[Koha-bugs] [Bug 24539] New: Build generic authentication module interface

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Thu Jan 30 08:34:25 CET 2020 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24539

            Bug ID: 24539
           Summary: Build generic authentication module interface
 Change sponsored?: ---
           Product: Koha
           Version: master
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5 - low
         Component: Authentication
          Assignee: koha-bugs at lists.koha-community.org
          Reporter: dcook at prosentient.com.au
        QA Contact: testopia at bugs.koha-community.org
                CC: dpavlin at rot13.org

Locally, I run a number of custom authentication integrations for Koha, and
I've been thinking it would be great if there were a generic authentication
module interface.

So I've refactored my local OpenID Connect implementation, so that the changes
to Auth.pm and opac-auth.tt are very generic, and other authentication modules
could easily leverage them without touching Auth.pm or opac-auth.tt. (The
latter remains translateable as generic messages are in opac-auth.tt and they
are bound to keys passed from the authentication module.)

Right now, you invoke a custom endpoint (I have ideas about making those more
generic and extensible too) and it passes an object to C4::Auth::checkauth().
The module for that object and some other data are persisted in the logged in
user's session.

To log off, you just hit the log off button, Koha gets relevant info from the
user's session, and runs the authentication module's logout hook. 

My goal is to make it so that people can rapidly develop authentication
modules, and make it easy to swap in and out different modules. (For instance,
my local OpenID Connect code works and works reasonable well, but it's not
perfect. However, I shouldn't need to touch Auth.pm and opac-auth.tt to improve
that code. The improvements should be isolated within the specific
authentication module itself.)

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.

More information about the Koha-bugs mailing list