1package cmd23import (4 "fmt"5 "time"67 "github.com/charmbracelet/soft-serve/pkg/config"8 "github.com/charmbracelet/soft-serve/pkg/jwk"9 "github.com/charmbracelet/soft-serve/pkg/proto"10 "github.com/golang-jwt/jwt/v5"11 "github.com/spf13/cobra"12)1314// JWTCommand returns a command that generates a JSON Web Token.15func JWTCommand() *cobra.Command {16 cmd := &cobra.Command{17 Use: "jwt [repository1 repository2...]",18 Short: "Generate a JSON Web Token",19 Args: cobra.MinimumNArgs(0),20 RunE: func(cmd *cobra.Command, args []string) error {21 ctx := cmd.Context()22 cfg := config.FromContext(ctx)23 kp, err := jwk.NewPair(cfg)24 if err != nil {25 return err26 }2728 user := proto.UserFromContext(ctx)29 if user == nil {30 return proto.ErrUserNotFound31 }3233 now := time.Now()34 expiresAt := now.Add(time.Hour)35 claims := jwt.RegisteredClaims{36 Subject: fmt.Sprintf("%s#%d", user.Username(), user.ID()),37 ExpiresAt: jwt.NewNumericDate(expiresAt), // expire in an hour38 NotBefore: jwt.NewNumericDate(now),39 IssuedAt: jwt.NewNumericDate(now),40 Issuer: cfg.HTTP.PublicURL,41 Audience: args,42 }4344 token := jwt.NewWithClaims(jwk.SigningMethod, claims)45 token.Header["kid"] = kp.JWK().KeyID46 j, err := token.SignedString(kp.PrivateKey())47 if err != nil {48 return err49 }5051 cmd.Println(j)52 return nil53 },54 }5556 return cmd57}