This app is a little webserver that signs claims and serves configuration files so that the JWTs can be validated.
To use -
- First, run the binary.
make run
will do. - Then, you can post your claims to the server and get them signed.
curl http://localhost:3333/sign -X POST -d '{"msg": "Howdy!"}'
will do.
A couple notes:
- Each time you restart the server, it will generate a new key to sign tokens with. The original goal of this tool was to run as a test issuer for the duration of a test suite.
- Only RSA256 signing keys/algos are currently supported. No JSEs or ECDSA keys will ever be returned. This is fine for issuers - all clients should support this. But it won't work as a good tool for testing clients, only testing applications that want to accept a specific set of claims, and a production issuer cannot be used.