Skip to content
Snippets Groups Projects
Select Git revision
  • main
1 result

jwt-inspect

  • Erik Hedenström's avatar
    Erik Hedenström authored
    f0e7c1e7
    History

    JWT Inspect

    A command-line tool for inspecting JWT (JSON Web Token) and JWE (JSON Web Encryption) tokens with colorized output.

    Features

    • Automatic detection of JWT and JWE tokens
    • Colorized, formatted output for better readability
    • Detailed header information display
    • Human-readable timestamp formatting
    • JWT claims decoding
    • JWE header inspection
    • Token validation status (for JWT)

    Installation

    From Source

    1. Clone the repository:
    git clone https://gitlab.hedenstroem.com/go/jwt-inspect.git
    cd jwt-inspect
    1. Build the tool:
    go build -o jwt-inspect
    1. (Optional) Move the binary to your PATH or use go install:
    sudo mv jwt-inspect /usr/local/bin/

    Usage

    The tool reads tokens from standard input (stdin), making it flexible to use in various ways:

    Direct Input

    echo "your.jwt.token" | jwt-inspect

    File Input

    cat token.json | jwt-inspect

    Output Format

    JWT Token Output

    For JWT tokens, the tool displays:

    • Header information
    • Decoded claims
    • Token validation status

    Example output:

    === JWT Token Information ===
    
    Header:
    {
      "alg": "HS256"
      "typ": "JWT"
    }
    
    Claims:
    {
      "sub": "1234567890"
      "name": "John Doe"
      "iat": "2018-01-18T02:30:22+01:00"
    }
    
    Validation:
    Status: Valid

    JWE Token Output

    For JWE tokens, the tool displays:

    • Version
    • Issued At (timestamp)
    • Encryption algorithm
    • Authentication tag
    • Expiration (timestamp)
    • Key management algorithm
    • Initialization vector (IV)

    Example output:

    === JWE Token Information ===
    
    Header:
    {
      "Version": 1
      "Issued At": "2024-11-29T09:33:38+01:00"
      "Encryption": "A128GCM"
      "Authentication Tag": "NH-D8jA7Ox66apnZZDUm3w"
      "Expiration": "2024-11-29T21:33:38+01:00"
      "Algorithm": "A128GCMKW"
      "IV": "IQq4ymVaejesAn7y"
    }
    
    Note: Payload is encrypted and cannot be displayed

    Color Scheme

    The tool uses different colors to enhance readability:

    • Bold Blue/Green: Main title (JWE/JWT respectively)
    • Bold Yellow: Section headers
    • Yellow: JSON braces and keys
    • Cyan: JSON values
    • Magenta: Encrypted payload note
    • Green/Red: Validation status
    • Red: Error messages

    Dependencies

    • github.com/golang-jwt/jwt/v5: JWT parsing and validation

    Building from Source

    1. Ensure you have Go installed on your system
    2. Clone the repository
    3. Run go mod tidy to install dependencies
    4. Build the project:
    go build -o jwt-inspect

    Error Handling

    The tool provides clear error messages for common issues:

    • Invalid token format
    • Parsing errors
    • Invalid signatures (for JWT)
    • File reading errors

    Error messages are displayed in red for better visibility.

    License

    This project is licensed under the MIT License - see the LICENSE file for details.