Skip to main content

systemprompt_cli/commands/admin/keys/
mod.rs

1//! `admin keys` command tree: RSA signing-key management for the JWT plane.
2//!
3//! [`KeysCommands`] generates fresh RS256 keypairs and mints long-lived
4//! `aud=plugin` tokens used for hook and governance authentication.
5//!
6//! Copyright (c) systemprompt.io — Business Source License 1.1.
7//! See <https://systemprompt.io> for licensing details.
8
9mod generate;
10mod issue_plugin_token;
11
12use anyhow::Result;
13use clap::Subcommand;
14
15use crate::context::CommandContext;
16use crate::shared::render_result;
17
18#[derive(Debug, Subcommand)]
19pub enum KeysCommands {
20    #[command(about = "Generate a fresh RSA-2048 signing keypair")]
21    Generate(generate::GenerateArgs),
22
23    #[command(
24        name = "issue-plugin-token",
25        about = "Mint a long-lived RS256 JWT with `aud=plugin` for hook/governance authentication"
26    )]
27    IssuePluginToken(issue_plugin_token::IssuePluginTokenArgs),
28}
29
30pub async fn execute(cmd: KeysCommands, ctx: &CommandContext) -> Result<()> {
31    match cmd {
32        KeysCommands::Generate(args) => generate::execute(args),
33        KeysCommands::IssuePluginToken(args) => {
34            let result = issue_plugin_token::execute(args).await?;
35            render_result(&result, &ctx.cli);
36            Ok(())
37        },
38    }
39}