Plugin classloader and Authorization questions

Hello and sorry! It is my n-th topic. Will try to refactor my questions, maybe this helps to find a solution.

  1. How to solve such issue: we added library, for example, ojdbc6 or 8 with compile or provided scope, with same plugin dependency or without it - but Jira asks for appropriate Import-Package or for addditional sun security dependency:
    1.1. How to determine, what should be specified in Import-Package for specific lib, because, for example, for com.hankcstrie Import will be com.hankcs.algorithm.;resolution:=“optional”, not com.hankcs.*;resolution:=“optional”,
    1.2. (major) How to figure out, what extra dependencies will be required for ojdbc6, etc.? Simple, not Jira app, on tomcat does not require extra libs for ojdbc6.
    1.3. Will instruction to manually add, for example 4 well known libraries for installation of developed plugin on marketplace be approved? Or this is bad practice? I hope, in such way Jira will not ask for extra dependencies.

2. How to authenticate specific Jira user in external Jira specific plugin server?
There are 5 pages with topic listings about JWT auth for Cloud, but no for Sever.