[Koha-bugs] [Bug 20402] Implement OAuth2 authentication for REST API

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Thu Apr 12 14:09:54 CEST 2018


--- Comment #33 from Josef Moravec <josef.moravec at gmail.com> ---
(In reply to Julian Maurice from comment #32)
> (In reply to Josef Moravec from comment #29)
> > Tested on another devbox, now I got 401 Unauthorized.
> > 
> > I have an idea of what is going on:
> > 
> > This only adds new authorization method, but the authorization with cookies
> > (eg. when you are normally logged into koha) is still taken into account.
> > 
> > But yesterday I used the koha database user to change permission of api user
> > - so token was expired and oauth say unauthorized, then cookie was found bud
> > the logged in user was database user and that's the reason why it exploded
> Then maybe we should not try cookie authentication if oauth fail and we have
> an Authorization header containing 'Bearer' ?


You are receiving this mail because:
You are watching all bug changes.

More information about the Koha-bugs mailing list