use Mojo::Base 'Mojolicious';
-use Koha::OAuth;
-
use C4::Context;
=head1 NAME
$self->secrets([$secret_passphrase]);
}
- $self->plugin('OAuth2::Server' => Koha::OAuth::config);
$self->plugin(OpenAPI => {
url => $self->home->rel_file("api/v1/swagger/swagger.json"),
route => $self->routes->under('/api/v1')->to('Auth#under'),
use Mojo::Base 'Mojolicious::Controller';
+use Net::OAuth2::AuthorizationServer;
+
use C4::Auth qw( check_cookie_auth get_session haspermission );
use C4::Context;
my $authorization_header = $c->req->headers->authorization;
if ($authorization_header and $authorization_header =~ /^Bearer /) {
- if (my $oauth = $c->oauth) {
+ my $server = Net::OAuth2::AuthorizationServer->new;
+ my $grant = $server->client_credentials_grant(Koha::OAuth::config);
+ my ($type, $token) = split / /, $authorization_header;
+ my ($valid_token, $error) = $grant->verify_access_token(
+ access_token => $token,
+ );
+
+ if ($valid_token) {
my $clients = C4::Context->config('api_client');
$clients = [ $clients ] unless ref $clients eq 'ARRAY';
- my ($client) = grep { $_->{client_id} eq $oauth->{client_id} } @$clients;
+ my ($client) = grep { $_->{client_id} eq $valid_token->{client_id} } @$clients;
my $patron = Koha::Patrons->find($client->{patron_id});
my $permissions = $authorization->{'permissions'};