[Koha-bugs] [Bug 20402] Implement OAuth2 authentication for REST API
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Apr 12 14:08:08 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402
--- Comment #32 from Julian Maurice <julian.maurice at biblibre.com> ---
(In reply to Josef Moravec from comment #29)
> Tested on another devbox, now I got 401 Unauthorized.
>
> I have an idea of what is going on:
>
> This only adds new authorization method, but the authorization with cookies
> (eg. when you are normally logged into koha) is still taken into account.
>
> But yesterday I used the koha database user to change permission of api user
> - so token was expired and oauth say unauthorized, then cookie was found bud
> the logged in user was database user and that's the reason why it exploded
Then maybe we should not try cookie authentication if oauth fail and we have an
Authorization header containing 'Bearer' ?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list