[Koha] Koha API - Authentication Failure

Aswin Unnikrishnan aswinunni01 at gmail.com
Mon May 24 04:11:25 NZST 2021


Debian Linux 9 and koha 19.11

On Sun, May 23, 2021, 6:02 PM Tomas Cohen Arazi <tomascohen at gmail.com>
wrote:

> OS anda Koha version?
>
> El dom., 23 may. 2021 1:06 a. m., Aswin Unnikrishnan <
> aswinunni01 at gmail.com> escribió:
>
>> Nope, were using the default apache configurations. Nothing special
>>
>> On Sat, 22 May 2021 at 20:46, Tomas Cohen Arazi <tomascohen at gmail.com>
>> wrote:
>>
>>> I wonder why it is working out of the box, and not for you. Is there any
>>> special apache config you're using?
>>>
>>> If not, then this is something we should patch in the Koha packages for
>>> everyone.
>>>
>>> Kind regards
>>>
>>> El sáb., 22 may. 2021 12:12, Aswin Unnikrishnan <aswinunni01 at gmail.com>
>>> escribió:
>>>
>>>> Thank you so much guys,
>>>>
>>>> Was a bit busy the past couple of days and could'nt work on it. But I
>>>> followed the documentation mentioned by Ere and it worked!
>>>>
>>>> SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
>>>>
>>>>
>>>> If anyone else faces this issue, you should add this command under
>>>> <VirtualHost> </VirtualHost> Tag .
>>>>
>>>> Thanks,
>>>> Aswin
>>>>
>>>> On Wed, 19 May 2021 at 14:20, Ere Maijala <ere.maijala at helsinki.fi>
>>>> wrote:
>>>>
>>>> > My documented steps to make sure OAuth2 is working are here:
>>>> >
>>>> >
>>>> >
>>>> https://github.com/vufind-org/vufind/blob/dev/config/vufind/KohaRest.ini#L20
>>>> >
>>>> > This may be useful for you. I suppose it would make sense to document
>>>> > this properly in Koha wiki as well, I just haven't had time...
>>>> >
>>>> > Best,
>>>> > Ere
>>>> >
>>>> > Aswin Unnikrishnan kirjoitti 17.5.2021 klo 20.53:
>>>> > > Thanks for pointing that out Stephen, I will have to look into
>>>> that, it
>>>> > > might be the issue here.
>>>> > >
>>>> > > Tomas, I am not exactly sure if we have plack running or not.  Plack
>>>> > seems
>>>> > > to be enabled, but plack logs are all empty. the logs are all at
>>>> > > intranet-error.log and opac-error.log
>>>> > >
>>>> > > I will try out the apache CGIPass method as Stephen suggested and
>>>> get
>>>> > back
>>>> > > if it works.
>>>> > >
>>>> > > Thanks,
>>>> > > Aswin
>>>> > >
>>>> > > On Mon, May 17, 2021, 9:02 PM Tomas Cohen Arazi <
>>>> tomascohen at gmail.com>
>>>> > > wrote:
>>>> > >
>>>> > >> Are you running Plack?
>>>> > >>
>>>> > >> El lun, 17 may 2021 a las 11:53, Aswin Unnikrishnan (<
>>>> > >> aswinunni01 at gmail.com>) escribió:
>>>> > >>
>>>> > >>> Thanks Stephen, Tomas for the quick response.
>>>> > >>>
>>>> > >>> Aswin - are you using the correct URL to call your custom
>>>> endpoint. It
>>>> > >>>> should be under the contrib namespace e.g.
>>>> > >>>>
>>>> > >>>
>>>> > >>> The app i am making is not part of koha, its a seperate web app
>>>> which
>>>> > >>> makes calls to /api/v1/ end points of the koha server.
>>>> > >>>
>>>> > >>> Does the user (owner of the id/secret pair) have privileged
>>>> access to
>>>> > >>>> Koha? Remember it needs to have permissions to enter the staff
>>>> > interface
>>>> > >>>> (the 'catalogue' permission) in order to access routes (other
>>>> than
>>>> > those in
>>>> > >>>> the /api/v1/public namespace).
>>>> > >>>>
>>>> > >>> Yes, the user has permission set to access all librarian
>>>> functions, I
>>>> > >>> also tried accessing the api end point via browser after logging
>>>> in to
>>>> > the
>>>> > >>> staff portal with this user, and im getting the correct response.
>>>> > >>>
>>>> > >>> Im also not able to access api/v1/.html from the browser, it
>>>> gives a
>>>> > 403
>>>> > >>> Error page. I checked the error logs and found this
>>>> > >>>
>>>> > >>> [authz_core:error] [pid 25846]  AH01630: client denied by server
>>>> > >>>> configuration: /usr/share/koha/api/v1/.html
>>>> > >>>>
>>>> > >>>
>>>> > >>>
>>>> > >>> Is there any logging systems in place which could give more info
>>>> > >>> regarding the authorization failure error? or any idea whats
>>>> wrong?
>>>> > >>>
>>>> > >>> Thanks,
>>>> > >>> Aswin
>>>> > >>>
>>>> > >>>
>>>> > >>> On Mon, 17 May 2021 at 19:13, Tomas Cohen Arazi <
>>>> tomascohen at gmail.com>
>>>> > >>> wrote:
>>>> > >>>
>>>> > >>>> Does the user (owner of the id/secret pair) have privileged
>>>> access to
>>>> > >>>> Koha? Remember it needs to have permissions to enter the staff
>>>> > interface
>>>> > >>>> (the 'catalogue' permission) in order to access routes (other
>>>> than
>>>> > those in
>>>> > >>>> the /api/v1/public namespace).
>>>> > >>>>
>>>> > >>>> BTW: All routes also have some required permissions you should
>>>> take a
>>>> > >>>> look at. Specific ones.
>>>> > >>>>
>>>> > >>>> Kind regards
>>>> > >>>>
>>>> > >>>> El lun, 17 may 2021 a las 9:40, Aswin Unnikrishnan (<
>>>> > >>>> aswinunni01 at gmail.com>) escribió:
>>>> > >>>>
>>>> > >>>>> Hi,
>>>> > >>>>>
>>>> > >>>>> I wanted to build an app that uses the koha API, and so i was
>>>> > testing it
>>>> > >>>>> out, but I keep getting "Authentication Failure" error
>>>> whichever end
>>>> > >>>>> point
>>>> > >>>>> I try to access.
>>>> > >>>>> The steps i did are
>>>> > >>>>>
>>>> > >>>>> 1. Got the client_id / secret from koha
>>>> > >>>>> 2. Sent a POST request to api/v1/oauth/token with required
>>>> parameters
>>>> > >>>>> and
>>>> > >>>>> got  an "access_token" returned
>>>> > >>>>> 3. Added the token to my authorization header with header-prefix
>>>> > >>>>> "Bearer"
>>>> > >>>>> 4. Sent a GET request to different end points, but getting the
>>>> same
>>>> > 401
>>>> > >>>>> Unauthorized error code with error : Authentication failure
>>>> > >>>>>
>>>> > >>>>> However if i access one of the public end points like
>>>> > >>>>> /api/v1/biblios/{biblio_id} i can get a response
>>>> > >>>>>
>>>> > >>>>> If anyone has any idea why this is happening, please  let me
>>>> know.
>>>> > >>>>>
>>>> > >>>>> Thanks in advance,
>>>> > >>>>> Aswin
>>>> > >>>>> _______________________________________________
>>>> > >>>>>
>>>> > >>>>> Koha mailing list  http://koha-community.org
>>>> > >>>>> Koha at lists.katipo.co.nz
>>>> > >>>>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>>> > >>>>>
>>>> > >>>>
>>>> > >>>>
>>>> > >>>> --
>>>> > >>>> Tomás Cohen Arazi
>>>> > >>>> Theke Solutions (http://theke.io)
>>>> > >>>> ✆ +54 9351 3513384
>>>> > >>>> GPG: B2F3C15F
>>>> > >>>>
>>>> > >>>
>>>> > >>
>>>> > >> --
>>>> > >> Tomás Cohen Arazi
>>>> > >> Theke Solutions (http://theke.io)
>>>> > >> ✆ +54 9351 3513384
>>>> > >> GPG: B2F3C15F
>>>> > >>
>>>> > > _______________________________________________
>>>> > >
>>>> > > Koha mailing list  http://koha-community.org
>>>> > > Koha at lists.katipo.co.nz
>>>> > > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>>> > >
>>>> >
>>>> > --
>>>> > Ere Maijala
>>>> > Kansalliskirjasto / The National Library of Finland
>>>> > _______________________________________________
>>>> >
>>>> > Koha mailing list  http://koha-community.org
>>>> > Koha at lists.katipo.co.nz
>>>> > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>>> >
>>>> _______________________________________________
>>>>
>>>> Koha mailing list  http://koha-community.org
>>>> Koha at lists.katipo.co.nz
>>>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>>>
>>>


More information about the Koha mailing list