I am trying to generate a JWT and sign it with node private key. Private key is in txt format.
token_header=echo -n '{"alg":"RS256","typ":"JWT"}' | base64 | sed s/\+/-/ | sed -E s/=+$//
token_body=echo -n '{"exp": '1706896597',"iat":'1706896701',"iss":"123456-us-xxx","jti":"'123456_xxx_123'","SystemInitiated":true}' | base64 | sed s/\+/-/ | sed -E s/=+$//
token_signature=echo -n "$token_header.$token_body" | openssl dgst -sha256 -binary -sign PrivateKey.key | openssl enc -base64 | tr -d '\n=' | tr -- '+/' '-_'
complete_jwt_token=echo -n "$token_header.$token_body.$token_signature"
Using a curl command, to pass this "complete_jwt_token" and invoke an API request.
Result of curl:
{"error":"invalid_request","error_description":"Invalid SCA","error_uri":"http://some-uri?code=401"}
Kindly advise. Please let me know in which format private key should be.
curl command should post the request and receive a response.
$( ... )for process substitution; assuming you just added that mistake just to impede any assistance, your first two conversions to base64 need to translate both + to - AND / to _ and delete (trailing) = AND any nontrailing newline (unless you usebase64 -w0instead), like your third does. It's easiest to use the same method for all of them; I prefertr.date +%s; export expdt=expr $issdt + 1800; hdr=$(echo -n '{"alg":"RS256","typ":"JWT"}' | base64 | tr '+/' '-' | tr -d '='); body=$(echo -n '{"exp": "${expdt}","iat": "${issdt}","iss":"123593-xxxcm-pds","jti":"'123593_XXX_123'","SystemInitiated":true}' | base64 | tr '+/' '-' | tr -d '='); sign=$(echo -n "$hdr.$body" | openssl dgst -sha256 -hmac decrypted_PrivateKey.key.txt_1743byte -binary | base64 | tr '+/' '-_' | tr -d '='); jwt="$jwt.$sign";