Error during signing my add-on

Add-ons Development
#1

Hi everyone,
I have tried to generate the JWT token for my addon using the following node.js script

var jwt = require('jsonwebtoken');
var issuedAt  = Math.floor(Date.now() / 1000);
var payload = {
    iss: 'user:5617820:496',
    jti: Math.random().toString(),
    iat: issuedAt,
    exp: issuedAt + 60,
};
var secret = '.mysecret.'
// store this securely.
var token = jwt.sign(payload, secret, {algorithm: 'HS256',// HMAC-SHA256 signing algorithm
});
console.log(token);

Then I use this token to issue the command:
C:\curl>curl.exe https://addons.mozilla.org/api/v3/addons/EasyFa@EasyFa.txt/vers
ions/1.0.1-signed -g -XPUT --form ‘upload=build/easyfa-1.0-fx.xpi’ -H ‘Authoriz
ation: JWT eyJ0…HI’

but there is an error of:
curl: (6) Could not resolve host: JWT
curl: (6) Could not resolve host: eyJ0…

Any ideas what I am missing here?
Thanks

#2

I didn’t get a chance to dig into your code, but I wanted to quickly give you a reference/guide. Here is my node js sign script, I use the same module:

I sign it like this:

generateToken = function(yourApiKey, yourApiSecret, yourDate) {
    // your date should be Date.now()
    var issuedAt = Math.floor(yourDate / 1000);
    var payload = {
      iss: yourApiKey,
      jti: Math.random().toString(),
      iat: issuedAt,
      exp: issuedAt + 60,
    };

    var secret = yourApiSecret; // store this securely.
    var token = jwt.sign(payload, secret, {
      algorithm: 'HS256',  // HMAC-SHA256 signing algorithm
    });
    
    // console.log('token:', token);
    
    return token;
};

Then here is how I hit the AMO API endpoints:

https://gist.github.com/Noitidart/0ec2f46c20781e211920

The token is highly time sensitive, that’s why I hit a server to get the correct time. But if you want to rely on your system clock, try syncing it and I’m sure it will fix it. There are many issues about this on the bug forum - https://github.com/mozilla/addons-server/issues/1071