Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

REST Api Oauth python : oauth_problem=signature_method_rejected

Kev Conroy
Kev Conroy October 18, 2017

I've used basic authentication with the REST API with great success, so seems sensible to move to OAuth.

I've followed the Java based example here and it worked well enough, giving me the access token and secret, as well as retrieving data. Yay!

But all our systems are in Python - should be easy huh? 

1/ The Atlassian python examples don't work - not with our Python2.7 libraries, as RSA SHA1 appears deprecated due to vulns. At the point of hashing the data, python throws raise NotImplementedError("Use module Crypto.Cipher.PKCS1_OAEP instead")

The Atlassian example is clunky anyway - we use the requests library for the existing access, so I have used the requests_oauthlib OAuth1.

token_auth = OAuth1(consumer_key, consumer_secret, auth_token,auth_token_secret)

response = requests.get(data_url,auth=token_auth)

but this fails with

response: 400
Response: oauth_problem=signature_method_rejected

 

Answer
Watch
Like Be the first to like this
4343 views

1 answer

3 votes
Kev Conroy
Kev Conroy October 18, 2017

I know it's bad form to answer your own question - but I've got the answer after quite a bit of fruitless  searching - so here it is:

Assuming you have the access token and secret, you just need to create your OAuth1 authentication object with the right parameters:

import requests
from requests_oauthlib import OAuth1
from oauthlib.oauth1 import SIGNATURE_HMAC, SIGNATURE_RSA

key = open("<yourprivatekey.pem>").read()
pkeystring=key.strip()
token_auth = OAuth1(consumer_key, consumer_secret, auth_token,token_secret,
                    signature_method=SIGNATURE_RSA,
                    rsa_key=pkeystring,
                    signature_type='auth_header'
                    )

response = requests.get(data_url,auth=token_auth)

This makes me super happy as I have a beautiful API class for jira and confluence, and I only have to change the "auth=" part of the call to requests to move to the super-quick oauth authentication.

View More Comments
Dan
Dan August 8, 2018

Is that API class for confluence something you could share?  I've been really struggling to try to get a script working that just uploads attachments to an existing confluence page.  We've moved to OAuth (I think).  Ultimately I would really really love to be able to use python to access a confluence page and replace a table or tables with a new version.

Thanks

-Dan

Like
nigelb14
nigelb14 October 12, 2018

Thanks Kev, that was a great help. 

Atlassian really hasn't made it easy for Python developers using OAuth 1.0a as their docs recommend.   

I did have to tweak your example a bit to get it working.  consumer_secret wasn't needed.

Here's what I did:

from requests_oauthlib import OAuth1
from oauthlib.oauth1 import SIGNATURE_RSA
import requests

CONSUMER_KEY = ''
RSA_KEY = read('cert/jira_privatekey.pem')
oauth_token = ''
oauth_token_secret = ''

token_auth = OAuth1(CONSUMER_KEY, 
    resource_owner_key=oauth_token,  
    resource_owner_secret=oauth_token_secret, 
    signature_method=SIGNATURE_RSA, 
    rsa_key=RSA_KEY, 
    signature_type='auth_header')

requests.get('https://your.jirasite/api/whatever', auth=token_auth)

 Hope that helps others who have been struggling with this.

Like # people like this
Lishen Liu
Lishen Liu August 26, 2023

I tried your code. But it returned an error stating it was missing a parameter.

TypeError: load_pem_private_key() missing 1 required positional argument: 'backend'

Did you ever encounter this?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events