-
-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request OAPIF: support for API-keys via query for API implementing OGC API - Features #2873
Comments
Actually I believe this should already work per aad2cbc |
…l or url in contact object Found when investigating OSGeo/gdal#2873 but doesn't address it
…s returned by the API (relates to #2873)
With the service URL provided, I can confirm this is not a GDAL issue, but a QGIS issue. GDAL works fine (with a minor caveat addressed in commit 0949a99), but QGIS doesn't indeed. QGIS doesn't use the GDAL OAPIF provider, but has its own code. Could you reopen this issue on https://github.com/qgis/QGIS instead ? |
…s returned by the API (relates to #2873)
…l or url in contact object Found when investigating OSGeo/gdal#2873 but doesn't address it
@rouault Thanks for looking at this. I opened a new issue: qgis/QGIS#38436. |
Expected behavior and requested behavior.
When adding a service that implements OGC API - Features and that needs an API-key for implementation, the api-key is stripped of the URL when the driver looks for a specific collection, resulting in a 403 error when that collection is secured. It would be great if the api-key parameter would not be stripped off.
Steps to reproduce the problem.
OGC API - Features service with an API that could look like this (api-key used for all the paths that go deeper than /collections).
(see also http://spec.openapis.org/oas/v3.0.3#securitySchemeObject and http://spec.openapis.org/oas/v3.0.3#non-oauth2-security-requirement)
Even when adding ?api-key=myApiKey to the landing page URL, trying to add the features of a collection like that results in
WARNING Download of collection description failed: Error transferring https://link.to.com/v2/data/collections/collectionId - server replied: Forbidden
Operating system
N/A
GDAL version and provenance
3.2.0
Tested via QGIS:
The text was updated successfully, but these errors were encountered: