[Koha-bugs] [Bug 20402] Implement OAuth2 authentication for REST API
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Apr 12 14:09:54 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402
--- Comment #33 from Josef Moravec <josef.moravec at gmail.com> ---
(In reply to Julian Maurice from comment #32)
> (In reply to Josef Moravec from comment #29)
> > Tested on another devbox, now I got 401 Unauthorized.
> >
> > I have an idea of what is going on:
> >
> > This only adds new authorization method, but the authorization with cookies
> > (eg. when you are normally logged into koha) is still taken into account.
> >
> > But yesterday I used the koha database user to change permission of api user
> > - so token was expired and oauth say unauthorized, then cookie was found bud
> > the logged in user was database user and that's the reason why it exploded
>
> Then maybe we should not try cookie authentication if oauth fail and we have
> an Authorization header containing 'Bearer' ?
+1
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list