I think a machine-to-machine authentication is what fits better for Koha-Coral interface, but anything that doesn't require end-user interaction would be good.
I guess I'll have to do some reading about OAuth :) Thanks. Le 27/02/2018 à 23:21, David Cook a écrit : > Julian, could you say more about how you want to authenticate with Koha? > > > > I’ve struggled in the past using OAuth2 for machine-to-machine > authorization… although that Auth0 link that Tomas provided seems to > suggest it is possible. Spotify uses OAuth2 for its REST API, and I had > to do a bit of a workaround to get it working for machine-to-machine > auth, but maybe that was an issue with their OAuth2 server or my lack of > knowledge at the time. > > > > I’m guessing you might want to look at > https://auth0.com/docs/api-auth/grant/client-credentials, although it > depends on whether you want the end user to access their account in Koha > interactively or if you’re just looking for a way of authenticating with > Koha on the backend I think. > > > > I hadn’t heard of this flow before so I think I’ll have to look at it > again when I one day have time for hobbies… > > > > David Cook > > Systems Librarian > > Prosentient Systems > > 72/330 Wattle St > > Ultimo, NSW 2007 > > Australia > > > > Office: 02 9212 0899 > > Direct: 02 8005 0595 > > > > *From:*koha-devel-boun...@lists.koha-community.org > [mailto:koha-devel-boun...@lists.koha-community.org] *On Behalf Of > *Tomas Cohen Arazi > *Sent:* Wednesday, 28 February 2018 2:15 AM > *To:* Julian Maurice <julian.maur...@biblibre.com> > *Cc:* koha-devel@lists.koha-community.org > *Subject:* Re: [Koha-devel] REST API authentication for external clients > > > > Hi Julian, we need to implement an OAuth2 server inside Koha, using > Mojolicious::Plugin::OAuth2::Server [1]. I've worked on an endpoint for > authenticating the API against a generic OAuth2 server (as a way to be > able to test it :-D). I will file a bug very soon for that. My idea was > then to implement the server... > > > > OAuth2 proposes several authorization flows, and the plugin (actually > the server library) implements all of them. [2] > > > > Hope it helps. I haven't managed to have the time to do it! > > > > [1] https://metacpan.org/pod/Mojolicious::Plugin::OAuth2::Server > > [2] https://auth0.com/docs/api-auth/which-oauth-flow-to-use > > > > > > El mar., 27 feb. 2018 a las 12:04, Julian Maurice > (<julian.maur...@biblibre.com <mailto:julian.maur...@biblibre.com>>) > escribió: > > Hi all, > > As you may know [1], BibLibre is working on an interface between Koha > and Coral. To achieve that, Coral uses the Koha REST API. But we are > facing a problem that is becoming really blocking : the lack of a proper > authentication system for the REST API. > > At the moment, the only way to authenticate to the API is based on > cookies. It works well for client-side javascript inside Koha, but it's > not really usable by external clients. > > Is there someone here who use this API outside of Koha ? > If so, how do you authenticate to it ? > > I think we really need an authentication mechanism other than cookies, > so people can actually start using the API. > > There is bug 13920 [2] that hasn't moved since 8 months. I remember that > some people disagreed with this patchset because it is crafting a custom > authentication system instead of using some "standard" one (I remember > OAuth was mentioned). > Do you know of any "standard" auth system that we can implement, or > existing Perl libraries we can use ? > > > [1]: > > http://lists.koha-community.org/pipermail/koha-devel/2017-January/043430.html > [2]: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13920 > > -- > Julian Maurice <julian.maur...@biblibre.com > <mailto:julian.maur...@biblibre.com>> > BibLibre > _______________________________________________ > Koha-devel mailing list > Koha-devel@lists.koha-community.org > <mailto:Koha-devel@lists.koha-community.org> > http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel > website : http://www.koha-community.org/ > git : http://git.koha-community.org/ > bugs : http://bugs.koha-community.org/ > > -- > > Tomás Cohen Arazi > > Theke Solutions (https://theke.io <http://theke.io/>) > ✆+54 9351 3513384 > GPG: B2F3C15F > -- Julian Maurice <julian.maur...@biblibre.com> BibLibre _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/