Hi there, I’ve been working on a python connect implementation on the side I’m not entirely sure what’s going wrong with that approach - possibly the aud
field - but I can show you how I’ve done it in the past. I use a combination of the atlassian-jwt library and another called requests-jwt:
import time
import urllib.parse
import requests
import requests_jwt
from atlassian_jwt.url_utils import hash_url as generate_qsh
def qsh(base_url):
base_path = urllib.parse.urlparse(base_url).path
def qsh_generator(request):
relative_path = request.path_url
if relative_path.startswith(base_path):
relative_path = relative_path[len(base_path):]
return generate_qsh(request.method, relative_path)
return qsh_generator
def iat(*_):
return int(time.time())
def outgoing_authenticator(base_url, shared_secret, addon_key):
jwt_auth = requests_jwt.JWTAuth(shared_secret, alg='HS256',
header_format='JWT %s')
jwt_auth.expire(600)
jwt_auth.add_field('iat', iat)
jwt_auth.add_field('iss', addon_key)
jwt_auth.add_field('qsh', qsh(base_url))
return jwt_auth
requests.get('https://your-url', auth-outgoing_authenticator(<tenant base url>, <tenant shared secret>, <addon key>))
Hope that’s useful to you. One of these days I’ll publish a library