Using jwt-go with go-chi:
- Clone the project and run
go get -u
Create a directory named
and copy the keys from the repository -
Execute your program as
chi-jwt-go -keyPath keys
Install httpie ( super awesome curl alternative )
Authenticate to the service:
$ http POST localhost:8080/login username="someone" password="p@assword"
HTTP/1.1 200 OK
Content-Length: 439
Content-Type: text/plain; charset=utf-8
Date: Sat, 28 Oct 2017 01:12:20 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
- Use
from previous output afterBearer <token_here>
in below example.
$ http GET localhost:8080/resource Authorization:"Bearer <token-from-previous-step>"
HTTP/1.1 200 OK
Content-Length: 46
Content-Type: text/plain; charset=utf-8
Date: Sat, 28 Oct 2017 01:16:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
{"data":"Gained access to protected resource"}
keytool -genkeypair -keystore jwtsig-test-prv-ks.p12 -storetype pkcs12 -alias jwtsigtest -keyalg RSA -keysize 2048 -sigalg SHA384withRSA -dname "CN=jwtsigtest,OU=Auth Test,O=private purpose,L=Cologne,ST=NRW,C=DE" -validity 3652
keytool -exportcert -alias jwtsigtest -file jwtsig-test-pub.cert -storetype pkcs12 -keystore jwtsig-test-prv-ks.p12 -rfc
keytool -importcert -alias jwtsigtest -file jwtsig-test-pub.cert -storetype pkcs12 -keystore jwtsig-test-pub-ks.p12
rm jwtsig-test-pub.cert
openssl pkcs12 -in jwtsig-test-prv-ks.p12 -nocerts -out jwtsig-test-prv-ks.pem -nodes
Generate certificate:
openssl pkcs12 -in jwtsig-test-pub-ks.p12 -out jwtsig-test-pub-cert.pem
Determine public key from certificate file:
openssl x509 -in jwtsig-test-pub-cert.pem -pubkey -noout > jwtsig-test-pub-ks.pem