[Koha] Koha API - Authentication Failure

Tomas Cohen Arazi tomascohen at gmail.com
Mon May 24 00:32:27 NZST 2021


OS anda Koha version?

El dom., 23 may. 2021 1:06 a. m., Aswin Unnikrishnan <aswinunni01 at gmail.com>
escribió:

> Nope, were using the default apache configurations. Nothing special
>
> On Sat, 22 May 2021 at 20:46, Tomas Cohen Arazi <tomascohen at gmail.com>
> wrote:
>
>> I wonder why it is working out of the box, and not for you. Is there any
>> special apache config you're using?
>>
>> If not, then this is something we should patch in the Koha packages for
>> everyone.
>>
>> Kind regards
>>
>> El sáb., 22 may. 2021 12:12, Aswin Unnikrishnan <aswinunni01 at gmail.com>
>> escribió:
>>
>>> Thank you so much guys,
>>>
>>> Was a bit busy the past couple of days and could'nt work on it. But I
>>> followed the documentation mentioned by Ere and it worked!
>>>
>>> SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
>>>
>>>
>>> If anyone else faces this issue, you should add this command under
>>> <VirtualHost> </VirtualHost> Tag .
>>>
>>> Thanks,
>>> Aswin
>>>
>>> On Wed, 19 May 2021 at 14:20, Ere Maijala <ere.maijala at helsinki.fi>
>>> wrote:
>>>
>>> > My documented steps to make sure OAuth2 is working are here:
>>> >
>>> >
>>> >
>>> https://github.com/vufind-org/vufind/blob/dev/config/vufind/KohaRest.ini#L20
>>> >
>>> > This may be useful for you. I suppose it would make sense to document
>>> > this properly in Koha wiki as well, I just haven't had time...
>>> >
>>> > Best,
>>> > Ere
>>> >
>>> > Aswin Unnikrishnan kirjoitti 17.5.2021 klo 20.53:
>>> > > Thanks for pointing that out Stephen, I will have to look into that,
>>> it
>>> > > might be the issue here.
>>> > >
>>> > > Tomas, I am not exactly sure if we have plack running or not.  Plack
>>> > seems
>>> > > to be enabled, but plack logs are all empty. the logs are all at
>>> > > intranet-error.log and opac-error.log
>>> > >
>>> > > I will try out the apache CGIPass method as Stephen suggested and get
>>> > back
>>> > > if it works.
>>> > >
>>> > > Thanks,
>>> > > Aswin
>>> > >
>>> > > On Mon, May 17, 2021, 9:02 PM Tomas Cohen Arazi <
>>> tomascohen at gmail.com>
>>> > > wrote:
>>> > >
>>> > >> Are you running Plack?
>>> > >>
>>> > >> El lun, 17 may 2021 a las 11:53, Aswin Unnikrishnan (<
>>> > >> aswinunni01 at gmail.com>) escribió:
>>> > >>
>>> > >>> Thanks Stephen, Tomas for the quick response.
>>> > >>>
>>> > >>> Aswin - are you using the correct URL to call your custom
>>> endpoint. It
>>> > >>>> should be under the contrib namespace e.g.
>>> > >>>>
>>> > >>>
>>> > >>> The app i am making is not part of koha, its a seperate web app
>>> which
>>> > >>> makes calls to /api/v1/ end points of the koha server.
>>> > >>>
>>> > >>> Does the user (owner of the id/secret pair) have privileged access
>>> to
>>> > >>>> Koha? Remember it needs to have permissions to enter the staff
>>> > interface
>>> > >>>> (the 'catalogue' permission) in order to access routes (other than
>>> > those in
>>> > >>>> the /api/v1/public namespace).
>>> > >>>>
>>> > >>> Yes, the user has permission set to access all librarian
>>> functions, I
>>> > >>> also tried accessing the api end point via browser after logging
>>> in to
>>> > the
>>> > >>> staff portal with this user, and im getting the correct response.
>>> > >>>
>>> > >>> Im also not able to access api/v1/.html from the browser, it gives
>>> a
>>> > 403
>>> > >>> Error page. I checked the error logs and found this
>>> > >>>
>>> > >>> [authz_core:error] [pid 25846]  AH01630: client denied by server
>>> > >>>> configuration: /usr/share/koha/api/v1/.html
>>> > >>>>
>>> > >>>
>>> > >>>
>>> > >>> Is there any logging systems in place which could give more info
>>> > >>> regarding the authorization failure error? or any idea whats wrong?
>>> > >>>
>>> > >>> Thanks,
>>> > >>> Aswin
>>> > >>>
>>> > >>>
>>> > >>> On Mon, 17 May 2021 at 19:13, Tomas Cohen Arazi <
>>> tomascohen at gmail.com>
>>> > >>> wrote:
>>> > >>>
>>> > >>>> Does the user (owner of the id/secret pair) have privileged
>>> access to
>>> > >>>> Koha? Remember it needs to have permissions to enter the staff
>>> > interface
>>> > >>>> (the 'catalogue' permission) in order to access routes (other than
>>> > those in
>>> > >>>> the /api/v1/public namespace).
>>> > >>>>
>>> > >>>> BTW: All routes also have some required permissions you should
>>> take a
>>> > >>>> look at. Specific ones.
>>> > >>>>
>>> > >>>> Kind regards
>>> > >>>>
>>> > >>>> El lun, 17 may 2021 a las 9:40, Aswin Unnikrishnan (<
>>> > >>>> aswinunni01 at gmail.com>) escribió:
>>> > >>>>
>>> > >>>>> Hi,
>>> > >>>>>
>>> > >>>>> I wanted to build an app that uses the koha API, and so i was
>>> > testing it
>>> > >>>>> out, but I keep getting "Authentication Failure" error whichever
>>> end
>>> > >>>>> point
>>> > >>>>> I try to access.
>>> > >>>>> The steps i did are
>>> > >>>>>
>>> > >>>>> 1. Got the client_id / secret from koha
>>> > >>>>> 2. Sent a POST request to api/v1/oauth/token with required
>>> parameters
>>> > >>>>> and
>>> > >>>>> got  an "access_token" returned
>>> > >>>>> 3. Added the token to my authorization header with header-prefix
>>> > >>>>> "Bearer"
>>> > >>>>> 4. Sent a GET request to different end points, but getting the
>>> same
>>> > 401
>>> > >>>>> Unauthorized error code with error : Authentication failure
>>> > >>>>>
>>> > >>>>> However if i access one of the public end points like
>>> > >>>>> /api/v1/biblios/{biblio_id} i can get a response
>>> > >>>>>
>>> > >>>>> If anyone has any idea why this is happening, please  let me
>>> know.
>>> > >>>>>
>>> > >>>>> Thanks in advance,
>>> > >>>>> Aswin
>>> > >>>>> _______________________________________________
>>> > >>>>>
>>> > >>>>> Koha mailing list  http://koha-community.org
>>> > >>>>> Koha at lists.katipo.co.nz
>>> > >>>>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>> > >>>>>
>>> > >>>>
>>> > >>>>
>>> > >>>> --
>>> > >>>> Tomás Cohen Arazi
>>> > >>>> Theke Solutions (http://theke.io)
>>> > >>>> ✆ +54 9351 3513384
>>> > >>>> GPG: B2F3C15F
>>> > >>>>
>>> > >>>
>>> > >>
>>> > >> --
>>> > >> Tomás Cohen Arazi
>>> > >> Theke Solutions (http://theke.io)
>>> > >> ✆ +54 9351 3513384
>>> > >> GPG: B2F3C15F
>>> > >>
>>> > > _______________________________________________
>>> > >
>>> > > Koha mailing list  http://koha-community.org
>>> > > Koha at lists.katipo.co.nz
>>> > > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>> > >
>>> >
>>> > --
>>> > Ere Maijala
>>> > Kansalliskirjasto / The National Library of Finland
>>> > _______________________________________________
>>> >
>>> > Koha mailing list  http://koha-community.org
>>> > Koha at lists.katipo.co.nz
>>> > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>> >
>>> _______________________________________________
>>>
>>> Koha mailing list  http://koha-community.org
>>> Koha at lists.katipo.co.nz
>>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>>
>>


More information about the Koha mailing list