[Koha-bugs] [Bug 20624] Disable the OAuth2 client credentials grant by default
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed May 2 21:00:34 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624
--- Comment #4 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
Created attachment 74988
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=74988&action=edit
Bug 20624: Make /api/v1/oauth/token respect RESTOAuth2ClientCredentials
This patch makes the /api/v1/oauth/token enpoint respect the
RESTOAuth2ClientCredentials syspref. It will return 400 (with
'Unimplemented grant type' error message) on the event of the syspref
being disabled and the grant_type => 'client_credentials' value passed.
To test:
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: It fails because the off-switch is not implemented
- Apply this patch
- Run:
k$ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass!
- Sign off :-D
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list