-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest-jwt.js
More file actions
74 lines (63 loc) · 2.3 KB
/
Copy pathtest-jwt.js
File metadata and controls
74 lines (63 loc) · 2.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
// Quick JWT test - run with: bun test-jwt.js
const crypto = require('crypto');
const https = require('https');
const fs = require('fs');
// Load .env manually
const env = fs.readFileSync('.env', 'utf8');
const lines = env.split('\n');
const envMap = {};
for (const line of lines) {
const [key, ...rest] = line.split('=');
if (key && rest.length) envMap[key.trim()] = rest.join('=').trim();
}
const APP_ID = envMap['GITHUB_APP_ID'];
let PRIVATE_KEY = envMap['GITHUB_PRIVATE_KEY'];
// Normalize key
if (PRIVATE_KEY) {
PRIVATE_KEY = PRIVATE_KEY.trim();
if (PRIVATE_KEY.startsWith('"') && PRIVATE_KEY.endsWith('"')) {
PRIVATE_KEY = PRIVATE_KEY.slice(1, -1).trim();
}
PRIVATE_KEY = PRIVATE_KEY.replace(/\\n/g, '\n').replace(/\r\n/g, '\n');
}
console.log(`App ID: ${APP_ID}`);
console.log(`Key starts with: ${PRIVATE_KEY?.substring(0, 40)}...`);
console.log(`Key ends with: ...${PRIVATE_KEY?.substring(PRIVATE_KEY.length - 40)}`);
console.log(`Key length: ${PRIVATE_KEY?.length} characters`);
function base64Url(str) {
return Buffer.from(str).toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
}
const now = Math.floor(Date.now() / 1000);
const header = { alg: 'RS256', typ: 'JWT' };
const payload = {
iat: now - 60,
exp: now + 300,
iss: parseInt(APP_ID, 10)
};
const tokenHeader = base64Url(JSON.stringify(header));
const tokenPayload = base64Url(JSON.stringify(payload));
const unsignedToken = `${tokenHeader}.${tokenPayload}`;
const signature = crypto.sign("RSA-SHA256", Buffer.from(unsignedToken), PRIVATE_KEY);
const encodedSignature = signature.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
const jwt = `${unsignedToken}.${encodedSignature}`;
console.log(`\nJWT generated (first 80 chars): ${jwt.substring(0, 80)}...`);
console.log('\nTesting against GitHub API...');
const req = https.request({
hostname: 'api.github.com',
path: '/app',
method: 'GET',
headers: {
'Authorization': `Bearer ${jwt}`,
'Accept': 'application/vnd.github.v3+json',
'User-Agent': 'ZeroCMS-Test'
}
}, (res) => {
let body = '';
res.on('data', d => body += d);
res.on('end', () => {
console.log(`GitHub Response: ${res.statusCode}`);
console.log(`Body: ${body}`);
});
});
req.on('error', e => console.error('Request error:', e.message));
req.end();