jwtinfo
A command line tool to get information about JWT tokens
Usage
jwtinfo
is a command line interface that allows you to inspect a given JWT token. The tool currently allows to see the body of the token in JSON format. It accepts a single command line argument which should be a valid JWT token.
Here's an example:
Which will print:
If you want to visualize the token header (rather than the body), you can do that by passing the --header
flag:
Which will print:
You can combine the tool with other command line utilities, for instance jq
:
|
Install
You can install the binary in several ways:
Cargo
You can install the binary in your system with cargo
:
At this point jwtinfo
will be available as a binary in your system.
Install script
The following script will download and install precompiled binaries from the latest GitHub release
|
By default it will install the binary in /usr/local/bin
. You can customize this by setting the INSTALL_DIRECTORY
environment variable before running the script (e.g. INSTALL_DIRECTORY=$HOME
will install the binary in $HOME/bin
).
If you want to install a specific release you can set the RELEASE_TAG
environment variable to point to your target versiong before running the script (e.g. RELESE_TAG=v0.1.7
).
Precompiled binaries
Pre-compiled binaries for x64 (Windows, MacOs and Unix) and ARMv7 are available in the Releases page.
Alternatives
If you don't want to install a binary for debugging JWT tokens, a super simple bash
alternative called jwtinfo.sh
is available.
Programmatic usage
Install with cargo:
[]
= "*"
Then use it in your code
use ;
let token_str = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
let token = parse.unwrap;
assert_eq!;
assert_eq!;
Since jwt:Token
implements str::FromStr
, you can also do the following:
use ;
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"..unwrap;
assert_eq!;
assert_eq!;
Coverage reports
If you want to run coverage reports locally you can follow this recipe.
First of all you will need Rust Nightly that you can get with rustup
You will also need grcov
that you can get with cargo
:
Now you can run the tests in profile mode:
This will run your tests and generate coverage info in ./target/debug/
Now we can run grcov
:
Finally you will have your browsable coverage report at ./target/debug/coverage/index.html
.
Tarpaulin coverage
Since grcov
tends to be somewhat inaccurate at times, you can also get a coverage report by running tarpaulin using docker:
Your coverage report will be available as tarpaulin-report.html
in the root of the project.
Credits
A special thank you goes to the Rust Reddit community for providing a lot of useful suggestions on how to improve this project. A special thanks goes to: mardiros, matthieum, steveklabnik1, ESBDB, Dushistov, Doddzilla7. Another huge thank you goes to the Rust stackoverflow community, especially to Denys Séguret.
Big thanks also go to Tim McNamara for conducting a live code review of this codebase.
Contributing
Everyone is very welcome to contribute to this project. You can contribute just by submitting bugs or suggesting improvements by opening an issue on GitHub.
License
Licensed under MIT License. © Luciano Mammino & Stefano Abalsamo.