Move services using rest.php to new authx-based endpoint
There are services querying /vendor/civicrm/civicrm-core/extern/rest.php
, such as the ldapcivi
service used by Gitlab. This endpoint is long deprecated.
-
Migrate civildap to new endopint -
Migrate CiviCRM Spark Aegir servers to new endpoint (they fetch client information for the site setup)
Suggestions from Tim:
needs authx, and it may need to set a header for XMLHttpRequest
actually, with https://github.com/civicrm/civicrm-core/pull/19727, it would be simpler to switch
or another way is to change &key=MY_SITE_KEY&api_key=MY_API_KEY to &_authx=Bearer+MY_API_KEY
in each case, you probably need to relax a setting
from the bottom of docs, this is an example which allows all kinds of
cv ev 'Civi::settings()->set("authx_guards", []);'
cv ev 'Civi::settings()->set("authx_param_cred", ["jwt", "api_key", "pass"]);'
cv ev 'Civi::settings()->set("authx_header_cred", ["jwt", "api_key", "pass"]);'
cv ev 'Civi::settings()->set("authx_xheader_cred", ["jwt", "api_key", "pass"]);'
cv ev 'Civi::settings()->set("authx_login_cred", ["jwt", "api_key", "pass"]);'
cv ev 'Civi::settings()->set("authx_auto_cred", ["jwt", "api_key", "pass"]);'
here, you probably want something narrower like
cv ev 'Civi::settings()->set("authx_param_cred", ["jwt", "api_key"]);'
## Allow JWT+API keys to come in via `?_authx=...` param
cc @totten