gives access to write and read actual value for Vehicle.Speed. Does not give access to other signals
* `read-vehicle-speed.token` - gives access to read actual value for Vehicle.Speed. Does not give access to other signals


## Create new tokens

Two helper scripts exist for generating keys and tokens

* [recreateJWTkeyPair.sh](recreateJWTkeyPair.sh) to regenerate the JWT keys used for signing
* [createToken.py](createToken.py) to create signed tokens, requires `*.json` files as parameters

Note that token generation must take place from the directory containing `createToken.py`

An example is shown below:

```
pip install -r requirements.txt
python -m createToken actuate-provide-all.json
python -m createToken actuate-provide-all.json
```
33 changes: 24 additions & 9 deletions jwt/createToken.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,21 +17,28 @@
########################################################################

import argparse
import sys
from os import path

import json
import jwt

from os import path

def error_exit(msg):
print(msg, file=sys.stderr)
sys.exit(1)


def createJWTToken(input_filename, priv_key):
def createJWTToken(input_filename, priv_key, output_filename=None):
print("Reading JWT payload from {}".format(input_filename))
with open(input_filename, "r") as file:
payload = json.load(file)

encoded = jwt.encode(payload, priv_key, algorithm="RS256")

output_filename = input_filename[:-5] if input_filename.endswith(".json") else input_filename
output_filename += ".token"
if output_filename is None:
output_filename = input_filename[:-5] if input_filename.endswith(".json") else input_filename
output_filename += ".token"

print("Writing signed access token to {}".format(output_filename))
with open(output_filename, "w") as output:
Expand All @@ -41,17 +48,25 @@ def createJWTToken(input_filename, priv_key):
def main():
parser = argparse.ArgumentParser()
parser.add_argument("files", help="Read JWT payload from these files", nargs="+")
script_dir = path.abspath(path.dirname(__file__))
default_key_filename = path.join(script_dir, "jwt.key")

parser.add_argument("--key", help="Private key location", dest="priv_key_filename", default=default_key_filename)
parser.add_argument("--output", help="Name of the output file to store token to", dest="output")
args = parser.parse_args()

script_dir = path.abspath(path.dirname(__file__))
priv_key_filename = path.join(script_dir, "jwt.key")
if args.output is not None and len(args.files) > 1:
error_exit("""
Both --output option and multiple files have been specified.
Output filename can be specified for single input file only!
""")

print("Reading private key from {}".format("jwt.key"))
with open(priv_key_filename, "r") as file:
with open(args.priv_key_filename, "r") as file:
priv_key = file.read()

for input in args.files:
createJWTToken(input, priv_key)
for input_file in args.files:
createJWTToken(input_file, priv_key, args.output)


if __name__ == "__main__":
Expand Down

0 comments on commit 0bf0c75

Please sign in to comment.