+ diff -uNr jira-3.5.0.ORIG/jira/client.py jira-3.5.0/jira/client.py

+ --- jira-3.5.0.ORIG/jira/client.py	2023-03-31 10:45:26.244884699 +0200

+ +++ jira-3.5.0/jira/client.py	2023-03-31 10:45:48.562803934 +0200

+ @@ -3715,13 +3715,13 @@

+      def _create_oauth_session(

+          self, oauth, timeout: Optional[Union[Union[float, int], Tuple[float, float]]]

+      ):

+ -        from oauthlib.oauth1 import SIGNATURE_RSA

+ +        from oauthlib.oauth1 import SIGNATURE_RSA_SHA512

+          from requests_oauthlib import OAuth1

+  

+          oauth_instance = OAuth1(

+              oauth["consumer_key"],

+              rsa_key=oauth["key_cert"],

+ -            signature_method=SIGNATURE_RSA,

+ +            signature_method=SIGNATURE_RSA_512,

+              resource_owner_key=oauth["access_token"],

+              resource_owner_secret=oauth["access_token_secret"],

+          )

+ diff -uNr jira-3.5.0.ORIG/jira/jirashell.py jira-3.5.0/jira/jirashell.py

+ --- jira-3.5.0.ORIG/jira/jirashell.py	2023-03-31 10:45:26.244884699 +0200

+ +++ jira-3.5.0/jira/jirashell.py	2023-03-31 10:46:08.956730132 +0200

+ @@ -14,7 +14,7 @@

+  

+  import keyring

+  import requests

+ -from oauthlib.oauth1 import SIGNATURE_RSA

+ +from oauthlib.oauth1 import SIGNATURE_RSA_SHA512

+  from requests_oauthlib import OAuth1

+  

+  from jira import JIRA, __version__

+ @@ -28,7 +28,7 @@

+          verify = server.startswith("https")

+  

+      # step 1: get request tokens

+ -    oauth = OAuth1(consumer_key, signature_method=SIGNATURE_RSA, rsa_key=key_cert_data)

+ +    oauth = OAuth1(consumer_key, signature_method=SIGNATURE_RSA_SHA512, rsa_key=key_cert_data)

+      r = requests.post(

+          server + "/plugins/servlet/oauth/request-token", verify=verify, auth=oauth

+      )

+ @@ -70,7 +70,7 @@

+      # step 3: get access tokens for validated user

+      oauth = OAuth1(

+          consumer_key,

+ -        signature_method=SIGNATURE_RSA,

+ +        signature_method=SIGNATURE_RSA_SHA512,

+          rsa_key=key_cert_data,

+          resource_owner_key=request_token,

+          resource_owner_secret=request_token_secret,

+ Release:            2%{?dist}

+ # RHEL9 deprecates SIGNATURE_RSA in python-oauthlib with a local patch

+ Patch0:             jira-SHA-to-SHA_512.patch

+ # Relax build requirements as slightly older on EL9

+ sed -i 's/"setuptools >= 60.0.0"/"setuptools"/' pyproject.toml

+ sed -i 's/"setuptools_scm\[toml\] >= 7.0.0"/"setuptools_scm[toml]"/' pyproject.toml

+ 

+ * Fri Mar 31 2023 Steve Traylen <steve.traylen@cern.ch> - 3.5.0-2

+ - Relax setuptools BR for an EPEL9 builds

+ - Switch from SIGNATURE_RSA to SIGNATURE_RSA_SHA512

+