Bug in encode_token
Issue #1
new
File : atlassian_jwt\encode.py
encode_token should be using key for iss instead its using the clientKey
Comments (3)
-
-
Looks like Atlassian stopped caring about this package. I have another issue when using generated qsh:
`Expecting claim 'qsh' to have value 'foo' but instead it has the value 'bar'`
-
Two and a half years later this bug is still prevalent. Easy enough work around, but very very broken.
- Log in to comment
This is a pretty critical bug. Since encode_token uses clientKey for the iss instead of the key, any REST API call that uses a JWT token generated using this method will be will be rejected by the Atlassian server. Local mod of this function using key instead of clientKey solved my issues with REST calls generating 401 even though the JWT token "looked" valid. Effectively the current implementation will not work as an encoding tool for REST API calls.