giuseppe-trisciuoglio/developer-kit
Comprehensive developer toolkit providing reusable skills for Java/Spring Boot, TypeScript/NestJS/React/Next.js, Python, PHP, AWS CloudFormation, AI/RAG, DevOps, and more.
90
90%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Risky
Do not use without reviewing
generate-jwt-keys.shplugins/developer-kit-java/skills/spring-boot-security-jwt/assets/
#!/bin/bash
# JWT Key Generation Script
# This script generates RSA keys for JWT signing and verification
set -e
# Configuration
KEY_SIZE=${KEY_SIZE:-2048}
KEY_ALIAS=${KEY_ALIAS:-jwt}
KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD:-changeit}
PRIVATE_KEY_PASSWORD=${PRIVATE_KEY_PASSWORD:-changeit}
OUTPUT_DIR=${OUTPUT_DIR:-./keys}
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
echo -e "${GREEN}=== JWT Key Generation ===${NC}"
echo
# Create output directory
mkdir -p "$OUTPUT_DIR"
# Generate RSA key pair
echo "Generating $KEY_SIZE-bit RSA key pair..."
keytool -genkeypair \
-alias "$KEY_ALIAS" \
-keyalg RSA \
-keysize "$KEY_SIZE" \
-validity 3650 \
-keypass "$PRIVATE_KEY_PASSWORD" \
-storepass "$KEYSTORE_PASSWORD" \
-keystore "$OUTPUT_DIR/jwt.jks" \
-dname "CN=JWT Key, OU=Security, O=My Company, L=City, ST=State, C=US"
echo -e "${GREEN}✅ Key pair generated successfully${NC}"
# Extract public key
echo "Extracting public key..."
keytool -exportcert \
-alias "$KEY_ALIAS" \
-storepass "$KEYSTORE_PASSWORD" \
-keystore "$OUTPUT_DIR/jwt.jks" \
-rfc \
-file "$OUTPUT_DIR/jwt-public.cer"
echo -e "${GREEN}✅ Public key extracted${NC}"
# Convert to PEM format
echo "Converting to PEM format..."
openssl x509 \
-inform DER \
-outform PEM \
-in "$OUTPUT_DIR/jwt-public.cer" \
-out "$OUTPUT_DIR/jwt-public.pem"
echo -e "${GREEN}✅ PEM certificate created${NC}"
# Generate JWK Set
echo "Generating JWK Set..."
cat > "$OUTPUT_DIR/jwk-set.json" << EOF
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"alg": "RS256",
"kid": "$KEY_ALIAS",
"n": "$(openssl x509 -in "$OUTPUT_DIR/jwt-public.pem" -pubkey -noout | openssl rsa -pubin -outform DER 2>/dev/null | openssl base64 -A | tr -d '=' | tr '/+' '_-' | sed 's/\//_/g' | sed 's/+/-/g')",
"e": "AQAB"
}
]
}
EOF
echo -e "${GREEN}✅ JWK Set generated${NC}"
# Generate Spring Security properties
echo "Generating Spring Security properties..."
cat > "$OUTPUT_DIR/application-security.properties" << EOF
# JWT Configuration
jwt.key-store=classpath:jwt.jks
jwt.key-store-password=$KEYSTORE_PASSWORD
jwt.key-alias=$KEY_ALIAS
jwt.private-key-password=$PRIVATE_KEY_PASSWORD
# Alternative: Public key configuration
jwt.public-key-location=classpath:jwt-public.pem
# JWK Set configuration (for distributed systems)
jwt.jwk-set-uri=https://auth.myapp.com/.well-known/jwks.json
EOF
echo -e "${GREEN}✅ Spring properties generated${NC}"
# Display generated files
echo
echo -e "${GREEN}Generated files:${NC}"
ls -la "$OUTPUT_DIR"
# Display key information
echo
echo "Key Information:"
echo "- Key Size: $KEY_SIZE bits"
echo "- Algorithm: RSA"
echo "- Validity: 10 years"
echo "- Keystore: $OUTPUT_DIR/jwt.jks"
echo "- Public Certificate: $OUTPUT_DIR/jwt-public.cer"
echo "- PEM Certificate: $OUTPUT_DIR/jwt-public.pem"
echo "- JWK Set: $OUTPUT_DIR/jwk-set.json"
# Security warning
echo
echo -e "${YELLOW}⚠️ IMPORTANT SECURITY NOTES:${NC}"
echo "1. Change the default passwords before production use"
echo "2. Store the keystore file securely (don't commit to version control)"
echo "3. Use environment variables or secret management in production"
echo "4. Consider using a cloud KMS (AWS KMS, Azure Key Vault, etc.)"
echo "5. Implement key rotation strategy"
# Instructions for usage
echo
echo -e "${GREEN}Usage Instructions:${NC}"
echo "1. Copy jwt.jks to your application's classpath"
echo "2. Add the properties to your application.properties"
echo "3. Or use the JWK Set for distributed authentication"
echo
echo "Example configuration:"
echo "```yaml"
echo "jwt:"
echo " key-store: classpath:jwt.jks"
echo " key-store-password: \${JWT_KEYSTORE_PASSWORD}"
echo " key-alias: jwt"
echo "```"
# Cleanup temporary files
rm -f "$OUTPUT_DIR/jwt-public.cer"
echo
echo -e "${GREEN}✅ Key generation complete!${NC}"docs
plugins
developer-kit-ai
developer-kit-aws
agents
docs
skills
aws
aws-cli-beast
aws-cost-optimization
aws-drawio-architecture-diagrams
aws-sam-bootstrap
aws-cloudformation
aws-cloudformation-auto-scaling
aws-cloudformation-bedrock
aws-cloudformation-cloudfront
aws-cloudformation-cloudwatch
aws-cloudformation-dynamodb
aws-cloudformation-ec2
aws-cloudformation-ecs
aws-cloudformation-elasticache
references
aws-cloudformation-iam
references
aws-cloudformation-lambda
aws-cloudformation-rds
aws-cloudformation-s3
aws-cloudformation-security
aws-cloudformation-task-ecs-deploy-gh
aws-cloudformation-vpc
references
developer-kit-core
agents
commands
skills
developer-kit-devops
developer-kit-java
agents
commands
docs
skills
aws-lambda-java-integration
aws-rds-spring-boot-integration
aws-sdk-java-v2-bedrock
aws-sdk-java-v2-core
aws-sdk-java-v2-dynamodb
aws-sdk-java-v2-kms
aws-sdk-java-v2-lambda
aws-sdk-java-v2-messaging
aws-sdk-java-v2-rds
aws-sdk-java-v2-s3
aws-sdk-java-v2-secrets-manager
clean-architecture
graalvm-native-image
langchain4j-ai-services-patterns
references
langchain4j-mcp-server-patterns
references
langchain4j-rag-implementation-patterns
references
langchain4j-spring-boot-integration
langchain4j-testing-strategies
langchain4j-tool-function-calling-patterns
langchain4j-vector-stores-configuration
references
qdrant
references
spring-ai-mcp-server-patterns
spring-boot-actuator
spring-boot-cache
spring-boot-crud-patterns
spring-boot-dependency-injection
spring-boot-event-driven-patterns
spring-boot-openapi-documentation
spring-boot-project-creator
spring-boot-resilience4j
spring-boot-rest-api-standards
spring-boot-saga-pattern
spring-boot-security-jwt
assets
references
scripts
spring-boot-test-patterns
spring-data-jpa
references
spring-data-neo4j
references
unit-test-application-events
unit-test-bean-validation
unit-test-boundary-conditions
unit-test-caching
unit-test-config-properties
references
unit-test-controller-layer
unit-test-exception-handler
references
unit-test-json-serialization
unit-test-mapper-converter
references
unit-test-parameterized
unit-test-scheduled-async
references
unit-test-service-layer
references
unit-test-utility-methods
unit-test-wiremock-rest-api
references
developer-kit-php
developer-kit-project-management
developer-kit-python
developer-kit-specs
commands
docs
hooks
test-templates
tests
skills
developer-kit-tools
developer-kit-typescript
agents
docs
hooks
rules
skills
aws-cdk
aws-lambda-typescript-integration
better-auth
clean-architecture
drizzle-orm-patterns
dynamodb-toolbox-patterns
references
nestjs
nestjs-best-practices
nestjs-code-review
nestjs-drizzle-crud-generator
nextjs-app-router
nextjs-authentication
nextjs-code-review
nextjs-data-fetching
nextjs-deployment
nextjs-performance
nx-monorepo
react-code-review
react-patterns
shadcn-ui
tailwind-css-patterns
tailwind-design-system
references
turborepo-monorepo
typescript-docs
typescript-security-review
zod-validation-utilities
references
github-spec-kit