Tokenbuilder for declarative token specifications

[phish108]

All tools are nicely suited for creating simple JWT, but having the configs for multiple recipients on one command line is tricky at best.

What we should have is a token tool that consumes a JSON or YAML file for the different parameters of our token. The tool would have a configuration parameter and accept payload and thats it. This allows one to declare the JWT outcome separately from running the command.

The following example illustrates how a declaration might look like:

jose:
  format: compact
  # global claims and defaults
  iat: now
  exp: 1h
  jwks: my/jwks/default.jwks
  sign:
    - jwks: my/jwks/file.jwks
       kid: mysignkey
       alg: RS256
      # other parameters
      aud: for your eyes only
      claims: 
         # application specific claims
    - kid: mydefaultkeyid
       alg: ES256
  enc:
    recipients:
    - jwks: my/friends.jwks
      kid: freds_key
      alg: RSA-OAEP
      # other parameters
      claims: 
         # application specific claims
    - jwks: my/friends.jwks
      kid: lauras_key
      alg: RSA-OAEP
      # other parameters
      claims: 
         # application specific claims

This will allow users to declare what their token should look like and the tool will create a suitable token.

• [ ] The tool should be able to select appropriate default values if configuration is missing.
• [ ] ~~The tool should override bad statements (like the format in the example above) with suitable one.~~