Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update createToken.py #1

Merged
merged 1 commit into from
Mar 4, 2024
Merged

Update createToken.py #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/check_license.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
steps:

- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
# required to grab the history of the PR
fetch-depth: 0
Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/pre-commit.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,13 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
# required to grab the history of the PR
fetch-depth: 0
- uses: actions/setup-python@v3
- uses: pre-commit/[email protected]
- uses: actions/setup-python@v5
with:
python-version: '3.10'
- uses: pre-commit/[email protected]
with:
extra_args: --color=always --from-ref ${{ github.event.pull_request.base.sha }} --to-ref ${{ github.event.pull_request.head.sha }}
6 changes: 1 addition & 5 deletions jwt/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,26 +5,22 @@ For more information on token format see [documentation](./authorization.md).

## Available tokens


* `actuate-provide-all.token` - gives access to set target value and actual value for all signals
* `provide-all.token` - gives access to set actual value for all signals, but not target value
* `read-all.token` - gives access to read actual and current value for all signals
* `provide-vehicle-speed.token` - gives access to write and read actual value for Vehicle.Speed. Does not give access to other signals
* `read-vehicle-speed.token` - gives access to read actual value for Vehicle.Speed. Does not give access to other signals


## Create new tokens

Two helper scripts exist for generating keys and tokens

* [recreateJWTkeyPair.sh](recreateJWTkeyPair.sh) to regenerate the JWT keys used for signing
* [createToken.py](createToken.py) to create signed tokens, requires `*.json` files as parameters

Note that token generation must take place from the directory containing `createToken.py`

An example is shown below:

```
pip install -r requirements.txt
python -m createToken actuate-provide-all.json
python -m createToken actuate-provide-all.json
```
33 changes: 24 additions & 9 deletions jwt/createToken.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,21 +17,28 @@
########################################################################

import argparse
import sys
from os import path

import json
import jwt

from os import path

def error_exit(msg):
print(msg, file=sys.stderr)
sys.exit(1)


def createJWTToken(input_filename, priv_key):
def createJWTToken(input_filename, priv_key, output_filename=None):
print("Reading JWT payload from {}".format(input_filename))
with open(input_filename, "r") as file:
payload = json.load(file)

encoded = jwt.encode(payload, priv_key, algorithm="RS256")

output_filename = input_filename[:-5] if input_filename.endswith(".json") else input_filename
output_filename += ".token"
if output_filename is None:
output_filename = input_filename[:-5] if input_filename.endswith(".json") else input_filename
output_filename += ".token"

print("Writing signed access token to {}".format(output_filename))
with open(output_filename, "w") as output:
Expand All @@ -41,17 +48,25 @@ def createJWTToken(input_filename, priv_key):
def main():
parser = argparse.ArgumentParser()
parser.add_argument("files", help="Read JWT payload from these files", nargs="+")
script_dir = path.abspath(path.dirname(__file__))
default_key_filename = path.join(script_dir, "jwt.key")

parser.add_argument("--key", help="Private key location", dest="priv_key_filename", default=default_key_filename)
parser.add_argument("--output", help="Name of the output file to store token to", dest="output")
args = parser.parse_args()

script_dir = path.abspath(path.dirname(__file__))
priv_key_filename = path.join(script_dir, "jwt.key")
if args.output is not None and len(args.files) > 1:
error_exit("""
Both --output option and multiple files have been specified.
Output filename can be specified for single input file only!
""")

print("Reading private key from {}".format("jwt.key"))
with open(priv_key_filename, "r") as file:
with open(args.priv_key_filename, "r") as file:
priv_key = file.read()

for input in args.files:
createJWTToken(input, priv_key)
for input_file in args.files:
createJWTToken(input_file, priv_key, args.output)


if __name__ == "__main__":
Expand Down