[Koha] Koha API - Authentication Failure
Ere Maijala
ere.maijala at helsinki.fi
Wed May 26 18:28:06 NZST 2021
Do you mean OAuth2 is working for you without anything special in Apache
config? I've not been that fortunate yet, though it might depend on
whether authentication plugins are enabled in Apache.
--Ere
Tomas Cohen Arazi kirjoitti 22.5.2021 klo 18.15:
> I wonder why it is working out of the box, and not for you. Is there any
> special apache config you're using?
>
> If not, then this is something we should patch in the Koha packages for
> everyone.
>
> Kind regards
>
> El sáb., 22 may. 2021 12:12, Aswin Unnikrishnan <aswinunni01 at gmail.com
> <mailto:aswinunni01 at gmail.com>> escribió:
>
> Thank you so much guys,
>
> Was a bit busy the past couple of days and could'nt work on it. But I
> followed the documentation mentioned by Ere and it worked!
>
> SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
>
>
> If anyone else faces this issue, you should add this command under
> <VirtualHost> </VirtualHost> Tag .
>
> Thanks,
> Aswin
>
> On Wed, 19 May 2021 at 14:20, Ere Maijala <ere.maijala at helsinki.fi
> <mailto:ere.maijala at helsinki.fi>> wrote:
>
> > My documented steps to make sure OAuth2 is working are here:
> >
> >
> >
> https://github.com/vufind-org/vufind/blob/dev/config/vufind/KohaRest.ini#L20
> <https://github.com/vufind-org/vufind/blob/dev/config/vufind/KohaRest.ini#L20>
> >
> > This may be useful for you. I suppose it would make sense to document
> > this properly in Koha wiki as well, I just haven't had time...
> >
> > Best,
> > Ere
> >
> > Aswin Unnikrishnan kirjoitti 17.5.2021 klo 20.53:
> > > Thanks for pointing that out Stephen, I will have to look into
> that, it
> > > might be the issue here.
> > >
> > > Tomas, I am not exactly sure if we have plack running or not.
> Plack
> > seems
> > > to be enabled, but plack logs are all empty. the logs are all at
> > > intranet-error.log and opac-error.log
> > >
> > > I will try out the apache CGIPass method as Stephen suggested
> and get
> > back
> > > if it works.
> > >
> > > Thanks,
> > > Aswin
> > >
> > > On Mon, May 17, 2021, 9:02 PM Tomas Cohen Arazi
> <tomascohen at gmail.com <mailto:tomascohen at gmail.com>>
> > > wrote:
> > >
> > >> Are you running Plack?
> > >>
> > >> El lun, 17 may 2021 a las 11:53, Aswin Unnikrishnan (<
> > >> aswinunni01 at gmail.com <mailto:aswinunni01 at gmail.com>>) escribió:
> > >>
> > >>> Thanks Stephen, Tomas for the quick response.
> > >>>
> > >>> Aswin - are you using the correct URL to call your custom
> endpoint. It
> > >>>> should be under the contrib namespace e.g.
> > >>>>
> > >>>
> > >>> The app i am making is not part of koha, its a seperate web
> app which
> > >>> makes calls to /api/v1/ end points of the koha server.
> > >>>
> > >>> Does the user (owner of the id/secret pair) have privileged
> access to
> > >>>> Koha? Remember it needs to have permissions to enter the staff
> > interface
> > >>>> (the 'catalogue' permission) in order to access routes
> (other than
> > those in
> > >>>> the /api/v1/public namespace).
> > >>>>
> > >>> Yes, the user has permission set to access all librarian
> functions, I
> > >>> also tried accessing the api end point via browser after
> logging in to
> > the
> > >>> staff portal with this user, and im getting the correct response.
> > >>>
> > >>> Im also not able to access api/v1/.html from the browser, it
> gives a
> > 403
> > >>> Error page. I checked the error logs and found this
> > >>>
> > >>> [authz_core:error] [pid 25846] AH01630: client denied by server
> > >>>> configuration: /usr/share/koha/api/v1/.html
> > >>>>
> > >>>
> > >>>
> > >>> Is there any logging systems in place which could give more info
> > >>> regarding the authorization failure error? or any idea whats
> wrong?
> > >>>
> > >>> Thanks,
> > >>> Aswin
> > >>>
> > >>>
> > >>> On Mon, 17 May 2021 at 19:13, Tomas Cohen Arazi
> <tomascohen at gmail.com <mailto:tomascohen at gmail.com>>
> > >>> wrote:
> > >>>
> > >>>> Does the user (owner of the id/secret pair) have privileged
> access to
> > >>>> Koha? Remember it needs to have permissions to enter the staff
> > interface
> > >>>> (the 'catalogue' permission) in order to access routes
> (other than
> > those in
> > >>>> the /api/v1/public namespace).
> > >>>>
> > >>>> BTW: All routes also have some required permissions you
> should take a
> > >>>> look at. Specific ones.
> > >>>>
> > >>>> Kind regards
> > >>>>
> > >>>> El lun, 17 may 2021 a las 9:40, Aswin Unnikrishnan (<
> > >>>> aswinunni01 at gmail.com <mailto:aswinunni01 at gmail.com>>) escribió:
> > >>>>
> > >>>>> Hi,
> > >>>>>
> > >>>>> I wanted to build an app that uses the koha API, and so i was
> > testing it
> > >>>>> out, but I keep getting "Authentication Failure" error
> whichever end
> > >>>>> point
> > >>>>> I try to access.
> > >>>>> The steps i did are
> > >>>>>
> > >>>>> 1. Got the client_id / secret from koha
> > >>>>> 2. Sent a POST request to api/v1/oauth/token with required
> parameters
> > >>>>> and
> > >>>>> got an "access_token" returned
> > >>>>> 3. Added the token to my authorization header with
> header-prefix
> > >>>>> "Bearer"
> > >>>>> 4. Sent a GET request to different end points, but getting
> the same
> > 401
> > >>>>> Unauthorized error code with error : Authentication failure
> > >>>>>
> > >>>>> However if i access one of the public end points like
> > >>>>> /api/v1/biblios/{biblio_id} i can get a response
> > >>>>>
> > >>>>> If anyone has any idea why this is happening, please let
> me know.
> > >>>>>
> > >>>>> Thanks in advance,
> > >>>>> Aswin
> > >>>>> _______________________________________________
> > >>>>>
> > >>>>> Koha mailing list http://koha-community.org
> <http://koha-community.org>
> > >>>>> Koha at lists.katipo.co.nz <mailto:Koha at lists.katipo.co.nz>
> > >>>>> Unsubscribe:
> https://lists.katipo.co.nz/mailman/listinfo/koha
> <https://lists.katipo.co.nz/mailman/listinfo/koha>
> > >>>>>
> > >>>>
> > >>>>
> > >>>> --
> > >>>> Tomás Cohen Arazi
> > >>>> Theke Solutions (http://theke.io <http://theke.io>)
> > >>>> ✆ +54 9351 3513384
> > >>>> GPG: B2F3C15F
> > >>>>
> > >>>
> > >>
> > >> --
> > >> Tomás Cohen Arazi
> > >> Theke Solutions (http://theke.io <http://theke.io>)
> > >> ✆ +54 9351 3513384
> > >> GPG: B2F3C15F
> > >>
> > > _______________________________________________
> > >
> > > Koha mailing list http://koha-community.org
> <http://koha-community.org>
> > > Koha at lists.katipo.co.nz <mailto:Koha at lists.katipo.co.nz>
> > > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
> <https://lists.katipo.co.nz/mailman/listinfo/koha>
> > >
> >
> > --
> > Ere Maijala
> > Kansalliskirjasto / The National Library of Finland
> > _______________________________________________
> >
> > Koha mailing list http://koha-community.org
> <http://koha-community.org>
> > Koha at lists.katipo.co.nz <mailto:Koha at lists.katipo.co.nz>
> > Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
> <https://lists.katipo.co.nz/mailman/listinfo/koha>
> >
> _______________________________________________
>
> Koha mailing list http://koha-community.org <http://koha-community.org>
> Koha at lists.katipo.co.nz <mailto:Koha at lists.katipo.co.nz>
> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
> <https://lists.katipo.co.nz/mailman/listinfo/koha>
>
--
Ere Maijala
Kansalliskirjasto / The National Library of Finland
More information about the Koha
mailing list