Make dotnet user-jwts create scriptable

[martincostello]

Is there an existing issue for this?

• I have searched the existing issues

Is your feature request related to a problem? Please describe the problem.

While looking at #42125 I noticed that, because it's designed for humans to use, the output from the dotnet user-jwts create command is quite "wordy".

> dotnet dotnet-user-jwts create --claim foo=bar --role baz
New JWT saved with ID '35ed49ea'.
Name: safia
Roles: baz
Custom Claims: foo=bar

Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InNhZmlhIiwic3ViIjoic2FmaWEiLCJqdGkiOiIzNWVkNDllYSIsInJvbGUiOiJiYXoiLCJmb28iOiJiYXIiLCJhdWQiOlsiaHR0cHM6Ly9sb2NhbGhvc3Q6NzI1OSIsImh0dHA6Ly9sb2NhbGhvc3Q6NTI1OSJdLCJuYmYiOjE2NTQ4NDQxMTMsImV4cCI6MTY2Mjc5MjkxMywiaWF0IjoxNjU0ODQ0MTE0LCJpc3MiOiJkb3RuZXQtdXNlci1qd3RzIn0.S9Edhjcw26uc1KKnQdrIHkBsSMLj8m_Z6K3QV3XjaHg

That's cool, it's a tool to help devs do manual testing of their APIs. They can read it, then copy the token from the terminal.

However, if a dev then wanted to script things with a created JWT, it's suddenly a bit hacky to run the tool and try and parse the output to get the generated JWT.

Describe the solution you'd like

An additional flag that can be passed to dotnet user-jwts create that will just output the JWT to the output with no other information (in the case of success, at least).

I can't think of a good name for it right now, so for the purpose of the example it's called --only-output-jwt:

> dotnet dotnet-user-jwts create --claim foo=bar --role baz --only-output-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6InNhZmlhIiwic3ViIjoic2FmaWEiLCJqdGkiOiIzNWVkNDllYSIsInJvbGUiOiJiYXoiLCJmb28iOiJiYXIiLCJhdWQiOlsiaHR0cHM6Ly9sb2NhbGhvc3Q6NzI1OSIsImh0dHA6Ly9sb2NhbGhvc3Q6NTI1OSJdLCJuYmYiOjE2NTQ4NDQxMTMsImV4cCI6MTY2Mjc5MjkxMywiaWF0IjoxNjU0ODQ0MTE0LCJpc3MiOiJkb3RuZXQtdXNlci1qd3RzIn0.S9Edhjcw26uc1KKnQdrIHkBsSMLj8m_Z6K3QV3XjaHg

Then using PowerShell as an example, you could generate a valid JWT and assign it directly into a variable, then use it to make HTTP requests:

$jwt = (dotnet dotnet-user-jwts create --claim foo=bar --role baz --only-output-jwt)
Invoke-WebRequest https://localhost:5001/my-secret-resource -Headers @{ "Authorization" = "Bearer $jwt" }

Additional context

No response

[pinkfloydx33]

Other tools I've used before have a --machine-readable flag, but the output is usually tabulated, etc. and not just a single value. There's always --output=token|full or maybe even --quiet (?) though that kinda implies no output at all. In either case I would definitely appreciate this for the same reasons cited in OP

[DamianEdwards]

I was initially thinking we'd just do something like --json-output that emits all relevant data as a JSON blob but I do like the idea of --output default|token|full|json|etc where --output default is the implied default. Also could alias it, e.g. -o|--output like many of the other commands that have an output option.