[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 David Cook changed: What|Removed |Added See Also||https://bugs.koha-community ||.org/bugzilla3/show_bug.cgi ||?id=25796 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Martin Renvoize changed: What|Removed |Added Status|Pushed to Master|RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 --- Comment #75 from David Cook --- (In reply to Julian Maurice from comment #74) > You could define as many API clients as you want in $KOHA_CONF. > But this has been replaced by bug 20568 and bug 20612. You can now define > API keys in the interface. Oooh awesome! I've wanted that feature for so long :D. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 --- Comment #74 from Julian Maurice --- (In reply to David Cook from comment #73) > I know this has already been pushed... but it looks like this allows for > only 1 API client? What if you want to have multiple API clients? You could define as many API clients as you want in $KOHA_CONF. But this has been replaced by bug 20568 and bug 20612. You can now define API keys in the interface. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 David Cook changed: What|Removed |Added CC||dc...@prosentient.com.au --- Comment #73 from David Cook --- I know this has already been pushed... but it looks like this allows for only 1 API client? What if you want to have multiple API clients? BibLibre might have Coral talking to Koha's REST API, but maybe a client's Drupal website wants to talk to Koha's REST API too? Right now, I suppose you could share the credentials amongst all the clients, but that doesn't seem like a great long-term option? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Jonathan Druart changed: What|Removed |Added Status|Passed QA |Pushed to Master --- Comment #72 from Jonathan Druart --- Pushed to master for 18.05, thanks to everybody involved! -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 --- Comment #71 from Jonathan Druart --- Created attachment 75189 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75189&action=edit Bug 20402: only output if verbose flag is set -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Katrin Fischer changed: What|Removed |Added Blocks||20624 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 [Bug 20624] Disable the OAuth2 client credentials grant by default -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Katrin Fischer changed: What|Removed |Added Blocks|20624 | Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20624 [Bug 20624] Disable the OAuth2 client credentials grant by default -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Attachment #74600|0 |1 is obsolete|| --- Comment #69 from Tomás Cohen Arazi --- Created attachment 75033 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75033&action=edit Bug 20402: Remove useless call to Koha::OAuthAccessTokens->search -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 --- Comment #70 from Tomás Cohen Arazi --- Rebased. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Attachment #74386|0 |1 is obsolete|| --- Comment #68 from Tomás Cohen Arazi --- Created attachment 75032 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75032&action=edit Bug 20402: Add missing POD Signed-off-by: Tomas Cohen Arazi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Attachment #74384|0 |1 is obsolete|| --- Comment #66 from Tomás Cohen Arazi --- Created attachment 75030 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75030&action=edit Bug 20402: Use TestBuilder->build_object in oauth.t Signed-off-by: Tomas Cohen Arazi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Attachment #74385|0 |1 is obsolete|| --- Comment #67 from Tomás Cohen Arazi --- Created attachment 75031 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75031&action=edit Bug 20402: Atomic update and kohastructure.sql fixes Signed-off-by: Tomas Cohen Arazi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Attachment #74380|0 |1 is obsolete|| --- Comment #62 from Tomás Cohen Arazi --- Created attachment 75026 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75026&action=edit Bug 20402: Implement OAuth2 authentication for REST API It implements only the "client credentials" flow with no scopes support. API clients are tied to an existing patron and have the same permissions as the patron they are tied to. API Clients are defined in $KOHA_CONF. Test plan: 0. Install Net::OAuth2::AuthorizationServer 0.16 1. In $KOHA_CONF, add an element under : $CLIENT_ID $CLIENT_SECRET X 2. Apply patch, run updatedatabase.pl and reload starman 3. Install Firefox extension RESTer [1] 4. In RESTer, go to "Authorization" tab and create a new OAuth2 configuration: - OAuth flow: Client credentials - Access Token Request Method: POST - Access Token Request Endpoint: http://$KOHA_URL/api/v1/oauth/token - Access Token Request Client Authentication: Credentials in request body - Client ID: $CLIENT_ID - Client Secret: $CLIENT_SECRET 5. Click on the newly created configuration to generate a new token (which will be valid only for an hour) 6. In RESTer, set HTTP method to GET and url to http://$KOHA_URL/api/v1/patrons then click on SEND If patron X has permission 'borrowers', it should return 200 OK with the list of patrons Otherwise it should return 403 with the list of required permissions (Please test both cases) 7. Wait an hour (or run the following SQL query: UPDATE oauth_access_tokens SET expires = 0) and repeat step 6. You should have a 403 Forbidden status, and the token must have been removed from the database. 8. Create a bunch of tokens using RESTer, make some of them expires using the previous SQL query, and run the following command: misc/cronjobs/cleanup_database.pl --oauth-tokens Verify that expired tokens were removed, and that the others are still there 9. prove t/db_dependent/api/v1/oauth.t [1] https://addons.mozilla.org/en-US/firefox/addon/rester/ Signed-off-by: Josef Moravec Signed-off-by: Tomas Cohen Arazi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Attachment #74382|0 |1 is obsolete|| --- Comment #64 from Tomás Cohen Arazi --- Created attachment 75028 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75028&action=edit Bug 20402: Don't look at cookies if OAuth2 is attempted and has failed Signed-off-by: Tomas Cohen Arazi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Attachment #74383|0 |1 is obsolete|| --- Comment #65 from Tomás Cohen Arazi --- Created attachment 75029 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75029&action=edit Bug 20402: Remove dependency on Mojo::Plugin::OAuth2::Server Signed-off-by: Tomas Cohen Arazi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Attachment #74381|0 |1 is obsolete|| --- Comment #63 from Tomás Cohen Arazi --- Created attachment 75027 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=75027&action=edit Bug 20402: Fix oauth.t GET /patrons now requires { "borrowers": 1 } instead of { "borrowers": "edit_borrowers" } Signed-off-by: Josef Moravec Signed-off-by: Tomas Cohen Arazi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 20402] OAuth2 client credentials grant for REST API
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 Tomás Cohen Arazi changed: What|Removed |Added Summary|Implement OAuth2|OAuth2 client credentials |authentication for REST API |grant for REST API -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/