I have been using the OAuth guide provided here: https://developer.atlassian.com/server/jira/platform/oauth/
It states that in order to authenticate I have to generate a public-private key pair and make a configuration in Jira and send it in my request for temporary token.
This command is supposed to be generating this key pair:
openssl genrsa -out jira_privatekey.pem 1024
This was correct a few months ago. However for quite some time now, the implementation has been changed apparently and this guide is outdated.
If using this same key now, Jira will return an exception like the following:
Signature length not correct: got 128 but was expecting 256.
Please fix this guide by replacing the command with the following one:
openssl genrsa -out jira_privatekey.pem 2048
This one generates public-private key pair of 2048bit. The rest of the implementation remains the same.
Also there have been some deprecated Libraries used in the code implementation of the Jira OAuth client.
Please fix them as well.