package main import ( "encoding/base64" "encoding/json" "fmt" "os" "strings" ) func main() { if len(os.Args) < 2 { fmt.Println("Usage: decode-token ") os.Exit(1) } token := os.Args[1] parts := strings.Split(token, ".") if len(parts) != 3 { fmt.Println("Invalid JWT token format") os.Exit(1) } // Decode header fmt.Println("=== JWT HEADER ===") headerBytes, err := base64.RawStdEncoding.DecodeString(parts[0]) if err != nil { fmt.Printf("Failed to decode header: %v\n", err) os.Exit(1) } var header map[string]interface{} if err := json.Unmarshal(headerBytes, &header); err != nil { fmt.Printf("Failed to parse header: %v\n", err) os.Exit(1) } headerJSON, _ := json.MarshalIndent(header, "", " ") fmt.Println(string(headerJSON)) // Decode payload fmt.Println("\n=== JWT PAYLOAD (CLAIMS) ===") payloadBytes, err := base64.RawStdEncoding.DecodeString(parts[1]) if err != nil { fmt.Printf("Failed to decode payload: %v\n", err) os.Exit(1) } var payload map[string]interface{} if err := json.Unmarshal(payloadBytes, &payload); err != nil { fmt.Printf("Failed to parse payload: %v\n", err) os.Exit(1) } payloadJSON, _ := json.MarshalIndent(payload, "", " ") fmt.Println(string(payloadJSON)) fmt.Println("\n=== KEY FIELDS ===") if sub, ok := payload["sub"].(string); ok { fmt.Printf("User ID (sub): %s\n", sub) } if typ, ok := payload["typ"].(string); ok { fmt.Printf("Token Type (typ): %s\n", typ) } if aud, ok := payload["aud"].(string); ok { fmt.Printf("Audience (aud): %s\n", aud) } if exp, ok := payload["exp"].(float64); ok { fmt.Printf("Expires (exp): %v\n", exp) } if iat, ok := payload["iat"].(float64); ok { fmt.Printf("Issued At (iat): %v\n", iat) } // Check for user profile fields fmt.Println("\n=== USER PROFILE FIELDS ===") hasProfile := false for key, value := range payload { if strings.Contains(strings.ToLower(key), "name") || strings.Contains(strings.ToLower(key), "user") || strings.Contains(strings.ToLower(key), "display") || strings.Contains(strings.ToLower(key), "email") { fmt.Printf("%s: %v\n", key, value) hasProfile = true } } if !hasProfile { fmt.Println("(No user profile fields found in token)") } }