[Koha-bugs] [Bug 20402] Implement OAuth2 authentication for REST API

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Thu Apr 12 14:08:08 CEST 2018


--- Comment #32 from Julian Maurice <julian.maurice at biblibre.com> ---
(In reply to Josef Moravec from comment #29)
> Tested on another devbox, now I got 401 Unauthorized.
> I have an idea of what is going on:
> This only adds new authorization method, but the authorization with cookies
> (eg. when you are normally logged into koha) is still taken into account.
> But yesterday I used the koha database user to change permission of api user
> - so token was expired and oauth say unauthorized, then cookie was found bud
> the logged in user was database user and that's the reason why it exploded

Then maybe we should not try cookie authentication if oauth fail and we have an
Authorization header containing 'Bearer' ?

You are receiving this mail because:
You are watching all bug changes.

More information about the Koha-bugs mailing list