[Koha-bugs] [Bug 13920] API authentication system - proposal
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Aug 27 19:22:38 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13920
Julian Maurice <julian.maurice at biblibre.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #41166|0 |1
is obsolete| |
--- Comment #27 from Julian Maurice <julian.maurice at biblibre.com> ---
Created attachment 42042
-->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=42042&action=edit
Bug 13920: API authentication system - Swagtenticator authentication
Reads the Swagger2 definitions and defines the API routes and controllers
for Mojolicious.
Authentiates the API consumer using Koha::Auth::Challenge::RESTV1
with all the necessary details inferred from Swagger2, like permissions.
Validates all input to match the Swagger2 definition.
Authentication is based on the permissions defined in the Swagger2
definition.
Add x-koha-permission to the Operation Object to define needed Koha
permissions to access the resource.
Eg.
"/borrowers/{borrowernumber}": {
"get": {
"x-mojo-controller": "Koha::REST::V1::Borrowers",
"x-koha-permission": {
"borrowers": "*"
},
"operationId": "getBorrower",
"tags": ["borrowers"],
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list