import { generateKeyPairSync, randomUUID } from 'node:crypto'

const { privateKey, publicKey } = generateKeyPairSync('rsa', {
  modulusLength: 2048,
  publicKeyEncoding: {
    type: 'spki',
    format: 'pem'
  },
  privateKeyEncoding: {
    type: 'pkcs8',
    format: 'pem'
  }
})

const kid = `auth-${randomUUID()}`

function toEnvValue(pem) {
  return pem.trim().replace(/\n/g, '\\n')
}

console.log('# Copy these values to your .env file')
console.log(`JWT_KID="${kid}"`)
console.log(`JWT_PRIVATE_KEY_PEM="${toEnvValue(privateKey)}"`)
console.log(`JWT_PUBLIC_KEY_PEM="${toEnvValue(publicKey)}"`)