IRC log for #koha, 2024-04-08

← Previous day | Today | Next day → | Search | Index

All times shown according to UTC.

Time Nick Message
06:29 * magnuse waves in the general direction of Marseille
06:30 ashimema morning magnuse
06:30 magnuse bonjour!
06:30 the early bird gets the worm?
06:32 lds joined #koha
06:33 * magnuse wonders what people do if they have external services that need to authenticate Koha-users through the REST API, but the service should only be avaiable to some of the users, based on something like patron category or an individual setting per user
06:34 reiveune joined #koha
06:34 reiveune hello
06:35 dcook magnuse: *covers my ears*
06:35 * dcook also waves to folks in France (and other places)
06:35 magnuse bonjour reiveune
06:36 dcook magnuse: I suppose for a use case like that... you'd have to lookup the user first, apply whatever filtering, and then only do the auth then
06:37 With the Keycloak extension I did, I do a patron lookup across a few criteria, and then only attempt auth if I find a matching patron
06:37 magnuse dcook: yeah, that sounds reasonable, but how to implement that? hack the api or could it be done with a plugin?
06:37 dcook Note I forbid any APIs calls to the OPAC other than "public" calls, and then I also restrict the admin REST API by IP
06:37 magnuse ah keycloak, eh
06:37 dcook Doesn't need to be hacked
06:37 But the logic would be consumer-side
06:37 Or if you wanted to embed it in Koha I'd go with a plugin
06:38 magnuse: Yeah I put that Keycloak extension somewhere...
06:39 magnuse could a plugin infiltrate itself into the standard api, or would it have to provide a separate endpoint/service?
06:40 and if different services should use the same api, how would koha know which logic to apply?
06:40 dcook Different endpoint
06:40 magnuse ok, cool
06:41 dcook However you like
06:41 Phenomenal cosmic power... itty bitty living space...
06:42 The plugin is so powerful you could do anything
06:42 * ashimema wants to try and do some new OAuth grant flows
06:42 dcook ashimema: Oh my... you know just what to say...
06:42 * dcook is onboard for this idea
06:42 magnuse yeah, was mostly wondering if there was some magic that could be done with the standard api
06:43 ashimema we only support the most basic one really.. I'd like to see us to a few other flows..
06:43 dcook There is no such thing as magic O_O
06:43 hehe
06:43 * ashimema tries to remember the grant flow he's especially interested in.
06:43 dcook magnuse: What's the use case? You can DM me if you don't want to post it here
06:43 ashimema it's on the list to discuss api masquerading at hackfest... i'm kinda hoping that also lets me ask this question again and get someone to help work on it..
06:44 * dcook isn't at all trying to do 3 things at once right now
06:44 dcook ashimema: Are you at the hackfest?
06:44 Or remoting in?
06:44 ashimema the main issue I've had is our underlying permissions system.. it's a bit of a mess to try and do this
06:44 dcook ^
06:44 ashimema I'm at Hackfest 🙂
06:44 dcook :3
06:44 ashimema my whole team is here 🙂
06:44 dcook I wish that I was as well.. seems like a good year for it
06:45 ashimema well.. Alexander will be soon enough.. he's the straggler but should hopefully join us in the next few days..
06:45 we'll have 7! here this year
06:45 dcook Nice!
06:45 I hope it's a really productive time :D
06:45 Is it just this week?
06:46 ashimema I'm putting together my KohaCon proposal next week.. already got permission to go loosely agreed anyway though 🙂
06:46 dcook I've got a hectic few days, but maybe I can pick up some slack towards the end of the week..
06:46 ashimema hopefully see yout here
06:46 dcook I sure hope so :)
06:46 ashimema yeah.. just the week.. never get enough done
06:46 dcook Story of my life
06:47 ashimema Hackfest is taking a slightly different format this year though :).. I have been plannning it with my team here for weeks.. when I shared our target list with Paul he turned it into a set of 'Tracks' and now we have three parallel tracks running each with a "lead"
06:47 dcook Oooh that sounds good
06:48 ashimema so I'm leading a track and encouraging discussions and coding to happen around it.
06:48 dcook What's your track called?
06:48 ashimema just up early having a coffee and working out how I'm going to do that.. lol... being on vacation last week means I'm jumping in at the deep end a little again..
06:49 I'm on the 'Side' track (which I think is the 'it didn't fit anywhere else' track.. lol)
06:49 one sec.. I'll dig out the sheet.. no reason not to share it
06:49 https://docs.google.com/spread[…]/edit?usp=sharing
06:49 those are the hackfest plans
06:50 magnuse dcook: nothing specific yet, the scenario is just different external services that need to authenticate Koha users, and "filtering" which Koha users should be allowed to authenticate
06:51 dcook ashimema: Oh neat. I like the sound of a lot of these things, although I'm not sure what API Masquerading is
06:51 ashimema the Topics tab is the interesting one
06:51 dcook That's the one I'm on haha
06:52 ashimema right now we only do client credentials grant so you create an API user and just login as that.. we have systems that want to login as the client user but 'act' as the patron or staff user
06:52 dcook magnuse: So one way of doing that could be using SSO and attributes in the Identity Provider
06:53 ashimema acting on behalf of a user
06:53 dcook ashimema: Oh yes, I think we talked about this once..
06:54 Actually if I understand...
06:54 ashimema in reality what we really sohuld have is 'code grant' flow I reckon
06:54 dcook I'm not sure I follow the use case quite..
06:54 ashimema where you identify both parties anyway and the end user picks which of their permissions the client can access
06:55 right now we can't easily identify client vs user for api calls
06:56 dcook brb
07:03 And back but really should be running
07:03 ummm
07:04 Yeah, that use case is one I've definitely wanted to work on more as well
07:06 The particular supplier who needed it isn't in the mix anymore I think
07:06 ashimema I'm heading up the road now to find the offices..
07:06 catch you later chaps
07:07 dcook "where you identify both parties anyway and the end user picks which of their permissions the client can access" this seemed more common pre-OIDC of course
07:07 We'd want to think of something in a SSO context I think..
07:07 paulderscheid[m] morning #koha
07:07 dcook Yeah I better run
07:07 laterz ashimema and co
07:11 matts_ joined #koha
07:17 cait joined #koha
07:19 cait joined #koha
07:43 * magnuse waves in the general direction of Marseille
08:27 thibaud_g joined #koha
08:55 dolf joined #koha
08:58 dolf Hi. I upgraded from Koha 22.05 to 22.11 today (slowly catching up on all those missed releases). In Koha 22.05, I was using exactly this config for cover images: https://bywatersolutions.com/e[…]come-from-in-koha After the upgrade to 22.11, the cover images are missing. Any ideas how I could debug this or what I should check for?
09:02 matts_hackfest joined #koha
09:02 dolf Example: https://library.refstudycentre[…]y&weight_search=1
09:04 kidclamp joined #koha
09:09 ashimema Joubu: around?
09:31 krimsonkharne[m] g'day #koha
09:36 thibaud_g joined #koha
10:09 magnuse_ joined #koha
10:14 magnuse_ did we implement 2fa for the opac yet? i thought there was an issue about that but couldn't find it
10:19 aude_c[m] Can't find the bug for it either 🧐
11:05 jzairo joined #koha
12:00 lds joined #koha
12:18 clrh joined #koha
12:18 clrh hi here
12:23 khall joined #koha
12:25 magnuse_ bonjour clrh
12:29 caroline joined #koha
12:31 caroline good morning!
12:38 magnuse hiya caroline
12:38 is there a difference between renewsCheckout and renewCheckout in the REST API?
12:45 bag joined #koha
12:52 khall joined #koha
12:53 clrh hello magnuse
13:17 asellerate joined #koha
13:18 asellerate joined #koha
13:28 alex joined #koha
13:45 alex joined #koha
13:48 bag joined #koha
14:07 bag joined #koha
14:16 khall joined #koha
14:31 Dyrcona joined #koha
14:38 alex joined #koha
15:01 reiveune left #koha
15:10 khall joined #koha
15:33 khall joined #koha
15:33 thibaud_g joined #koha
16:45 Joubu_ joined #koha
16:46 tcohen_ joined #koha
17:48 wise_mike[m] joined #koha
17:48 StVincentMaintenance[m] joined #koha
17:48 arkibus[m] joined #koha
17:48 JasonGreene[m] joined #koha
17:48 KakhaberRevazishvili[m] joined #koha
17:48 Megu[m] joined #koha
17:48 ArvindNaikwadi[m] joined #koha
17:48 afr4z[m] joined #koha
17:48 KodoKorkalo[m] joined #koha
17:48 GeorgeWilliams[m] joined #koha
17:48 LaurentDucos[m] joined #koha
18:09 ArvindNaikwadi[m] joined #koha
18:09 LaurentDucos[m] joined #koha
18:10 StVincentMaintenance[m] joined #koha
19:28 khall joined #koha
20:26 khall joined #koha
20:39 mtj hi #koha, bonjour #hackfest
21:13 jzairo joined #koha
21:19 alohabot joined #koha

← Previous day | Today | Next day → | Search | Index

koha1