Bug 33708: Allow anonymous access to OAuth endpoints
Users needs anonymous access to OAuth endpoints so that they can
login, and then use authenticated access for other endpoints.
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 05190ed1d9
)
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
This commit is contained in:
parent
12c4eb1e02
commit
d4d69ade8c
1 changed files with 2 additions and 2 deletions
|
@ -81,8 +81,8 @@ sub under {
|
|||
"Configuration prevents the usage of this endpoint by unprivileged users");
|
||||
}
|
||||
|
||||
if ( $c->req->url->to_abs->path eq '/api/v1/oauth/token' ) {
|
||||
# Requesting a token shouldn't go through the API authentication chain
|
||||
if ( $c->req->url->to_abs->path =~ m#^/api/v1/oauth/# || $c->req->url->to_abs->path =~ m#^/api/v1/public/oauth/#) {
|
||||
# Requesting OAuth endpoints shouldn't go through the API authentication chain
|
||||
$status = 1;
|
||||
}
|
||||
elsif ( $namespace eq '' or $namespace eq '.html' ) {
|
||||
|
|
Loading…
Reference in a new issue