Contrib.social

Add RPC endpoints for headless authentication

Open on Drupal.org β†’
Created on 14 June 2017, almost 8 years ago
Updated 2 June 2025, 4 days ago

This patch adds support for JSON requests similar to those now supported by the user module in core:
https://www.drupal.org/node/2720655 β†’

So a request such as below:

curl --header "Content-type: application/json" --request POST \
  --data '{"name":"user", "pass":"password"}' \
https://cas.example.com/cas/login\?_format\=json\&service\=https%3A%2F%2Fservice.example.com

Would return the following (with valid credentials):

{"ticket":"ST-biy09zVUMlmnMWxyqvk0S076qRscareV0O03nkMSW6s"}
✨ Feature request
Status

Closed: won't fix

Version

1.0

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States jeremdow

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment 4 days ago β†’
    πŸ‡¦πŸ‡ΊAustralia elc

    A headless login can be achieved using the existing drupal core headless login. Adding yet another login method is adding complexity and duplicating functionality when it doesn't need to be. This patch also appears to bypass the login ticket which is a required step.

    The following can be achieved because this module functions by authenticating a user against the CAS Server site.

    1/ Use the drupal core headless login to get an authenticated session
    2/ Access /cas/login?_format=json&service=https%3A%2F%2Fservice.example.com to get a ST

    Marking as CWF for now. A pressing need and a re-roll against 2.1.x branch would peak my interest again, but I am also currently considering removing the separate login form and using the drupal core one with a destination parameter set so that πŸ’¬ Compatibility with TFA module Active is easily supported. Again, the login form is duplicated functionality.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024