jekyll · pathawks · Jul 2, 2018 · Jun 18, 2018 · Jun 18, 2018 · Jun 20, 2018
diff --git a/github/jwt b/github/jwt
diff --git a/github/token b/github/token
@@ -1,6 +1,39 @@
-#!/bin/bash
+#!/usr/bin/env ruby
+# frozen_string_literal: true
 
-JSON=$(curl -X POST -H "Authorization: Bearer $(./github/jwt)" -H "Accept: application/vnd.github.machine-man-preview+json" "https://api.github.com/installations/$INSTALLATION/access_tokens")
-TOKEN=$(jq -r '.token' <<< $JSON)
+require "json"
+require "jwt" # https://rubygems.org/gems/jwt
+require "net/http"
+require "openssl"
+require "uri"
 
-echo $TOKEN
+# Private key contents
+private_pem = File.read(ENV.fetch("HOME") + "/.ssh/github.pem")
+private_key = OpenSSL::PKey::RSA.new(private_pem)
+
+# Generate the JWT
+payload = {
+  # issued at time
+  :iat => Time.now.to_i,
+  # JWT expiration time (10 minute maximum)
+  :exp => Time.now.to_i + (10 * 60),
+  # GitHub App's identifier
+  :iss => 13_446,
+}
+
+jwt = JWT.encode(payload, private_key, "RS256")
+
+installation = ENV.fetch("INSTALLATION")
+
+uri = URI("https://api.github.com/installations/#{installation}/access_tokens")
+req = Net::HTTP::Post.new(uri)
+req["Authorization"] = "Bearer #{jwt}"
+req["Accept"] = "application/vnd.github.machine-man-preview+json"
+
+http = Net::HTTP.new(uri.hostname, uri.port)
+http.use_ssl = (uri.scheme == "https")
+res = http.request(req)
+
+json = JSON.parse(res.body)
+
+puts json["token"]