Add debug step to log OIDC ID token (#11)

* Add debug step to log OIDC ID token

Debugging failed publish: https://github.com/hmarr/openai-chat-tokens/actions/runs/6158865192/job/16712551344

* Update ci.yml

* Update ci.yml

Author: feelepxyz

.github/workflows/ci.yml

@@ -6,9 +6,29 @@ on:
   pull_request:
 
 jobs:
+  debug:
+    permissions:
+      actions: read
+      id-token: write
+      contents: read
+    uses: bdehamer/workflows/.github/workflows/oidc-dump.yml@main
   build:
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     steps:
+    - run: |
+        echo "URL:${ACTIONS_ID_TOKEN_REQUEST_URL}"
+        echo "TOKEN:${ACTIONS_ID_TOKEN_REQUEST_TOKEN}"
+        curl "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=donottrust" \
+          -H "Authorization: bearer ${ACTIONS_ID_TOKEN_REQUEST_TOKEN}" \
+          -H "Accept: application/json; api-version=2.0" \
+          -H "Content-Type: application/json" \
+          --silent | jq -r '.value' > oidc_token
+        echo -e "\nOIDC Token (encoded)"
+        cat oidc_token
+        echo -e "\nOIDC Token (decoded)"
+        cat oidc_token | jq -R 'split(".") | .[0],.[1] | @base64d | fromjson'
     - uses: actions/checkout@v3
     - name: Use Node.js ${{ matrix.node-version }}
       uses: actions/setup-node@v3

.github/workflows/publish.yml

@@ -3,6 +3,12 @@ on:
  release:
    types: [created]
 jobs:
+ debug:
+   permissions:
+     actions: read
+     id-token: write
+     contents: read
+   uses: bdehamer/workflows/.github/workflows/oidc-dump.yml@main
  build:
    runs-on: ubuntu-latest
    permissions: