[Koha] Koha API - Authentication Failure

Aswin Unnikrishnan aswinunni01 at gmail.com
Sun May 23 16:06:33 NZST 2021


Nope, were using the default apache configurations. Nothing special

On Sat, 22 May 2021 at 20:46, Tomas Cohen Arazi <tomascohen at gmail.com>
wrote:

> I wonder why it is working out of the box, and not for you. Is there any
> special apache config you're using?
>
> If not, then this is something we should patch in the Koha packages for
> everyone.
>
> Kind regards
>
> El sáb., 22 may. 2021 12:12, Aswin Unnikrishnan <aswinunni01 at gmail.com>
> escribió:
>
>> Thank you so much guys,
>>
>> Was a bit busy the past couple of days and could'nt work on it. But I
>> followed the documentation mentioned by Ere and it worked!
>>
>> SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
>>
>>
>> If anyone else faces this issue, you should add this command under
>> <VirtualHost> </VirtualHost> Tag .
>>
>> Thanks,
>> Aswin
>>
>> On Wed, 19 May 2021 at 14:20, Ere Maijala <ere.maijala at helsinki.fi>
>> wrote:
>>
>> > My documented steps to make sure OAuth2 is working are here:
>> >
>> >
>> >
>> https://github.com/vufind-org/vufind/blob/dev/config/vufind/KohaRest.ini#L20
>> >
>> > This may be useful for you. I suppose it would make sense to document
>> > this properly in Koha wiki as well, I just haven't had time...
>> >
>> > Best,
>> > Ere
>> >
>> > Aswin Unnikrishnan kirjoitti 17.5.2021 klo 20.53:
>> > > Thanks for pointing that out Stephen, I will have to look into that,
>> it
>> > > might be the issue here.
>> > >
>> > > Tomas, I am not exactly sure if we have plack running or not.  Plack
>> > seems
>> > > to be enabled, but plack logs are all empty. the logs are all at
>> > > intranet-error.log and opac-error.log
>> > >
>> > > I will try out the apache CGIPass method as Stephen suggested and get
>> > back
>> > > if it works.
>> > >
>> > > Thanks,
>> > > Aswin
>> > >
>> > > On Mon, May 17, 2021, 9:02 PM Tomas Cohen Arazi <tomascohen at gmail.com
>> >
>> > > wrote:
>> > >
>> > >> Are you running Plack?
>> > >>
>> > >> El lun, 17 may 2021 a las 11:53, Aswin Unnikrishnan (<
>> > >> aswinunni01 at gmail.com>) escribió:
>> > >>
>> > >>> Thanks Stephen, Tomas for the quick response.
>> > >>>
>> > >>> Aswin - are you using the correct URL to call your custom endpoint.
>> It
>> > >>>> should be under the contrib namespace e.g.
>> > >>>>
>> > >>>
>> > >>> The app i am making is not part of koha, its a seperate web app
>> which
>> > >>> makes calls to /api/v1/ end points of the koha server.
>> > >>>
>> > >>> Does the user (owner of the id/secret pair) have privileged access
>> to
>> > >>>> Koha? Remember it needs to have permissions to enter the staff
>> > interface
>> > >>>> (the 'catalogue' permission) in order to access routes (other than
>> > those in
>> > >>>> the /api/v1/public namespace).
>> > >>>>
>> > >>> Yes, the user has permission set to access all librarian functions,
>> I
>> > >>> also tried accessing the api end point via browser after logging in
>> to
>> > the
>> > >>> staff portal with this user, and im getting the correct response.
>> > >>>
>> > >>> Im also not able to access api/v1/.html from the browser, it gives a
>> > 403
>> > >>> Error page. I checked the error logs and found this
>> > >>>
>> > >>> [authz_core:error] [pid 25846]  AH01630: client denied by server
>> > >>>> configuration: /usr/share/koha/api/v1/.html
>> > >>>>
>> > >>>
>> > >>>
>> > >>> Is there any logging systems in place which could give more info
>> > >>> regarding the authorization failure error? or any idea whats wrong?
>> > >>>
>> > >>> Thanks,
>> > >>> Aswin
>> > >>>
>> > >>>
>> > >>> On Mon, 17 May 2021 at 19:13, Tomas Cohen Arazi <
>> tomascohen at gmail.com>
>> > >>> wrote:
>> > >>>
>> > >>>> Does the user (owner of the id/secret pair) have privileged access
>> to
>> > >>>> Koha? Remember it needs to have permissions to enter the staff
>> > interface
>> > >>>> (the 'catalogue' permission) in order to access routes (other than
>> > those in
>> > >>>> the /api/v1/public namespace).
>> > >>>>
>> > >>>> BTW: All routes also have some required permissions you should
>> take a
>> > >>>> look at. Specific ones.
>> > >>>>
>> > >>>> Kind regards
>> > >>>>
>> > >>>> El lun, 17 may 2021 a las 9:40, Aswin Unnikrishnan (<
>> > >>>> aswinunni01 at gmail.com>) escribió:
>> > >>>>
>> > >>>>> Hi,
>> > >>>>>
>> > >>>>> I wanted to build an app that uses the koha API, and so i was
>> > testing it
>> > >>>>> out, but I keep getting "Authentication Failure" error whichever
>> end
>> > >>>>> point
>> > >>>>> I try to access.
>> > >>>>> The steps i did are
>> > >>>>>
>> > >>>>> 1. Got the client_id / secret from koha
>> > >>>>> 2. Sent a POST request to api/v1/oauth/token with required
>> parameters
>> > >>>>> and
>> > >>>>> got  an "access_token" returned
>> > >>>>> 3. Added the token to my authorization header with header-prefix
>> > >>>>> "Bearer"
>> > >>>>> 4. Sent a GET request to different end points, but getting the
>> same
>> > 401
>> > >>>>> Unauthorized error code with error : Authentication failure
>> > >>>>>
>> > >>>>> However if i access one of the public end points like
>> > >>>>> /api/v1/biblios/{biblio_id} i can get a response
>> > >>>>>
>> > >>>>> If anyone has any idea why this is happening, please  let me know.
>> > >>>>>
>> > >>>>> Thanks in advance,
>> > >>>>> Aswin
>> > >>>>> _______________________________________________
>> > >>>>>
>> > >>>>> Koha mailing list  http://koha-community.org
>> > >>>>> Koha at lists.katipo.co.nz
>> > >>>>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>> > >>>>>
>> > >>>>
>> > >>>>
>> > >>>> --
>> > >>>> Tomás Cohen Arazi
>> > >>>> Theke Solutions (http://theke.io)
>> > >>>> ✆ +54 9351 3513384
>> > >>>> GPG: B2F3C15F
>> > >>>>
>> > >>>
>> > >>
>> > >> --
>> > >> Tomás Cohen Arazi
>> > >> Theke Solutions (http://theke.io)
>> > >> ✆ +54 9351 3513384
>> > >> GPG: B2F3C15F
>> > >>
>> > > _______________________________________________
>> > >
>> > > Koha mailing list  http://koha-community.org
>> > > Koha at lists.katipo.co.nz
>> > > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>> > >
>> >
>> > --
>> > Ere Maijala
>> > Kansalliskirjasto / The National Library of Finland
>> > _______________________________________________
>> >
>> > Koha mailing list  http://koha-community.org
>> > Koha at lists.katipo.co.nz
>> > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>> >
>> _______________________________________________
>>
>> Koha mailing list  http://koha-community.org
>> Koha at lists.katipo.co.nz
>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>
>


More information about the Koha mailing list