Koha/api/v1/swagger/paths at a8a356404c197e45eedc6c01847cf1811a1cc037 - Koha-community/Koha - Koha: The world's first free and open source library system

History

David Cook a8a356404c Bug 30962: REST API: Add endpoint /auth/password/validation This patch adds an endpoint for /auth/password/validation This allows a third-party, using an authenticated and authorized Koha API user, to check if the username and password given by a user is correct in Koha. For example, a Keycloak extension can be created using its User Storage SPI to use Koha as the user database for Keycloak. This API allows us to authenticate the user as a particular Koha user - without creating a Koha user session for them. Test plan: 0. Apply patch and koha-plack --restart kohadev 1. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=RESTBasicAuth 2. Enable "RESTBasicAuth" 3. Run the following commands while substituting correct values for <koha_user> and <koha_password> 3. curl -XPOST -H "Content-Type: application/json" -u <koha_user>:<koha_password> http://localhost:8081/api/v1/auth/password/validation -d '{ "username": "<koha_username">, "password": "<koha_password>" }' -v 4. Note "204 No Content" response 5. curl -XPOST -H "Content-Type: application/json" -u <koha_user>:<koha_password> http://localhost:8081/api/v1/auth/password/validation -d '{ "username": "<koha_username">, "password": "this is definitely not the password" }' -v 6. Note "400 Bad Request" response and error message {"error":"Validation failed"} Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>		2023-02-03 10:30:11 -03:00
..
acquisitions_baskets.yaml
acquisitions_funds.yaml
acquisitions_orders.yaml
acquisitions_vendors.yaml
advancededitormacros.yaml
article_requests.yaml
auth.yaml	Bug 30962: REST API: Add endpoint /auth/password/validation	2023-02-03 10:30:11 -03:00
biblios.yaml
biblios_item_groups.yaml
cash_registers.yaml
checkouts.yaml
circulation-rules.yaml
cities.yaml
clubs.yaml
config_smtp_servers.yaml
erm_agreements.yaml	Bug 32030: Max document file size - REST API spec	2022-11-08 09:44:45 -03:00
erm_documents.yaml	Bug 32030: Add document to license - REST API spec	2022-11-08 09:44:31 -03:00
erm_eholdings_packages.yaml	Bug 32030: Add Notes field to erm_eholdings_packages table	2022-11-08 09:44:26 -03:00
erm_eholdings_packages_resources.yaml	Bug 32030: Make the ERMProviders syspref multivaluated	2022-11-08 09:44:09 -03:00
erm_eholdings_resources.yaml	Bug 32030: ERM EHoldings Resources - Remove inexistent 'resources' embed from resources	2022-11-08 09:44:40 -03:00
erm_eholdings_titles.yaml	Bug 32030: Add missing additionalProperties to /erm/eholdings/local/titles/import	2022-11-09 09:48:34 -03:00
erm_eholdings_titles_resources.yaml	Bug 32030: Make the ERMProviders syspref multivaluated	2022-11-08 09:44:09 -03:00
erm_licenses.yaml	Bug 32030: Add users to licenses - REST API Spec	2022-11-08 09:44:49 -03:00
erm_users.yaml	Bug 32030: Proxy with HoldingsIQ	2022-11-08 09:44:07 -03:00
holds.yaml	Bug 24860: Implement reserves.item_group_id	2022-11-04 19:39:55 -03:00
ill_backends.yaml
illrequests.yaml
import_batch_profiles.yaml
import_batches.yaml
items.yaml	Bug 31797: Add DELETE /items/:item_id endpoint	2023-01-30 12:20:44 -03:00
jobs.yaml
libraries.yaml
oauth.yaml	Bug 32354: Accept session_state param given by OAuth IdP	2022-12-07 12:58:32 -03:00
patrons.yaml
patrons_account.yaml
patrons_extended_attributes.yaml
patrons_holds.yaml
patrons_password.yaml
public_oauth.yaml	Bug 32354: Accept session_state param given by OAuth IdP	2022-12-07 12:58:32 -03:00
public_patrons.yaml
quotes.yaml
return_claims.yaml
rotas.yaml
search_filters.yaml
suggestions.yaml
transfer_limits.yaml