-
@ mleku
2025-03-01 09:57:12
having a super chill morning this morning
#gitcitadel #realy #devster stuff:
got a JWT token generation parameters thing working now:
```
mleku@ziox:~/src/realy.lol$ go run ./cmd/nostrjwt/. gen
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIKheajlIcnT+I9Yb9AfL8H9sOTqi03sK/ZF4tCpfrcxZoAoGCCqGSM49
AwEHoUQDQgAEEkuPN87+odqrzEqjD2kS7KinfTD7pCd6EkilPNntWUXVtzWJAo0C
UGiS5hrz+bTd0ZtSzQRJ7RUYkLrzIQIPgw==
-----END EC PRIVATE KEY-----
NOSTR_JWT_SECRET=MHcCAQEEIKheajlIcnT-I9Yb9AfL8H9sOTqi03sK_ZF4tCpfrcxZoAoGCCqGSM49AwEHoUQDQgAEEkuPN87-odqrzEqjD2kS7KinfTD7pCd6EkilPNntWUXVtzWJAo0CUGiS5hrz-bTd0ZtSzQRJ7RUYkLrzIQIPgw==
{"id":"0ffe02ef2ce4f7e24c05eb288b6901915f9d26d9dfa2e34a7268d5dfdee8d984","pubkey":"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f","created_at":1740822617,"kind":13004,"tags":[["J","MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEkuPN87-odqrzEqjD2kS7KinfTD7pCd6EkilPNntWUXVtzWJAo0CUGiS5hrz-bTd0ZtSzQRJ7RUYkLrzIQIPgw==","ES256"]],"content":"","sig":"a8fe8ff2d8ed768dbaf901eaa44192b9360e8edcdd259fc71e3557d8d9820117419111d6ee8f3ca8874a9a02388fd6d11f16abd5445b01e91bc68638857e4084"}
```
there you see a .pem encoding of the generated secret key, the environment variable you need to use the `nostrjwt` tool to generate a signed bearer token, and the kind 13004 event which assigns trust to the public key - encoded in base64 in the value of the tag (it's the counterpart of the NOSTR_JWT_SECRET, both are encoded in x509 and then rendered to base64)
that secret key environment variable can then be used to generate the claims of a JWT token, here's one with an expiry so it can be reused for an hour:
```
{"iss":"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f","typ":"message","sub":"https://mleku.realy.lol/api","alg":"ES256","iat":1740822522,"exp":1740826122}
```
just about to finish that with taking that json, signing it with the JWT secret key (via the environment variable) and to generate a JWT standard 3-part token that will go in the `Authorization` header in the same way as used with nip-98, with Bearer instead of Nostr before the base64 encoded value.
should be done with this soon and then i can move on to completing the simplified HTTP protocol implementation
the #catstr is super chill, and getting better and better, of course sleeping in his customary bed, his drool level has reduced, the weepy eyes also, his fur is looking whiter than ever and i'm sure emotionally and physically he's feeling awesome after having slept against a warm body last night