You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
jotsmith token decode <jwt> — split a compact-serialized JWT on ., base64url-decode the header and payload, and pretty-print both to stdout. No signature verification, no network, no Azure. Useful for inspecting any token, including ones from other issuers.
Ships early because it has zero Azure surface and unblocks debugging while mint and verify are under development.
Acceptance criteria
jotsmith token decode <jwt> accepts the compact JWT as the first positional argument
Output is a single JSON object on stdout containing header, payload, and signature_bytes (the integer byte length of the base64url-decoded signature segment, not the bytes themselves)
Malformed JWT (wrong number of . segments, invalid base64url in any segment, invalid JSON in header or payload) → exit code 1, error to stderr that names which segment failed
Three-segment tokens with alg: none decode cleanly with signature_bytes: 0
Nothing besides the JSON object goes to stdout on success
Unit tests cover: well-formed RS256 token, three-segment alg: none token, segment-count mismatch, invalid base64url, invalid JSON inside a valid base64url segment, tokens with nested objects / arrays / unicode in claims
What to build
jotsmith token decode <jwt>— split a compact-serialized JWT on., base64url-decode the header and payload, and pretty-print both to stdout. No signature verification, no network, no Azure. Useful for inspecting any token, including ones from other issuers.Ships early because it has zero Azure surface and unblocks debugging while
mintandverifyare under development.Acceptance criteria
jotsmith token decode <jwt>accepts the compact JWT as the first positional argumentheader,payload, andsignature_bytes(the integer byte length of the base64url-decoded signature segment, not the bytes themselves).segments, invalid base64url in any segment, invalid JSON in header or payload) → exit code 1, error to stderr that names which segment failedalg: nonedecode cleanly withsignature_bytes: 0alg: nonetoken, segment-count mismatch, invalid base64url, invalid JSON inside a valid base64url segment, tokens with nested objects / arrays / unicode in claimsBlocked by
configpackage andconfig showOriginally created in OpenCode session ID: ses_17ca8efd8ffexLcFSysAMDVNBQ