Been struggling with this for quite a while. My first plugin is working nicely, but I have been ignoring the qsh values. Now looking to tighten security so I want to verify the qsh and signature of the jwt token.
Struggling to recreate the qsh of the call by the Atlassian server:
My server tells me that atlassian appends fields as follows:
I decode the jwt and get a nice object with a qsh value. But when I try to recreate the qsh using the url above I get a different value for qsh.
Am using a standard recommended library. Any tips would be most gratefully received.