# pip install jwt cryptography requests

from datetime import datetime
import jwt
import time
import requests

KEY_FILE = 'salesforce.key'
CLIENT_ID = '3MVG9Vik22TUgUphbgbEe0kXRZGFxDJ7TKOkiLJgixzNy4ssgvIpYsaVBBeU1ueKcAQA7hf4_sj.hQHnD1Nsl'
AUDIENCE = 'https://test.salesforce.com' # or 'https://test.salesforce.com' if you're using the sandbox
SUBJECT = 'your-sf-user@email.tld'

print('Loading private key...')

with open(KEY_FILE) as fd:
    private_key = fd.read()

print('Generating signed JWT assertion...')
claim = {
    'iss': CLIENT_ID,
    'exp': int(time.time()) + 300,
    'aud': AUDIENCE,
    'sub': SUBJECT,
}
assertion = jwt.encode(claim, private_key, algorithm='RS256', headers={'alg':'RS256'}).decode('utf8')

print('Making OAuth request...')
r = requests.post('https://test.salesforce.com/services/oauth2/token', data = {
    'grant_type': 'urn:ietf:params:oauth:grant-type:jwt-bearer',
    'assertion': assertion,
})

print('Status:', r.status_code)
print(r.json())