[Bug 20624] New: Allow switching off the OAuth2 client credentials grant
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Bug ID: 20624 Summary: Allow switching off the OAuth2 client credentials grant Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: tomascohen@gmail.com QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |20402, 20568, 20612 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 [Bug 20402] Implement OAuth2 authentication for REST API https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568 [Bug 20568] Add API key management interface for patrons https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20612 [Bug 20612] Make OAuth2 use patron's client_id/secret pairs -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com --- Comment #1 from Martin Renvoize <martin.renvoize@ptfs-europe.com> --- Holistic review found here: https://github.com/PTFS-Europe/koha/pull/112#pullrequestreview-113933459 -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |20627 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20627 [Bug 20627] Prevent leakages of user permissions to api access tokens -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Allow switching off the |Disable the OAuth2 client |OAuth2 client credentials |credentials grant by |grant |default -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|koha-bugs@lists.koha-commun |tomascohen@gmail.com |ity.org | -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on|20627 | Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20627 [Bug 20627] Prevent leakages of user permissions to api access tokens -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #2 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 74986 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74986&action=edit Bug 20624: Add RESTOAuth2ClientCredentials syspref Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #3 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 74987 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74987&action=edit Bug 20624: Unit tests This patch adds tests to verify that disabling the RESTOAuth2ClientCredentials syspref makes any request on the /api/v1/oauth/token using the 'client_credentials' grant fail with 'grant not implemented'. To test: - Apply this patch - Run: $ kshell k$ prove t/db_dependent/api/v1/oauth.t => FAIL: Tests fail because the change is not implemented! -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #4 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 74988 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74988&action=edit Bug 20624: Make /api/v1/oauth/token respect RESTOAuth2ClientCredentials This patch makes the /api/v1/oauth/token enpoint respect the RESTOAuth2ClientCredentials syspref. It will return 400 (with 'Unimplemented grant type' error message) on the event of the syspref being disabled and the grant_type => 'client_credentials' value passed. To test: - Run: $ kshell k$ prove t/db_dependent/api/v1/oauth.t => FAIL: It fails because the off-switch is not implemented - Apply this patch - Run: k$ prove t/db_dependent/api/v1/oauth.t => SUCCESS: Tests pass! - Sign off :-D -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #5 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 74989 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74989&action=edit Bug 20624: Make staff client respect RESTOAuth2ClientCredentials This patch makes the staff client UI respect the RESTOAuth2ClientCredentials syspref. To test: - Make sure RESTOAuth2ClientCredentials is "Don't enable" - Go to a patron's detail page => SUCCESS: The 'More' dropdown doesn't show the API keys management link. - Enable RESTOAuth2ClientCredentials - Reload => SUCCESS: The 'More' dropdown shows the API keys management link - Click on the API keys management link => SUCCESS: You can edit the api keys - Disable the syspref - Reload => SUCCESS: You are presented an error 400 page. - Sign off :-D -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |tomascohen@gmail.com Status|NEW |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |julian.maurice@biblibre.com | |, kyle.m.hall@gmail.com, | |nick@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |katrin.fischer@bsz-bw.de --- Comment #6 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Applied 20402, then bug 20568, but the latest patch there doesn't apply: Apply? [(y)es, (n)o, (i)nteractive] y Applying: Bug 20568: API keys management in interface Applying: Bug 20568: Add mandatory description field for api keys Applying: Bug 20568: Unit tests Applying: Bug 20568: API key management for OPAC users error: sha1 information is lacking or useless (koha-tmpl/opac-tmpl/bootstrap/en/includes/usermenu.inc). error: could not build fake ancestor Patch failed at 0001 Bug 20568: API key management for OPAC users The copy of the patch that failed is found in: .git/rebase-apply/patch When you have resolved this problem run "git bz apply --continue". If you would prefer to skip this patch, instead run "git bz apply --skip". To restore the original branch and stop patching run "git bz apply --abort". Patch left in /tmp/Bug-20568-API-key-management-for-OPAC-users-Igx9Ny.patch Sorry, stuck :( -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #7 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 75020 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75020&action=edit Bug 20624: (QA follow-up) Unit tests for missing deps situation This patch tests the situation in which Net::OAuth2::AuthorizationServer is missing. It mocks Module::Load::Conditional::can_load and expects the /token endpoint answers 'Unimplemented grant type' to all requests, and the 'authenticate_api_request' in 'under' exit with unauthorized (403) to requests in which the Authorization header is passed containing a Bearer token, but OAuth2 is not really available. To test: - Apply this patch - Run: $ kshell k$ prove t/db_dependent/api/v1/oauth.t => FAIL: Tests fail because our REST endpoints don't support this behaviour. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #8 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 75021 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75021&action=edit Bug 20624: (QA follow-up) Handle missing deps gracefuly This patch makes the /token endpoint and the authenticate_api_request method behave correctly in the event of missing deps for OAuth2. To test: - Run: $ kshell k$ prove t/db_dependent/api/v1/oauth.t => FAIL: The behaviour is not implemented - Apply this patch - Run: k$ prove t/db_dependent/api/v1/oauth.t => SUCCESS: Tests pass! Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #9 from Tomás Cohen Arazi <tomascohen@gmail.com> --- (In reply to Katrin Fischer from comment #6)
Applied 20402, then bug 20568, but the latest patch there doesn't apply: Apply? [(y)es, (n)o, (i)nteractive] y Applying: Bug 20568: API keys management in interface Applying: Bug 20568: Add mandatory description field for api keys Applying: Bug 20568: Unit tests Applying: Bug 20568: API key management for OPAC users error: sha1 information is lacking or useless (koha-tmpl/opac-tmpl/bootstrap/en/includes/usermenu.inc). error: could not build fake ancestor Patch failed at 0001 Bug 20568: API key management for OPAC users The copy of the patch that failed is found in: .git/rebase-apply/patch When you have resolved this problem run "git bz apply --continue". If you would prefer to skip this patch, instead run "git bz apply --skip". To restore the original branch and stop patching run "git bz apply --abort". Patch left in /tmp/Bug-20568-API-key-management-for-OPAC-users-Igx9Ny.patch
Sorry, stuck :(
Dependent bugs rebased! -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on|20402 | --- Comment #10 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- bug 20402 is already a dependency of bug 20612 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 [Bug 20402] OAuth2 client credentials grant for REST API -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |20402 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 [Bug 20402] OAuth2 client credentials grant for REST API -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #11 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- ... trying to figure out the right sequence that will make git bz happy. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #12 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- 20402 20568 20612 20624 ... always tell git bz to ignore dependencies as it doesn't notice what's already applied. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #13 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- Treating this as a false positive as it's not added by the patch set: FAIL Koha/REST/V1/Auth.pm OK critic OK forbidden patterns OK git manipulation OK pod FAIL pod coverage POD is missing for 'validate_query_parameters' The link is gone, but the page remains accessible directly: http://localhost:8081/cgi-bin/koha/members/apikeys.pl?patron_id=1 Tests fail for me: t/db_dependent/api/v1/oauth.t .. 1/2 # Failed test '/oauth/token tests' # at t/db_dependent/api/v1/oauth.t line 116. Can't call method "expires" on an undefined value at t/db_dependent/api/v1/oauth.t line 93. # Looks like your test exited with 255 just after 1. t/db_dependent/api/v1/oauth.t .. Dubious, test returned 255 (wstat 65280, 0xff00) Failed 2/2 subtests Test Summary Report ------------------- t/db_dependent/api/v1/oauth.t (Wstat: 65280 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 255 Parse errors: Bad plan. You planned 2 tests but ran 1. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #74986|0 |1 is obsolete| | Attachment #74987|0 |1 is obsolete| | Attachment #74988|0 |1 is obsolete| | Attachment #74989|0 |1 is obsolete| | Attachment #75020|0 |1 is obsolete| | Attachment #75021|0 |1 is obsolete| | --- Comment #14 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 75060 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75060&action=edit Bug 20624: Add RESTOAuth2ClientCredentials syspref Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #15 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 75061 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75061&action=edit Bug 20624: Unit tests This patch adds tests to verify that disabling the RESTOAuth2ClientCredentials syspref makes any request on the /api/v1/oauth/token using the 'client_credentials' grant fail with 'grant not implemented'. To test: - Apply this patch - Run: $ kshell k$ prove t/db_dependent/api/v1/oauth.t => FAIL: Tests fail because the change is not implemented! Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #16 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 75062 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75062&action=edit Bug 20624: Make /api/v1/oauth/token respect RESTOAuth2ClientCredentials This patch makes the /api/v1/oauth/token enpoint respect the RESTOAuth2ClientCredentials syspref. It will return 400 (with 'Unimplemented grant type' error message) on the event of the syspref being disabled and the grant_type => 'client_credentials' value passed. To test: - Run: $ kshell k$ prove t/db_dependent/api/v1/oauth.t => FAIL: It fails because the off-switch is not implemented - Apply this patch - Run: k$ prove t/db_dependent/api/v1/oauth.t => SUCCESS: Tests pass! - Sign off :-D Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #17 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 75063 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75063&action=edit Bug 20624: Make staff client respect RESTOAuth2ClientCredentials This patch makes the staff client UI respect the RESTOAuth2ClientCredentials syspref. To test: - Make sure RESTOAuth2ClientCredentials is "Don't enable" - Go to a patron's detail page => SUCCESS: The 'More' dropdown doesn't show the API keys management link. - Enable RESTOAuth2ClientCredentials - Reload => SUCCESS: The 'More' dropdown shows the API keys management link - Click on the API keys management link => SUCCESS: You can edit the api keys - Disable the syspref - Reload => SUCCESS: You are presented an error 400 page. - Sign off :-D Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #18 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 75064 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75064&action=edit Bug 20624: (QA follow-up) Unit tests for missing deps situation This patch tests the situation in which Net::OAuth2::AuthorizationServer is missing. It mocks Module::Load::Conditional::can_load and expects the /token endpoint answers 'Unimplemented grant type' to all requests, and the 'authenticate_api_request' in 'under' exit with unauthorized (403) to requests in which the Authorization header is passed containing a Bearer token, but OAuth2 is not really available. To test: - Apply this patch - Run: $ kshell k$ prove t/db_dependent/api/v1/oauth.t => FAIL: Tests fail because our REST endpoints don't support this behaviour. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #19 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 75065 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75065&action=edit Bug 20624: (QA follow-up) Handle missing deps gracefuly This patch makes the /token endpoint and the authenticate_api_request method behave correctly in the event of missing deps for OAuth2. To test: - Run: $ kshell k$ prove t/db_dependent/api/v1/oauth.t => FAIL: The behaviour is not implemented - Apply this patch - Run: k$ prove t/db_dependent/api/v1/oauth.t => SUCCESS: Tests pass! Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #20 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 75132 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75132&action=edit Bug 20624: (QA follow-up) Add miising POD in Koha::REST::V1::OAuth Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|enhancement |normal -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #21 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 75184 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75184&action=edit Bug 20624: Net::OAuth2::AuthorizationServer is not a hard dependency While we get packaging sorted, Net::OAuth2::AuthorizationServer is not a hard dependency for Koha and the feature requiring it is disabled by default. This patch: - Makes the dependency optional - Makes the unit tests for the OAuth2 client credentials flow skip if the dependency is not met. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jonathan.druart@bugs.koha-c | |ommunity.org --- Comment #22 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- I was expecting to see rejected any requests made with a valid token when the pref is off. Example: Turn the pref on Generate a token Request something (or not) Turn the pref on Request something => 200 Should not we return 401 or whatever instead? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 --- Comment #23 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 75206 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75206&action=edit Bug 20624: Add an entry in About when deps are not present Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #75206|0 |1 is obsolete| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |20734 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20734 [Bug 20734] Add warning to the about page if RESTOAuth2ClientCredentials and not Net::OAuth2::AuthorizationServer -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Signed Off |Passed QA -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Passed QA |Pushed to Master --- Comment #24 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- Pushed to master for 18.05, thanks to everybody involved! -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Bug 20624 depends on bug 20612, which changed state. Bug 20612 Summary: Make OAuth2 use patron's client_id/secret pairs https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20612 What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Master |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Master |Pushed to Stable -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Bug 20624 depends on bug 20568, which changed state. Bug 20568 Summary: Add API key management interface for patrons https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20568 What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Master |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Bug 20624 depends on bug 20402, which changed state. Bug 20402 Summary: OAuth2 client credentials grant for REST API https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Master |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Martin Renvoize <martin.renvoize@ptfs-europe.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to Stable |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |25623 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25623 [Bug 25623] Some tests in oauth.t do not roll back -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org