Switch from SIGNATURE_RSA to SIGNATURE_HMAC_SHA1

pycontribs / jira

Python Jira library. Development chat available on https://matrix.to/#/#pycontribs:matrix.org

https://jira.readthedocs.io

BSD 2-Clause "Simplified" License

1.94k stars 860 forks source link

Switch from SIGNATURE_RSA to SIGNATURE_HMAC_SHA1 #1643

Closed traylenator closed 1 year ago

traylenator commented 1 year ago

RHEL 9 has a policy of deprecating SHA1 and has removed it from python-oauthlib via the addition of locally added patch.

Switching to SIGNATURE_RSA_HMAC_SHA1 allows this module to be used on RHEL9 when the system package python3-oauthlib-3.1.1-2.el9.noarch.rpm is used.

Here is the patch form RHEL9 python-oauthlib. 0001-Rip-out-RSA-SHA1.patch.txt

traylenator commented 1 year ago

Seems you add the label.... ?

xdgc commented 1 year ago

This breaks existing software. Against Jira Server v8.20.10#820010-sha1:ace47f9 and using python-jira 3.5.1, I get oauth_problem=signature_method_rejected. Pinning to 3.5.0, code still works. Client is Ubuntu 20.04.