Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 33708: Allow anonymous access to OAuth endpoints

Browse source 
Users needs anonymous access to OAuth endpoints so that they can
login, and then use authenticated access for other endpoints.

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This commit is contained in:
David Cook 2023-05-10 02:43:44 +00:00 committed by Tomas Cohen Arazi
parent aae996e6bf
commit 05190ed1d9
Signed by: tomascohen
GPG key ID: 0A272EA1B2F3C15F
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Koha/REST/V1/Auth.pm
View file

@ -81,8 +81,8 @@ sub under {
"Configuration prevents the usage of this endpoint by unprivileged users");
}
if ( $c->req->url->to_abs->path eq '/api/v1/oauth/token' ) {
# Requesting a token shouldn't go through the API authentication chain
if ( $c->req->url->to_abs->path =~ m#^/api/v1/oauth/# || $c->req->url->to_abs->path =~ m#^/api/v1/public/oauth/#) {
# Requesting OAuth endpoints shouldn't go through the API authentication chain
$status = 1;
}
elsif ( $namespace eq '' or $namespace eq '.html' ) {