[Koha-devel] REST API not working in koha-testing-docker?

Agustin Moyano agustinmoyano at theke.io
Fri Mar 13 06:36:08 CET 2020 

As Tomas says, I've seen in many endpoint controllers that the code is
wrapped by a try, but in the catch section $_ is ignored, and a 500 is
returned.

I believe that Tomas means is that you should concat $_ to the message of
the 500 error in that catch section.

Regards.

On Thu, Mar 12, 2020 at 8:05 PM <dcook at prosentient.com.au> wrote:

> Hey Tomas,
>
>
>
> I listed some steps to reproduce at
> https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24862. I
> haven’t drilled down deep enough yet, but I’m thinking it might relate to
> cookies for anonymous sessions.
>
>
>
> Can you elaborate on what you mean by “concat $_ to the case of 500”?
>
>
>
> David Cook
>
> Systems Librarian
>
> Prosentient Systems
>
> 72/330 Wattle St
>
> Ultimo, NSW 2007
>
> Australia
>
>
>
> Office: 02 9212 0899
>
> Direct: 02 8005 0595
>
>
>
> *From:* Koha-devel <koha-devel-bounces at lists.koha-community.org> *On
> Behalf Of *Tomas Cohen Arazi
> *Sent:* Friday, 13 March 2020 9:52 AM
> *To:* koha-devel <koha-devel at lists.koha-community.org>
> *Subject:* Re: [Koha-devel] REST API not working in koha-testing-docker?
>
>
>
> Hi all.
>
>
>
> Cookie auth shouldn't be a problem per se. We only use the cookie for
> getting the user and then the code is the same no matter the autentication
> method.
>
>
>
> But
>
>
>
> There's always a 'but', right?
>
>
>
> I've been fighting some devs that introduce the use of
> C4::Context->userenv and then probably have side effects of a cookie is
> found ... Even if the api is called using (say) oauth.
>
>
>
> We should get rid of this side effects from our codebase. In the meantime,
> share some more info on the endpoint you're hitting so we can debug it and
> fix it!
>
>
>
> Cheers
>
>
>
> PS I need to submit some work I did for handling unhandled exceptions in a
> more useful way. I suggest you concat $_ to the case of 500 on the endpoint
> you're using to get more info.
>
>
>
> El jue., 12 de marzo de 2020 19:31, <dcook at prosentient.com.au> escribió:
>
> Hi Arthur,
>
>
>
> Thanks for your comprehensive reply. Sorry I just noticed it after
> replying to everyone else who CCed me directly.
>
>
>
> I’m not interested in using browser extensions, but thanks for sharing
> your experience.
>
>
>
> It looks like the 500 Internal Server Errors probably related to Koha not
> handling a cookie/browser session as expected. The errors went away if I
> used a different browser or an Incognito mode. (Hence why it also worked
> with curl.) I suppose that could be a bug in Koha, but probably not a
> significant enough one to deal with right now.
>
> Sure enough, when I log into the http://localhost:8080, I can now get the
> output of http://localhost:8080/api/v1/libraries because of the cookie
> indicating my browser session. If I log out, I now get ‘{"error":"Something
> went wrong, check the logs."}’, when really I should probably get a 401.
> Raised this issue for it
> https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24862.
>
>
>
> The RESTPublicAPI thing also looks like a bug as I keep getting this
> error: {"error":"Authorization failure. Missing required
> permission(s).","required_permissions":null}. At least when I try using
> RESTBasicAuth. I haven’t tried with RESTOAuth2ClientCredentials or cookie
> authentication. I’ll probably just end up blocking RESTPublicAPI anyway,
> but I’ve raised a ticket anyway
> https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24861.
>
>
>
> David Cook
>
> Systems Librarian
>
> Prosentient Systems
>
> 72/330 Wattle St
>
> Ultimo, NSW 2007
>
> Australia
>
>
>
> Office: 02 9212 0899
>
> Direct: 02 8005 0595
>
>
>
> *From:* Koha-devel <koha-devel-bounces at lists.koha-community.org> *On
> Behalf Of *Arthur Suzuki
> *Sent:* Thursday, 12 March 2020 8:23 PM
> *To:* koha-devel at lists.koha-community.org
> *Subject:* Re: [Koha-devel] REST API not working in koha-testing-docker?
>
>
>
> Hi David,
>
> To test Rest API I strongly recommend the use of "RESTer" which is an
> extension for Firefox.
>
> I'm sending here the "requests collection" I've made for my own use.
>
> When you open RESTer, there is a menu on the right (if not, click on the
> top left 3-bar icon).
>
> First thing is to go on "Organize" and import the request collection.
>
> 2nd step : Click on "Environment", then + button in the lower right corner.
>
> For the requests in the collection to work you'll want to define an
> environment called "koha" with a key called "baseurl" containing... the
> base url of the koha instance you want to test, for koha-testing-docker
> this is http://localhost:8080
>
> This setup allow to quickly change the baseurl for another one (let say a
> client in prodution) for all the requests in the collection.
>
> 401 is Authentication Failure error, this is how I solved :
>
> 3rd step : click on a request from the "KohaTest" group.  You'll get a
> panel with "Headers/Body/Auth/Var" tabs where you can provide data to forge
> the request.
>
> Go to Auth tab, click on "Generate new Token" -> "Basic" and provide
> credentials (koha/koha)
>
> To use basic Auth of course you'll have to enable BasicAuth in the Syspref.
>
> Click on the newly generated token so that it has a tick on its left.
>
> If you want to use curl, then you can easily export stuffs from RESTer to
> Curl, click on the top-right "3-point vertical" button and select "Show
> curl command" -> gives the curl stuff.
>
> I find this way of working very useful to maintain the collection of curl
> commands.
>
> Sry that this email is a bit long, it may not directly solve your issue
> but I hope it may :)
>
> If there is any interest I can maybe make a screencast to show how to
> setup the whole thing.
>
> I'm now just pulling the last koha-testing-docker env to verify if I get
> same errors as you have (taking some time given my very poor bandwidth in
> the middle of nowhere ^^)
>
> Best regards,
>
> Arthur
>
> On 12/03/2020 05:41, dcook at prosentient.com.au wrote:
>
> Hi all,
>
>
>
> I’m finally getting around to playing with the REST API, but it’s not
> quite working as expected.
>
>
>
> In koha-testing-docker (with the latest koha-testing-docker git repo and
> Docker images as of this writing), I’m getting the following in the browser:
>
>
>
>    1. 200 OK
>
>
>    1. http://localhost:8080/api/v1/.html
>       2. http://localhost:8080/api/v1/ or
>       http://localhost:8080/api/v1/.json
>
>
>    1. 500 Internal Server error (with no obvious messages in the server
>    logs other than a missing “Routing to a callback”)
>
>
>    1. http://localhost:8080/api/v1/items
>       2. http://localhost:8080/api/v1/patrons
>       3. http://localhost:8080/api/v1/libraries
>
>
>
> If I use “curl” or a Perl script, then I get a 401 error instead of a 500
> error. (Although in Koha 19.11, I can get JSON results in either the
> browser or with curl for those endpoints, but that’s a whole other matter.)
>
>
>
> RESTBasicAuth = 1 means I can use the API via curl, but still nothing via
> the browser. Which is fine I guess in practice but it’s not really what
> you’d expect. I often use browser requests to test out GET requests for
> APIs.
>
>
>
> I don’t really get how RESTPublicAPI works either. If it’s disabled, it
> says ‘{"error":"Configuration prevents the usage of this endpoint by
> unprivileged users"}’, but that doesn’t seem accurate, since disabling that
> system preference blocks the /public APIs in general, right? Even if you
> use a privileged user, it still doesn’t work.
>
>
>
> Actually, even with RESTPublicAPI enabled, I can’t get the /public
> endpoints to work. I get errors like this ‘{"error":"Authorization failure.
> Missing required permission(s).","required_permissions":null}’.
>
>
>
> This email is getting a bit long and I think I have a million other API
> problems, so I might just work through one by one and open Bugzilla tickets
> as I go…
>
>
>
> David Cook
>
> Systems Librarian
>
> Prosentient Systems
>
> 72/330 Wattle St
>
> Ultimo, NSW 2007
>
> Australia
>
>
>
> Office: 02 9212 0899
>
> Direct: 02 8005 0595
>
>
>
>
>
> _______________________________________________
>
> Koha-devel mailing list
>
> Koha-devel at lists.koha-community.org
>
> https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
>
> website : http://www.koha-community.org/
>
> git : http://git.koha-community.org/
>
> bugs : http://bugs.koha-community.org/
>
> _______________________________________________
> Koha-devel mailing list
> Koha-devel at lists.koha-community.org
> https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
> website : http://www.koha-community.org/
> git : http://git.koha-community.org/
> bugs : http://bugs.koha-community.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20200313/f1fed4e1/attachment.html>

More information about the Koha-devel mailing list