Hi all,
I was just setting up Koha to use an OpenID Connect server provided by a Wordpress plugin, and it sent an "iframe" query string parameter along with the "code". I added "iframe" as an optional parameter to public_oauth.yaml which got it working, but it seems an unfortunate workaround. It looks like Koha::REST::V1::Auth::authenticate_api_request validates query parameters and will fail if there's one that isn't in the spec. Most of the time that might be the right thing to do, but I don't think it's the right thing for the OAuth/OIDC routes. What do other people think? David Cook Senior Software Engineer Prosentient Systems Suite 7.03 6a Glen St Milsons Point NSW 2061 Australia Office: 02 9212 0899 Online: 02 8005 0595
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : https://www.koha-community.org/ git : https://git.koha-community.org/ bugs : https://bugs.koha-community.org/
