logical-and
commented
9 years ago Please provide a technical details for term "signed requests" in http request context. Do you mean hash in request body/header?
Open rjakes opened 9 years ago
logical-and
commented
9 years ago Please provide a technical details for term "signed requests" in http request context. Do you mean hash in request body/header?
rjakes
commented
9 years ago I originally thought that only subsequent request, after authentication, needed to be signed. Later I learned that the authentication request also needs to be signed by private key.
The Jira documentation directs you to a tutorial, which used Java libraries, so that may not be super helpful: https://developer.atlassian.com/jiradev/api-reference/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-example-oauth-authentication.
Here is an example that uses Zend_Crytp_Rsa https://www.prodpad.com/2013/05/tech-tutorial-oauth-in-jira/
Here is one that uses Guzzle: https://github.com/alexzv/jira-restapi-client/blob/master/src/Jira/Api/Authentication/Oauth.php
Jira requires that all requests be signed via RSA-SHA1.
Are there any examples that use RSA-SHA1 signed requests that I can look at?