From: Marcin Haba <marcin.haba@bacula.pl>
Date: Sat, 3 Aug 2019 06:03:09 +0000 (+0200)
Subject: baculum: Split API panel, oauth, api and page parts into separate services
X-Git-Tag: Release-9.6.0~160
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2aff2232f3f1835d5482b6e3623c75c6b681ec04;p=thirdparty%2Fbacula.git

baculum: Split API panel, oauth, api and page parts into separate services
---

diff --git a/gui/baculum/examples/deb-template/baculum-api-apache.conf b/gui/baculum/examples/deb-template/baculum-api-apache.conf
index 73277c1aa..17b96939f 100644
--- a/gui/baculum/examples/deb-template/baculum-api-apache.conf
+++ b/gui/baculum/examples/deb-template/baculum-api-apache.conf
@@ -15,10 +15,15 @@ Listen 9096
 	<Directory %DOCUMENTROOT>
 		Options +FollowSymLinks
 		RewriteEngine On
+
+		RewriteCond %{REQUEST_URI} ^/index\.php$ [OR]
+		RewriteCond %{REQUEST_URI} ^/$
+		RewriteRule ^(.+)$ /panel? [L]
+
 		RewriteCond %{REQUEST_FILENAME} !-d
 		RewriteCond %{REQUEST_FILENAME} !-f
 		RewriteRule ^(.+)$ index.php/$1 [L]
-		RedirectMatch ^/$ /api/?api
+
 		# Apache 2.2
 		<IfModule !mod_authz_core.c>
 			Order Allow,Deny
@@ -34,12 +39,12 @@ Listen 9096
 	# From: <Directory %DOCUMENTROOT>
 	#            ...section body...
 	#       </Directory>
-	# To:   <Location /api/page>
+	# To:   <Location /panel>
 	#            ...section body...
 	#       </Location>
 	#
 	<Directory %DOCUMENTROOT>
-	#<Location /api/page>
+	#<Location /panel>
 		AuthType Basic
 		AuthName "Baculum Auth"
 		AuthUserFile %DOCUMENTROOT/protected/API/Config/baculum.users
diff --git a/gui/baculum/examples/deb-template/baculum-api-lighttpd.conf b/gui/baculum/examples/deb-template/baculum-api-lighttpd.conf
index 0dede50ce..9887a634d 100644
--- a/gui/baculum/examples/deb-template/baculum-api-lighttpd.conf
+++ b/gui/baculum/examples/deb-template/baculum-api-lighttpd.conf
@@ -32,7 +32,7 @@ server.modules = (
 #
 # Uncomment this line and closing braces below when you use OAuth2
 #
-# $HTTP["url"] =~ "^/web/page/.*$" {
+#$HTTP["url"] =~ "^/panel.*$" {
 	auth.backend = "htpasswd"
 	auth.backend.htpasswd.userfile = "%DOCUMENTROOT/protected/API/Config/baculum.users"
 	auth.require = ( "/" => (
@@ -41,7 +41,7 @@ server.modules = (
 		"require" => "valid-user"
 		)
 	)
-# }
+#}
 
 index-file.names = ( "index.php" )
 
@@ -85,7 +85,7 @@ fastcgi.server = (
 url.rewrite-once = (
 	"^/themes/(.+)$" => "/themes/$1",
 	"^/assets/(.+)$" => "/assets/$1",
-	"^/$" => "/index.php/api/page/home/",
+	"^/((index\.php)?\?.+)?$" => "/index.php/panel/",
 	"^/(.+)$" => "/index.php/$1"
 )
 
diff --git a/gui/baculum/examples/deb/baculum-api-apache.conf b/gui/baculum/examples/deb/baculum-api-apache.conf
index f84e3753e..8b14fd345 100644
--- a/gui/baculum/examples/deb/baculum-api-apache.conf
+++ b/gui/baculum/examples/deb/baculum-api-apache.conf
@@ -15,10 +15,15 @@ Listen 9096
 	<Directory /usr/share/baculum/htdocs>
 		Options +FollowSymLinks
 		RewriteEngine On
+
+		RewriteCond %{REQUEST_URI} ^/index\.php$ [OR]
+		RewriteCond %{REQUEST_URI} ^/$
+		RewriteRule ^(.+)$ /panel? [L]
+
 		RewriteCond %{REQUEST_FILENAME} !-d
 		RewriteCond %{REQUEST_FILENAME} !-f
 		RewriteRule ^(.+)$ index.php/$1 [L]
-		RedirectMatch ^/$ /api/?api
+
 		# Apache 2.2
 		<IfModule !mod_authz_core.c>
 			Order Allow,Deny
@@ -34,12 +39,12 @@ Listen 9096
 	# From: <Directory /usr/share/baculum/htdocs>
 	#            ...section body...
 	#       </Directory>
-	# To:   <Location /api/page>
+	# To:   <Location /panel>
 	#            ...section body...
 	#       </Location>
 	#
 	<Directory /usr/share/baculum/htdocs>
-	#<Location /api/page>
+	#<Location /panel>
 		AuthType Basic
 		AuthName "Baculum Auth"
 		AuthUserFile /usr/share/baculum/htdocs/protected/API/Config/baculum.users
diff --git a/gui/baculum/examples/deb/baculum-api-lighttpd.conf b/gui/baculum/examples/deb/baculum-api-lighttpd.conf
index a5fb34028..422b42dd6 100644
--- a/gui/baculum/examples/deb/baculum-api-lighttpd.conf
+++ b/gui/baculum/examples/deb/baculum-api-lighttpd.conf
@@ -32,7 +32,7 @@ server.modules = (
 #
 # Uncomment this line and closing braces below when you use OAuth2
 #
-# $HTTP["url"] =~ "^/web/page/.*$" {
+#$HTTP["url"] =~ "^/panel.*$" {
 	auth.backend = "htpasswd"
 	auth.backend.htpasswd.userfile = "/usr/share/baculum/htdocs/protected/API/Config/baculum.users"
 	auth.require = ( "/" => (
@@ -41,7 +41,7 @@ server.modules = (
 		"require" => "valid-user"
 		)
 	)
-# }
+#}
 
 index-file.names = ( "index.php" )
 
@@ -85,7 +85,7 @@ fastcgi.server = (
 url.rewrite-once = (
 	"^/themes/(.+)$" => "/themes/$1",
 	"^/assets/(.+)$" => "/assets/$1",
-	"^/$" => "/index.php/api/page/home/",
+	"^/((index\.php)?\?.+)?$" => "/index.php/panel/",
 	"^/(.+)$" => "/index.php/$1"
 )
 
diff --git a/gui/baculum/examples/rpm-template/baculum-api-apache.conf b/gui/baculum/examples/rpm-template/baculum-api-apache.conf
index 73277c1aa..17b96939f 100644
--- a/gui/baculum/examples/rpm-template/baculum-api-apache.conf
+++ b/gui/baculum/examples/rpm-template/baculum-api-apache.conf
@@ -15,10 +15,15 @@ Listen 9096
 	<Directory %DOCUMENTROOT>
 		Options +FollowSymLinks
 		RewriteEngine On
+
+		RewriteCond %{REQUEST_URI} ^/index\.php$ [OR]
+		RewriteCond %{REQUEST_URI} ^/$
+		RewriteRule ^(.+)$ /panel? [L]
+
 		RewriteCond %{REQUEST_FILENAME} !-d
 		RewriteCond %{REQUEST_FILENAME} !-f
 		RewriteRule ^(.+)$ index.php/$1 [L]
-		RedirectMatch ^/$ /api/?api
+
 		# Apache 2.2
 		<IfModule !mod_authz_core.c>
 			Order Allow,Deny
@@ -34,12 +39,12 @@ Listen 9096
 	# From: <Directory %DOCUMENTROOT>
 	#            ...section body...
 	#       </Directory>
-	# To:   <Location /api/page>
+	# To:   <Location /panel>
 	#            ...section body...
 	#       </Location>
 	#
 	<Directory %DOCUMENTROOT>
-	#<Location /api/page>
+	#<Location /panel>
 		AuthType Basic
 		AuthName "Baculum Auth"
 		AuthUserFile %DOCUMENTROOT/protected/API/Config/baculum.users
diff --git a/gui/baculum/examples/rpm-template/baculum-api-lighttpd.conf b/gui/baculum/examples/rpm-template/baculum-api-lighttpd.conf
index ef3599214..bbc7c481b 100644
--- a/gui/baculum/examples/rpm-template/baculum-api-lighttpd.conf
+++ b/gui/baculum/examples/rpm-template/baculum-api-lighttpd.conf
@@ -32,7 +32,7 @@ server.modules = (
 #
 # Uncomment this line and closing braces below when you use OAuth2
 #
-# $HTTP["url"] =~ "^/web/page/.*$" {
+#$HTTP["url"] =~ "^/panel.*$" {
 	auth.backend = "htpasswd"
 	auth.backend.htpasswd.userfile = "%DOCUMENTROOT/protected/API/Config/baculum.users"
 	auth.require = ( "/" => (
@@ -41,7 +41,7 @@ server.modules = (
 		"require" => "valid-user"
 		)
 	)
-# }
+#}
 
 index-file.names = ( "index.php" )
 
@@ -85,7 +85,7 @@ fastcgi.server = (
 url.rewrite-once = (
 	"^/themes/(.+)$" => "/themes/$1",
 	"^/assets/(.+)$" => "/assets/$1",
-	"^/$" => "/index.php/api/page/home/",
+	"^/((index\.php)?\?.+)?$" => "/index.php/panel/",
 	"^/(.+)$" => "/index.php/$1"
 )
 
diff --git a/gui/baculum/examples/rpm/baculum-api-apache.conf b/gui/baculum/examples/rpm/baculum-api-apache.conf
index 64a13e37b..65e3fb81b 100644
--- a/gui/baculum/examples/rpm/baculum-api-apache.conf
+++ b/gui/baculum/examples/rpm/baculum-api-apache.conf
@@ -15,10 +15,15 @@ Listen 9096
 	<Directory /usr/share/baculum/htdocs>
 		Options +FollowSymLinks
 		RewriteEngine On
+
+		RewriteCond %{REQUEST_URI} ^/index\.php$ [OR]
+		RewriteCond %{REQUEST_URI} ^/$
+		RewriteRule ^(.+)$ /panel? [L]
+
 		RewriteCond %{REQUEST_FILENAME} !-d
 		RewriteCond %{REQUEST_FILENAME} !-f
 		RewriteRule ^(.+)$ index.php/$1 [L]
-		RedirectMatch ^/$ /api/?api
+
 		# Apache 2.2
 		<IfModule !mod_authz_core.c>
 			Order Allow,Deny
@@ -34,12 +39,12 @@ Listen 9096
 	# From: <Directory /usr/share/baculum/htdocs>
 	#            ...section body...
 	#       </Directory>
-	# To:   <Location /api/page>
+	# To:   <Location /panel>
 	#            ...section body...
 	#       </Location>
 	#
 	<Directory /usr/share/baculum/htdocs>
-	#<Location /api/page>
+	#<Location /panel>
 		AuthType Basic
 		AuthName "Baculum Auth"
 		AuthUserFile /usr/share/baculum/htdocs/protected/API/Config/baculum.users
diff --git a/gui/baculum/examples/rpm/baculum-api-lighttpd.conf b/gui/baculum/examples/rpm/baculum-api-lighttpd.conf
index fe19b62ab..4c0a56f85 100644
--- a/gui/baculum/examples/rpm/baculum-api-lighttpd.conf
+++ b/gui/baculum/examples/rpm/baculum-api-lighttpd.conf
@@ -32,7 +32,7 @@ server.modules = (
 #
 # Uncomment this line and closing braces below when you use OAuth2
 #
-# $HTTP["url"] =~ "^/web/page/.*$" {
+#$HTTP["url"] =~ "^/panel.*$" {
 	auth.backend = "htpasswd"
 	auth.backend.htpasswd.userfile = "/usr/share/baculum/htdocs/protected/API/Config/baculum.users"
 	auth.require = ( "/" => (
@@ -41,7 +41,7 @@ server.modules = (
 		"require" => "valid-user"
 		)
 	)
-# }
+#}
 
 index-file.names = ( "index.php" )
 
@@ -85,7 +85,7 @@ fastcgi.server = (
 url.rewrite-once = (
 	"^/themes/(.+)$" => "/themes/$1",
 	"^/assets/(.+)$" => "/assets/$1",
-	"^/$" => "/index.php/api/page/home/",
+	"^/((index\.php)?\?.+)?$" => "/index.php/panel/",
 	"^/(.+)$" => "/index.php/$1"
 )
 
diff --git a/gui/baculum/protected/API/Class/OAuth2/BaculumOAuth2.php b/gui/baculum/protected/API/Class/OAuth2/BaculumOAuth2.php
index 7f2b753c2..43c2dfc32 100644
--- a/gui/baculum/protected/API/Class/OAuth2/BaculumOAuth2.php
+++ b/gui/baculum/protected/API/Class/OAuth2/BaculumOAuth2.php
@@ -3,7 +3,7 @@
  * Bacula(R) - The Network Backup Solution
  * Baculum   - Bacula web interface
  *
- * Copyright (C) 2013-2017 Kern Sibbald
+ * Copyright (C) 2013-2019 Kern Sibbald
  *
  * The main author of Baculum is Marcin Haba.
  * The original author of Bacula is Kern Sibbald, with contributions
@@ -101,6 +101,7 @@ class BaculumOAuth2 extends OAuth2 {
 			$error['state'] = $state;
 		}
 
+		header('Content-Type: application/json');
 		header($header);
 		echo json_encode($error);
 		exit();
diff --git a/gui/baculum/protected/API/Pages/Panel/MainPage.php b/gui/baculum/protected/API/Class/OAuthUrlMapping.php
similarity index 58%
rename from gui/baculum/protected/API/Pages/Panel/MainPage.php
rename to gui/baculum/protected/API/Class/OAuthUrlMapping.php
index 8a798b532..80e343fe0 100644
--- a/gui/baculum/protected/API/Pages/Panel/MainPage.php
+++ b/gui/baculum/protected/API/Class/OAuthUrlMapping.php
@@ -3,7 +3,7 @@
  * Bacula(R) - The Network Backup Solution
  * Baculum   - Bacula web interface
  *
- * Copyright (C) 2013-2017 Kern Sibbald
+ * Copyright (C) 2013-2019 Kern Sibbald
  *
  * The main author of Baculum is Marcin Haba.
  * The original author of Bacula is Kern Sibbald, with contributions
@@ -20,21 +20,15 @@
  * Bacula(R) is a registered trademark of Kern Sibbald.
  */
 
-Prado::using('Application.API.Class.BaculumAPIPage');
+Prado::using('System.Web.TUrlMapping');
 
-class MainPage extends BaculumAPIPage {
+class OAuthUrlMapping extends TUrlMappingPattern {
 
-	public $auth_params;
+	const SERVICE_ID = 'oauth';
 
-	public function onInit($param) {
-		parent::onInit($param);
-		$url = $this->getRequest()->getUrl()->getPath();
-		$params = explode('/', $url);
-		if ($url === '/' || (count($params) === 3 && $params[1] === 'api') || (count($params) >= 3 && $params[2] === 'page')) {
-			$this->goToPage('Panel.APIHome');
-		} else {
-			$this->goToPage('API.Welcome');
-		}
+	public function __construct(BaculumUrlMapping $manager) {
+		parent::__construct($manager);
+		$this->setServiceID(self::SERVICE_ID);
 	}
 }
 ?>
diff --git a/gui/baculum/protected/API/Class/PanelUrlMapping.php b/gui/baculum/protected/API/Class/PanelUrlMapping.php
new file mode 100644
index 000000000..f6c7b8db6
--- /dev/null
+++ b/gui/baculum/protected/API/Class/PanelUrlMapping.php
@@ -0,0 +1,34 @@
+<?php
+/*
+ * Bacula(R) - The Network Backup Solution
+ * Baculum   - Bacula web interface
+ *
+ * Copyright (C) 2013-2019 Kern Sibbald
+ *
+ * The main author of Baculum is Marcin Haba.
+ * The original author of Bacula is Kern Sibbald, with contributions
+ * from many others, a complete list can be found in the file AUTHORS.
+ *
+ * You may use this file and others of this release according to the
+ * license defined in the LICENSE file, which includes the Affero General
+ * Public License, v3.0 ("AGPLv3") and some additional permissions and
+ * terms pursuant to its AGPLv3 Section 7.
+ *
+ * This notice must be preserved when any source code is
+ * conveyed and/or propagated.
+ *
+ * Bacula(R) is a registered trademark of Kern Sibbald.
+ */
+
+Prado::using('System.Web.TUrlMapping');
+
+class PanelUrlMapping extends TUrlMappingPattern {
+
+	const SERVICE_ID = 'panel';
+
+	public function __construct(BaculumUrlMapping $manager) {
+		parent::__construct($manager);
+		$this->setServiceID(self::SERVICE_ID);
+	}
+}
+?>
diff --git a/gui/baculum/protected/API/Pages/config.xml b/gui/baculum/protected/API/Pages/API/config.xml
similarity index 77%
rename from gui/baculum/protected/API/Pages/config.xml
rename to gui/baculum/protected/API/Pages/API/config.xml
index 65e2c34a2..25baaf7e8 100644
--- a/gui/baculum/protected/API/Pages/config.xml
+++ b/gui/baculum/protected/API/Pages/API/config.xml
@@ -1,9 +1,10 @@
 <configuration>
 	<paths>
-		<using namespace="System.I18N.*" />
 		<using namespace="Application.API.Class.BaculumAPIServer" />
 	</paths>
 	<modules>
+		<!-- auth modules -->
+		<module id="oauth2_token" class="Application.API.Class.OAuth2.TokenManager" />
 		<!-- database modules -->
 		<module id="db" class="Application.API.Class.Database" />
 		<module id="client" class="Application.API.Class.ClientManager" />
@@ -21,20 +22,10 @@
 		<module id="api_config" class="Application.API.Class.APIConfig" />
 		<module id="bacula_config" class="Application.API.Class.BaculaConfig" />
 		<module id="bacula_setting" class="Application.API.Class.BaculaSetting" />
-		<!-- internalization modules -->
-		<module id="globalization" class="TGlobalization">
-			<translation type="gettext" source="Application.API.Lang" marker="@@" autosave="false" cache="false" DefaultCulture="en" />
-		</module>
 		<!-- logging modules -->
 		<module id="log" class="System.Util.TLogRouter">
 			<route class="TFileLogRoute"  Categories="Execute, External, Application, General, Security" LogPath="Application.API.Logs" LogFile="baculum-api.log" MaxFileSize="1000" MaxLogFiles="5" />
 		</module>
-		<!-- auth modules -->
-		<module id="basic_apiuser" class="Application.API.Class.BasicAPIUserConfig" />
-		<module id="oauth2" class="Application.API.Class.OAuth2.BaculumOAuth2" />
-		<module id="oauth2_config" class="Application.API.Class.OAuth2.OAuth2Config" />
-		<module id="oauth2_authid" class="Application.API.Class.OAuth2.AuthIdManager" />
-		<module id="oauth2_token" class="Application.API.Class.OAuth2.TokenManager" />
 		<!-- component status modules -->
 		<module id="status_dir" class="Application.API.Class.StatusDirector" />
 		<module id="status_sd" class="Application.API.Class.StatusStorage" />
diff --git a/gui/baculum/protected/API/Pages/API/endpoints.xml b/gui/baculum/protected/API/Pages/API/endpoints.xml
new file mode 100644
index 000000000..a58c4b4eb
--- /dev/null
+++ b/gui/baculum/protected/API/Pages/API/endpoints.xml
@@ -0,0 +1,87 @@
+<urls>
+	<!-- #### NEW API version 1 #### -->
+	<!-- general endpoint -->
+	<url ServiceParameter="Welcome" pattern="api/v1/welcome/" />
+	<!-- bconsole endpoints -->
+	<url ServiceParameter="ConsoleCommand" pattern="api/v1/console/" />
+	<!-- database endpoints -->
+	<url ServiceParameter="Catalog" pattern="api/v1/catalog/" />
+	<url ServiceParameter="DbSize" pattern="api/v1/dbsize/" />
+	<!-- director endpoints -->
+	<url ServiceParameter="Directors" pattern="api/v1/directors/" />
+	<!-- clients (file daemons) endpoints -->
+	<url ServiceParameter="Clients" pattern="api/v1/clients/" />
+	<url ServiceParameter="Client" pattern="api/v1/clients/{id}/" parameters.id="\d+" />
+	<url ServiceParameter="ClientsShow" pattern="api/v1/clients/show/" />
+	<url ServiceParameter="ClientShow" pattern="api/v1/clients/{id}/show/" parameters.id="\d+" />
+	<url ServiceParameter="ClientStatus" pattern="api/v1/clients/{id}/status/" parameters.id="\d+" />
+	<url ServiceParameter="JobsForClient" pattern="api/v1/clients/{id}/jobs/" parameters.id="\d+" />
+	<url ServiceParameter="ClientLs" pattern="api/v1/clients/{id}/ls/" parameters.id="\d+" />
+	<!-- storages (storage daemons) endpoints -->
+	<url ServiceParameter="Storages" pattern="api/v1/storages/" />
+	<url ServiceParameter="Storage" pattern="api/v1/storages/{id}/" parameters.id="\d+" />
+	<url ServiceParameter="StoragesShow" pattern="api/v1/storages/show/" />
+	<url ServiceParameter="StorageShow" pattern="api/v1/storages/{id}/show/" parameters.id="\d+" />
+	<url ServiceParameter="StorageStatus" pattern="api/v1/storages/{id}/status/" parameters.id="\d+" />
+	<url ServiceParameter="StorageMount" pattern="api/v1/storages/{id}/mount/" parameters.id="\d+" />
+	<url ServiceParameter="StorageUmount" pattern="api/v1/storages/{id}/umount/" parameters.id="\d+" />
+	<url ServiceParameter="StorageRelease" pattern="api/v1/storages/{id}/release/" parameters.id="\d+" />
+	<!-- volumes (media) endpoints-->
+	<url ServiceParameter="Volumes" pattern="api/v1/volumes/" />
+	<url ServiceParameter="Volume" pattern="api/v1/volumes/{id}/" parameters.id="\d+" />
+	<url ServiceParameter="VolumePrune" pattern="api/v1/volumes/{id}/prune/" parameters.id="\d+" />
+	<url ServiceParameter="VolumePurge" pattern="api/v1/volumes/{id}/purge/" parameters.id="\d+" />
+	<url ServiceParameter="VolumesRequired" pattern="api/v1/volumes/required/{jobid}/{fileid}/" parameters.jobid="\d+" parameters.fileid="\d+" />
+	<url ServiceParameter="JobsOnVolume" pattern="api/v1/volumes/{id}/jobs/" parameters.id="\d+" />
+	<url ServiceParameter="VolumeLabel" pattern="api/v1/volumes/label/" />
+	<url ServiceParameter="VolumeLabelBarcodes" pattern="api/v1/volumes/label/barcodes/" />
+	<url ServiceParameter="SlotsUpdate" pattern="api/v1/volumes/update/" />
+	<url ServiceParameter="SlotsUpdate" pattern="api/v1/volumes/update/{barcodes}/" parameters.barcodes="barcodes" />
+	<!-- pools endpoints -->
+	<url ServiceParameter="Pools" pattern="api/v1/pools/" />
+	<url ServiceParameter="Pool" pattern="api/v1/pools/{id}/" parameters.id="\d+" />
+	<url ServiceParameter="VolumesInPool" pattern="api/v1/pools/{id}/volumes/" parameters.id="\d+" />
+	<url ServiceParameter="PoolUpdate" pattern="api/v1/pools/{id}/update/" parameters.id="\d+" />
+	<url ServiceParameter="PoolUpdateVolumes" pattern="api/v1/pools/{id}/update/volumes/" parameters.id="\d+" />
+	<url ServiceParameter="PoolsShow" pattern="api/v1/pools/show/" />
+	<url ServiceParameter="PoolShow" pattern="api/v1/pools/{id}/show/" parameters.id="\d+" />
+	<!-- jobs endpoints-->
+	<url ServiceParameter="Jobs" pattern="api/v1/jobs/" />
+	<url ServiceParameter="Job" pattern="api/v1/jobs/{id}/" parameters.id="\d+" />
+	<url ServiceParameter="JobResNames" pattern="api/v1/jobs/resnames/" />
+	<url ServiceParameter="JobsShow" pattern="api/v1/jobs/show/" />
+	<url ServiceParameter="JobShow" pattern="api/v1/jobs/{id}/show/" parameters.id="\d+" />
+	<url ServiceParameter="JobsRecent" pattern="api/v1/jobs/recent/{name}/" parameters.name="[a-zA-Z0-9:.\-_ ]+" />
+	<url ServiceParameter="JobEstimate" pattern="api/v1/jobs/estimate/" />
+	<url ServiceParameter="JobRun" pattern="api/v1/jobs/run/" />
+	<url ServiceParameter="JobCancel" pattern="api/v1/jobs/{id}/cancel/" parameters.id="\d+"/>
+	<url ServiceParameter="JobTotals" pattern="api/v1/jobs/totals/" />
+	<url ServiceParameter="RestoreRun" pattern="api/v1/jobs/restore/" />
+	<!-- bvfs endpoints-->
+	<url ServiceParameter="BVFSUpdate" pattern="api/v1/bvfs/update/" />
+	<url ServiceParameter="BVFSLsDirs" pattern="api/v1/bvfs/lsdirs/" />
+	<url ServiceParameter="BVFSLsFiles" pattern="api/v1/bvfs/lsfiles/" />
+	<url ServiceParameter="BVFSVersions" pattern="api/v1/bvfs/versions/" />
+	<url ServiceParameter="BVFSGetJobids" pattern="api/v1/bvfs/getjobids/" />
+	<url ServiceParameter="BVFSRestore" pattern="api/v1/bvfs/restore/" />
+	<url ServiceParameter="BVFSClearCache" pattern="api/v1/bvfs/clear/" />
+	<url ServiceParameter="BVFSCleanUp" pattern="api/v1/bvfs/cleanup/" />
+	<!-- joblog endpoints -->
+	<url ServiceParameter="JobLog" pattern="api/v1/joblog/{id}/" parameters.id="\d+" />
+	<!-- fileset endpoints -->
+	<url ServiceParameter="FileSets" pattern="api/v1/filesets/" />
+	<url ServiceParameter="FileSet" pattern="api/v1/filesets/{id}/" parameters.id="\d+" />
+	<url ServiceParameter="FileSetResNames" pattern="api/v1/filesets/resnames/" />
+	<!-- schedule endpoints -->
+	<url ServiceParameter="Schedules" pattern="api/v1/schedules/resnames/" />
+	<url ServiceParameter="ScheduleStatus" pattern="api/v1/schedules/status/" />
+	<!-- Bacula config module endpoints -->
+	<url ServiceParameter="Config" pattern="api/v1/config/" />
+	<url ServiceParameter="Config" pattern="api/v1/config/{component_type}/" parameters.component_type="[a-z]+" />
+	<url ServiceParameter="Config" pattern="api/v1/config/{component_type}/{resource_type}/" parameters.component_type="[a-z]+" parameters.resource_type="[a-zA-Z]+" />
+	<url ServiceParameter="Config" pattern="api/v1/config/{component_type}/{resource_type}/{resource_name}/" parameters.component_type="[a-z]+" parameters.resource_type="[a-zA-Z]+" parameters.resource_name="[a-zA-Z0-9:.\-_ ]+" />
+	<!-- component status endpoints -->
+	<url ServiceParameter="ComponentStatus" pattern="api/v1/status/{component}/" parameters.component="(director|storage|client)" />
+	<!-- actions endpoints -->
+	<url ServiceParameter="Actions" pattern="api/v1/actions/{component}/{action}/" parameters.component="(director|storage|client)" parameters.action="(start|stop|restart)" />
+</urls>
diff --git a/gui/baculum/protected/API/Pages/OAuth2/config.xml b/gui/baculum/protected/API/Pages/OAuth2/config.xml
new file mode 100644
index 000000000..7351d9e0a
--- /dev/null
+++ b/gui/baculum/protected/API/Pages/OAuth2/config.xml
@@ -0,0 +1,14 @@
+<configuration>
+	<paths>
+		<using namespace="Application.API.Class.BaculumAPIServer" />
+	</paths>
+	<modules>
+		<!-- auth modules -->
+		<module id="oauth2" class="Application.API.Class.OAuth2.BaculumOAuth2" />
+		<module id="oauth2_config" class="Application.API.Class.OAuth2.OAuth2Config" />
+		<module id="oauth2_authid" class="Application.API.Class.OAuth2.AuthIdManager" />
+		<module id="oauth2_token" class="Application.API.Class.OAuth2.TokenManager" />
+		<!-- config modules -->
+		<module id="api_config" class="Application.API.Class.APIConfig" />
+	</modules>
+</configuration>
diff --git a/gui/baculum/protected/API/Pages/OAuth2/endpoints.xml b/gui/baculum/protected/API/Pages/OAuth2/endpoints.xml
new file mode 100644
index 000000000..a207467c3
--- /dev/null
+++ b/gui/baculum/protected/API/Pages/OAuth2/endpoints.xml
@@ -0,0 +1,5 @@
+<urls>
+	<!-- OAuth2 -->
+	<url ServiceParameter="Authorize" pattern="oauth/authorize/" />
+	<url ServiceParameter="RequestToken" pattern="oauth/token/" />
+</urls>
diff --git a/gui/baculum/protected/API/Pages/Panel/APIHome.page b/gui/baculum/protected/API/Pages/Panel/APIHome.page
index 258422712..18f96728b 100644
--- a/gui/baculum/protected/API/Pages/Panel/APIHome.page
+++ b/gui/baculum/protected/API/Pages/Panel/APIHome.page
@@ -1,7 +1,7 @@
 <%@ MasterClass="Application.API.Layouts.Main" Theme="Baculum-v1"%>
 <com:TContent ID="Main">
 	<com:BClientScript ScriptUrl=<%~ ../../JavaScript/misc.js %> />
-	<h3 style="clear: left"><%[ Welcome on the Baculum API default page ]%> <input type="button" class="bbutton" onclick="window.location.href='<%=$this->getService()->constructUrl('Panel.APIInstallWizard')%>'" value="<%[ Go to configuration wizard ]%>" style="float: right" /></h3>
+	<h3 style="clear: left"><%[ Welcome on the Baculum API default page ]%> <input type="button" class="bbutton" onclick="window.location.href='<%=$this->getService()->constructUrl('APIInstallWizard')%>'" value="<%[ Go to configuration wizard ]%>" style="float: right" /></h3>
 	<div id="tabs">
 		<ul>
 			<li><a href="#tab1"><%[ Baculum API Client ]%></a></li>
@@ -305,7 +305,7 @@
 					return;
 				}
 				this.set_progress(1, 'Sending auth code request...');
-				var authorization_uri = document.location.origin + '/api/auth';
+				var authorization_uri = document.location.origin + '/oauth/authorize';
 				var auth_params = {
 					response_type: 'code',
 					client_id: this.baculum_auth.client_id,
@@ -329,7 +329,7 @@
 			},
 			send_token_request: function(code) {
 				this.set_progress(2, 'Sending token request...');
-				var uri = document.location.origin + '/api/token';
+				var uri = document.location.origin + '/oauth/token';
 				var auth_params = {
 					grant_type: 'authorization_code',
 					code: code,
diff --git a/gui/baculum/protected/API/Pages/Panel/config.xml b/gui/baculum/protected/API/Pages/Panel/config.xml
new file mode 100644
index 000000000..399a78e79
--- /dev/null
+++ b/gui/baculum/protected/API/Pages/Panel/config.xml
@@ -0,0 +1,27 @@
+<configuration>
+	<paths>
+		<using namespace="System.I18N.*" />
+	</paths>
+	<modules>
+		<!-- database modules -->
+		<module id="db" class="Application.API.Class.Database" />
+		<!-- tools modules -->
+		<module id="bconsole" class="Application.API.Class.Bconsole" />
+		<module id="json_tools" class="Application.API.Class.JSONTools" />
+		<!-- config modules -->
+		<module id="api_config" class="Application.API.Class.APIConfig" />
+		<!-- internalization modules -->
+		<module id="globalization" class="TGlobalization">
+			<translation type="gettext" source="Application.API.Lang" marker="@@" autosave="false" cache="false" DefaultCulture="en" />
+		</module>
+		<!-- logging modules -->
+		<module id="log" class="System.Util.TLogRouter">
+			<route class="TFileLogRoute"  Categories="Execute, External, Application, General, Security" LogPath="Application.API.Logs" LogFile="baculum-api.log" MaxFileSize="1000" MaxLogFiles="5" />
+		</module>
+		<!-- auth modules -->
+		<module id="basic_apiuser" class="Application.API.Class.BasicAPIUserConfig" />
+		<module id="oauth2_config" class="Application.API.Class.OAuth2.OAuth2Config" />
+		<!-- component actions modules -->
+		<module id="comp_actions" class="Application.API.Class.ComponentActions" />
+	</modules>
+</configuration>
diff --git a/gui/baculum/protected/API/Pages/Panel/endpoints.xml b/gui/baculum/protected/API/Pages/Panel/endpoints.xml
new file mode 100644
index 000000000..d4b74bc33
--- /dev/null
+++ b/gui/baculum/protected/API/Pages/Panel/endpoints.xml
@@ -0,0 +1,5 @@
+<urls>
+	<!-- Pages -->
+	<url ServiceParameter="APIInstallWizard" pattern="panel/config/" />
+	<url ServiceParameter="APIHome" pattern="panel/" />
+</urls>
diff --git a/gui/baculum/protected/API/endpoints.xml b/gui/baculum/protected/API/endpoints.xml
deleted file mode 100644
index d1cc5721b..000000000
--- a/gui/baculum/protected/API/endpoints.xml
+++ /dev/null
@@ -1,194 +0,0 @@
-<urls>
-	<!-- Pages -->
-	<url ServiceParameter="Panel.APIInstallWizard" pattern="api/page/config/" />
-	<url ServiceParameter="Panel.APIHome" pattern="api/page/home/" />
-	<url ServiceParameter="Panel.MainPage" pattern="api/page/" />
-	<!-- OAuth2 -->
-	<url ServiceParameter="OAuth2.Authorize" pattern="api/auth/" />
-	<url ServiceParameter="OAuth2.RequestToken" pattern="api/token/" />
-
-
-	<!-- #### NEW API version 1 #### -->
-	<!-- general endpoint -->
-	<url ServiceParameter="API.Welcome" pattern="api/v1/welcome/" />
-	<!-- bconsole endpoints -->
-	<url ServiceParameter="API.ConsoleCommand" pattern="api/v1/console/" />
-	<!-- database endpoints -->
-	<url ServiceParameter="API.Catalog" pattern="api/v1/catalog/" />
-	<url ServiceParameter="API.DbSize" pattern="api/v1/dbsize/" />
-	<!-- director endpoints -->
-	<url ServiceParameter="API.Directors" pattern="api/v1/directors/" />
-	<!-- clients (file daemons) endpoints -->
-	<url ServiceParameter="API.Clients" pattern="api/v1/clients/" />
-	<url ServiceParameter="API.Client" pattern="api/v1/clients/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.ClientsShow" pattern="api/v1/clients/show/" />
-	<url ServiceParameter="API.ClientShow" pattern="api/v1/clients/{id}/show/" parameters.id="\d+" />
-	<url ServiceParameter="API.ClientStatus" pattern="api/v1/clients/{id}/status/" parameters.id="\d+" />
-	<url ServiceParameter="API.JobsForClient" pattern="api/v1/clients/{id}/jobs/" parameters.id="\d+" />
-	<url ServiceParameter="API.ClientLs" pattern="api/v1/clients/{id}/ls/" parameters.id="\d+" />
-	<!-- storages (storage daemons) endpoints -->
-	<url ServiceParameter="API.Storages" pattern="api/v1/storages/" />
-	<url ServiceParameter="API.Storage" pattern="api/v1/storages/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.StoragesShow" pattern="api/v1/storages/show/" />
-	<url ServiceParameter="API.StorageShow" pattern="api/v1/storages/{id}/show/" parameters.id="\d+" />
-	<url ServiceParameter="API.StorageStatus" pattern="api/v1/storages/{id}/status/" parameters.id="\d+" />
-	<url ServiceParameter="API.StorageMount" pattern="api/v1/storages/{id}/mount/" parameters.id="\d+" />
-	<url ServiceParameter="API.StorageUmount" pattern="api/v1/storages/{id}/umount/" parameters.id="\d+" />
-	<url ServiceParameter="API.StorageRelease" pattern="api/v1/storages/{id}/release/" parameters.id="\d+" />
-	<!-- volumes (media) endpoints-->
-	<url ServiceParameter="API.Volumes" pattern="api/v1/volumes/" />
-	<url ServiceParameter="API.Volume" pattern="api/v1/volumes/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.VolumePrune" pattern="api/v1/volumes/{id}/prune/" parameters.id="\d+" />
-	<url ServiceParameter="API.VolumePurge" pattern="api/v1/volumes/{id}/purge/" parameters.id="\d+" />
-	<url ServiceParameter="API.VolumesRequired" pattern="api/v1/volumes/required/{jobid}/{fileid}/" parameters.jobid="\d+" parameters.fileid="\d+" />
-	<url ServiceParameter="API.JobsOnVolume" pattern="api/v1/volumes/{id}/jobs/" parameters.id="\d+" />
-	<url ServiceParameter="API.VolumeLabel" pattern="api/v1/volumes/label/" />
-	<url ServiceParameter="API.VolumeLabelBarcodes" pattern="api/v1/volumes/label/barcodes/" />
-	<url ServiceParameter="API.SlotsUpdate" pattern="api/v1/volumes/update/" />
-	<url ServiceParameter="API.SlotsUpdate" pattern="api/v1/volumes/update/{barcodes}/" parameters.barcodes="barcodes" />
-	<!-- pools endpoints -->
-	<url ServiceParameter="API.Pools" pattern="api/v1/pools/" />
-	<url ServiceParameter="API.Pool" pattern="api/v1/pools/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.VolumesInPool" pattern="api/v1/pools/{id}/volumes/" parameters.id="\d+" />
-	<url ServiceParameter="API.PoolUpdate" pattern="api/v1/pools/{id}/update/" parameters.id="\d+" />
-	<url ServiceParameter="API.PoolUpdateVolumes" pattern="api/v1/pools/{id}/update/volumes/" parameters.id="\d+" />
-	<url ServiceParameter="API.PoolsShow" pattern="api/v1/pools/show/" />
-	<url ServiceParameter="API.PoolShow" pattern="api/v1/pools/{id}/show/" parameters.id="\d+" />
-	<!-- jobs endpoints-->
-	<url ServiceParameter="API.Jobs" pattern="api/v1/jobs/" />
-	<url ServiceParameter="API.Job" pattern="api/v1/jobs/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.JobResNames" pattern="api/v1/jobs/resnames/" />
-	<url ServiceParameter="API.JobsShow" pattern="api/v1/jobs/show/" />
-	<url ServiceParameter="API.JobShow" pattern="api/v1/jobs/{id}/show/" parameters.id="\d+" />
-	<url ServiceParameter="API.JobsRecent" pattern="api/v1/jobs/recent/{name}/" parameters.name="[a-zA-Z0-9:.\-_ ]+" />
-	<url ServiceParameter="API.JobEstimate" pattern="api/v1/jobs/estimate/" />
-	<url ServiceParameter="API.JobRun" pattern="api/v1/jobs/run/" />
-	<url ServiceParameter="API.JobCancel" pattern="api/v1/jobs/{id}/cancel/" parameters.id="\d+"/>
-	<url ServiceParameter="API.JobTotals" pattern="api/v1/jobs/totals/" />
-	<url ServiceParameter="API.RestoreRun" pattern="api/v1/jobs/restore/" />
-	<!-- bvfs endpoints-->
-	<url ServiceParameter="API.BVFSUpdate" pattern="api/v1/bvfs/update/" />
-	<url ServiceParameter="API.BVFSLsDirs" pattern="api/v1/bvfs/lsdirs/" />
-	<url ServiceParameter="API.BVFSLsFiles" pattern="api/v1/bvfs/lsfiles/" />
-	<url ServiceParameter="API.BVFSVersions" pattern="api/v1/bvfs/versions/" />
-	<url ServiceParameter="API.BVFSGetJobids" pattern="api/v1/bvfs/getjobids/" />
-	<url ServiceParameter="API.BVFSRestore" pattern="api/v1/bvfs/restore/" />
-	<url ServiceParameter="API.BVFSClearCache" pattern="api/v1/bvfs/clear/" />
-	<url ServiceParameter="API.BVFSCleanUp" pattern="api/v1/bvfs/cleanup/" />
-	<!-- joblog endpoints -->
-	<url ServiceParameter="API.JobLog" pattern="api/v1/joblog/{id}/" parameters.id="\d+" />
-	<!-- fileset endpoints -->
-	<url ServiceParameter="API.FileSets" pattern="api/v1/filesets/" />
-	<url ServiceParameter="API.FileSet" pattern="api/v1/filesets/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.FileSetResNames" pattern="api/v1/filesets/resnames/" />
-	<!-- schedule endpoints -->
-	<url ServiceParameter="API.Schedules" pattern="api/v1/schedules/resnames/" />
-	<url ServiceParameter="API.ScheduleStatus" pattern="api/v1/schedules/status/" />
-	<!-- Bacula config module endpoints -->
-	<url ServiceParameter="API.Config" pattern="api/v1/config/" />
-	<url ServiceParameter="API.Config" pattern="api/v1/config/{component_type}/" parameters.component_type="[a-z]+" />
-	<url ServiceParameter="API.Config" pattern="api/v1/config/{component_type}/{resource_type}/" parameters.component_type="[a-z]+" parameters.resource_type="[a-zA-Z]+" />
-	<url ServiceParameter="API.Config" pattern="api/v1/config/{component_type}/{resource_type}/{resource_name}/" parameters.component_type="[a-z]+" parameters.resource_type="[a-zA-Z]+" parameters.resource_name="[a-zA-Z0-9:.\-_ ]+" />
-	<!-- component status endpoints -->
-	<url ServiceParameter="API.ComponentStatus" pattern="api/v1/status/{component}/" parameters.component="(director|storage|client)" />
-	<!-- actions endpoints -->
-	<url ServiceParameter="API.Actions" pattern="api/v1/actions/{component}/{action}/" parameters.component="(director|storage|client)" parameters.action="(start|stop|restart)" />
-
-
-
-	<!-- #### OLD API (deprecated) #### -->
-	<!-- general endpoint -->
-	<url ServiceParameter="API.Welcome" pattern="api/welcome/" />
-	<!-- bconsole endpoints -->
-	<url ServiceParameter="API.ConsoleCommand" pattern="api/console/" />
-	<!-- database endpoints -->
-	<url ServiceParameter="API.Catalog" pattern="api/catalog/" />
-	<url ServiceParameter="API.DbSize" pattern="api/dbsize/" />
-	<!-- director endpoints -->
-	<url ServiceParameter="API.Directors" pattern="api/directors/" />
-	<!-- clients (file daemons) endpoints -->
-	<url ServiceParameter="API.Clients" pattern="api/clients/" />
-	<url ServiceParameter="API.Client" pattern="api/clients/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.Clients" pattern="api/clients/limit/{limit}/" parameters.limit="\d+" />
-	<url ServiceParameter="API.ClientsShow" pattern="api/clients/show/" />
-	<url ServiceParameter="API.ClientShow" pattern="api/clients/show/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.ClientStatus" pattern="api/clients/status/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.JobsForClient" pattern="api/clients/jobs/{id}/" parameters.id="\d+" />
-	<!-- storages (storage daemons) endpoints -->
-	<url ServiceParameter="API.Storages" pattern="api/storages/" />
-	<url ServiceParameter="API.Storage" pattern="api/storages/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.Storage" pattern="api/storages/{name}/" parameters.name="[a-zA-Z0-9:.\-_ ]+" />
-	<url ServiceParameter="API.Storages" pattern="api/storages/limit/{limit}/" parameters.limit="\d+" />
-	<url ServiceParameter="API.StoragesShow" pattern="api/storages/show/" />
-	<url ServiceParameter="API.StorageShow" pattern="api/storages/show/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.StorageStatus" pattern="api/storages/status/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.StorageMount" pattern="api/storages/mount/{id}/{drive}/{slot}/" parameters.id="\d+" parameters.drive="\d+" parameters.slot="\d+" />
-	<url ServiceParameter="API.StorageMount" pattern="api/storages/mount/{id}/{device}/{slot}/" parameters.id="\d+" parameters.device="[a-zA-Z0-9:.\-_ ]+" parameters.slot="\d+" />
-	<url ServiceParameter="API.StorageUmount" pattern="api/storages/umount/{id}/{drive}/" parameters.id="\d+" parameters.drive="\d+" />
-	<url ServiceParameter="API.StorageUmount" pattern="api/storages/umount/{id}/{device}/" parameters.id="\d+" parameters.device="[a-zA-Z0-9:.\-_ ]+" />
-	<url ServiceParameter="API.StorageRelease" pattern="api/storages/release/{id}/{drive}/" parameters.id="\d+" parameters.drive="\d+" />
-	<url ServiceParameter="API.StorageRelease" pattern="api/storages/release/{id}/{device}/" parameters.id="\d+" parameters.device="[a-zA-Z0-9:.\-_ ]+" />
-	<!-- volumes (media) endpoints-->
-	<url ServiceParameter="API.Volumes" pattern="api/volumes/" />
-	<url ServiceParameter="API.Volumes" pattern="api/volumes/limit/{limit}/" parameters.limit="\d+" />
-	<url ServiceParameter="API.Volume" pattern="api/volumes/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.VolumePrune" pattern="api/volumes/prune/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.VolumePurge" pattern="api/volumes/purge/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.VolumesRequired" pattern="api/volumes/required/{jobid}/{fileid}/" parameters.jobid="\d+" parameters.fileid="\d+" />
-	<url ServiceParameter="API.JobsOnVolume" pattern="api/volumes/jobs/{id}/" parameters.id="\d+" />
-	<!-- pools endpoints -->
-	<url ServiceParameter="API.Pools" pattern="api/pools/" />
-	<url ServiceParameter="API.Pool" pattern="api/pools/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.Pool" pattern="api/pools/{name}/" parameters.name="[a-zA-Z0-9:.\-_ ]+" />
-	<url ServiceParameter="API.VolumesInPool" pattern="api/pools/{poolid}/volumes/" parameters.poolid="\d+" />
-	<url ServiceParameter="API.Pools" pattern="api/pools/limit/{limit}/" parameters.limit="\d+" />
-	<url ServiceParameter="API.PoolUpdate" pattern="api/pools/update/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.PoolUpdateVolumes" pattern="api/pools/update/volumes/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.PoolsShow" pattern="api/pools/show/" />
-	<url ServiceParameter="API.PoolShow" pattern="api/pools/show/{id}/" parameters.id="\d+" />
-	<!-- jobs endpoints-->
-	<url ServiceParameter="API.Jobs" pattern="api/jobs/" />
-	<url ServiceParameter="API.Jobs" pattern="api/jobs/jobstatus/{jobstatus}/" parameters.jobstatus="[a-zA-Z]+" />
-	<url ServiceParameter="API.JobResNames" pattern="api/jobs/tasks/" />
-	<url ServiceParameter="API.JobResNames" pattern="api/jobs/tasks/type/{type}" parameters.type="[a-zA-Z]" />
-	<url ServiceParameter="API.JobResNames" pattern="api/jobs/tasks/type/{type}/limit/{limit}/" parameters.type="[a-zA-Z]" parameters.limit="\d+" />
-	<url ServiceParameter="API.JobResNames" pattern="api/jobs/tasks/limit/{limit}/" parameters.limit="\d+" />
-	<url ServiceParameter="API.Job" pattern="api/jobs/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.Jobs" pattern="api/jobs/limit/{limit}/" parameters.limit="\d+" />
-	<url ServiceParameter="API.JobsRecent" pattern="api/jobs/recent/{name}/client/{client}/filesetid/{filesetid}/" parameters.name="[a-zA-Z0-9:.\-_ ]+" parameters.client="[a-zA-Z0-9:.\-_ ]+" parameters.filesetid="\d+" />
-	<url ServiceParameter="API.JobsRecent" pattern="api/jobs/recent/{name}/clientid/{clientid}/filesetid/{filesetid}/" parameters.name="[a-zA-Z0-9:.\-_ ]+" parameters.clientid="\d+" parameters.filesetid="\d+" />
-	<url ServiceParameter="API.JobEstimate" pattern="api/jobs/estimate/" />
-	<url ServiceParameter="API.JobRun" pattern="api/jobs/run/" />
-	<url ServiceParameter="API.JobCancel" pattern="api/jobs/cancel/{id}/" parameters.id="\d+"/>
-	<url ServiceParameter="API.JobsShow" pattern="api/jobs/show/" />
-	<url ServiceParameter="API.JobShow" pattern="api/jobs/show/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.JobShow" pattern="api/jobs/show/name/{name}/" parameters.name="[a-zA-Z0-9:.\-_ ]+" />
-	<url ServiceParameter="API.JobTotals" pattern="api/jobs/totals/" />
-	<url ServiceParameter="API.RestoreRun" pattern="api/jobs/restore/" />
-	<!-- bvfs endpoints-->
-	<url ServiceParameter="API.BVFSUpdate" pattern="api/bvfs/update/" />
-	<url ServiceParameter="API.BVFSLsDirs" pattern="api/bvfs/lsdirs/" />
-	<url ServiceParameter="API.BVFSLsDirs" pattern="api/bvfs/lsdirs/limit/{limit}/" parameters.limit="\d+" />
-	<url ServiceParameter="API.BVFSLsDirs" pattern="api/bvfs/lsdirs/limit/{limit}/{offset}/" parameters.limit="\d+" parameters.offset="\d+" />
-	<url ServiceParameter="API.BVFSLsFiles" pattern="api/bvfs/lsfiles/" />
-	<url ServiceParameter="API.BVFSLsFiles" pattern="api/bvfs/lsfiles/limit/{limit}/" parameters.limit="\d+" />
-	<url ServiceParameter="API.BVFSLsFiles" pattern="api/bvfs/lsfiles/limit/{limit}/{offset}/" parameters.limit="\d+" parameters.offset="\d+" />
-	<url ServiceParameter="API.BVFSVersions" pattern="api/bvfs/versions/{client}/{jobid}/{pathid}/{filenameid}/" parameters.client="[a-zA-Z0-9:.\-_ ]+" parameters.jobid="\d+" parameters.pathid="\d+" parameters.filenameid="\d+" />
-	<url ServiceParameter="API.BVFSGetJobids" pattern="api/bvfs/getjobids/{jobid}/" parameters.jobid="[\d\,]+" />
-	<url ServiceParameter="API.BVFSRestore" pattern="api/bvfs/restore/" />
-	<url ServiceParameter="API.BVFSClearCache" pattern="api/bvfs/clear/" />
-	<!-- joblog endpoints -->
-	<url ServiceParameter="API.JobLog" pattern="api/joblog/{id}/" parameters.id="\d+" />
-	<!-- fileset endpoints -->
-	<url ServiceParameter="API.FileSetResNames" pattern="api/filesets/" />
-	<url ServiceParameter="API.FileSet" pattern="api/filesets/{id}/" parameters.id="\d+" />
-	<url ServiceParameter="API.FileSets" pattern="api/filesets/info/" />
-	<url ServiceParameter="API.FileSet" pattern="api/filesets/{name}/" parameters.name="[a-zA-Z0-9:.\-_ ]+" />
-	<!-- schedule endpoints -->
-	<url ServiceParameter="API.Schedules" pattern="api/schedules/" />
-	<!-- Bacula config module endpoints -->
-	<url ServiceParameter="API.Config" pattern="api/config/" />
-	<url ServiceParameter="API.Config" pattern="api/config/{component_type}/" parameters.component_type="[a-z]+" />
-	<url ServiceParameter="API.Config" pattern="api/config/{component_type}/{resource_type}/" parameters.component_type="[a-z]+" parameters.resource_type="[a-zA-Z]+" />
-	<url ServiceParameter="API.Config" pattern="api/config/{component_type}/{resource_type}/{resource_name}/" parameters.component_type="[a-z]+" parameters.resource_type="[a-zA-Z]+" parameters.resource_name="[a-zA-Z0-9:.\-_ ]+" />
-</urls>
diff --git a/gui/baculum/protected/Common/Class/BaculumUrlMapping.php b/gui/baculum/protected/Common/Class/BaculumUrlMapping.php
index cab9b8278..6b7db0392 100644
--- a/gui/baculum/protected/Common/Class/BaculumUrlMapping.php
+++ b/gui/baculum/protected/Common/Class/BaculumUrlMapping.php
@@ -3,7 +3,7 @@
  * Bacula(R) - The Network Backup Solution
  * Baculum   - Bacula web interface
  *
- * Copyright (C) 2013-2016 Kern Sibbald
+ * Copyright (C) 2013-2019 Kern Sibbald
  *
  * The main author of Baculum is Marcin Haba.
  * The original author of Bacula is Kern Sibbald, with contributions
@@ -33,7 +33,17 @@ class BaculumUrlMapping extends TUrlMapping {
 		'api' => array(
 			'url_manager' => 'Application.API.Class.APIUrlMapping',
 			'url_pattern' => '!^(/index\.php)?/api([/,].*)?$!',
-			'endpoints' => 'Application.API.endpoints'
+			'endpoints' => 'Application.API.Pages.API.endpoints'
+		),
+		'oauth' => array(
+			'url_manager' => 'Application.API.Class.OAuthUrlMapping',
+			'url_pattern' => '!^(/index\.php)?/oauth([/,].*)?$!',
+			'endpoints' => 'Application.API.Pages.OAuth2.endpoints'
+		),
+		'panel' => array(
+			'url_manager' => 'Application.API.Class.PanelUrlMapping',
+			'url_pattern' => '!^(/index\.php)?/panel([/,].*)?$!',
+			'endpoints' => 'Application.API.Pages.Panel.endpoints'
 		)
 	);
 
diff --git a/gui/baculum/protected/Common/Pages/CommonPage.php b/gui/baculum/protected/Common/Pages/CommonPage.php
new file mode 100644
index 000000000..5dda41767
--- /dev/null
+++ b/gui/baculum/protected/Common/Pages/CommonPage.php
@@ -0,0 +1,27 @@
+<?php
+/*
+ * Bacula(R) - The Network Backup Solution
+ * Baculum   - Bacula web interface
+ *
+ * Copyright (C) 2013-2019 Kern Sibbald
+ *
+ * The main author of Baculum is Marcin Haba.
+ * The original author of Bacula is Kern Sibbald, with contributions
+ * from many others, a complete list can be found in the file AUTHORS.
+ *
+ * You may use this file and others of this release according to the
+ * license defined in the LICENSE file, which includes the Affero General
+ * Public License, v3.0 ("AGPLv3") and some additional permissions and
+ * terms pursuant to its AGPLv3 Section 7.
+ *
+ * This notice must be preserved when any source code is
+ * conveyed and/or propagated.
+ *
+ * Bacula(R) is a registered trademark of Kern Sibbald.
+ */
+
+Prado::using('Application.Common.Class.BaculumPage');
+
+class CommonPage extends BaculumPage {
+}
+?>
diff --git a/gui/baculum/protected/Web/Class/BaculumAPIClient.php b/gui/baculum/protected/Web/Class/BaculumAPIClient.php
index 1721c08a5..7d2496140 100644
--- a/gui/baculum/protected/Web/Class/BaculumAPIClient.php
+++ b/gui/baculum/protected/Web/Class/BaculumAPIClient.php
@@ -3,7 +3,7 @@
  * Bacula(R) - The Network Backup Solution
  * Baculum   - Bacula web interface
  *
- * Copyright (C) 2013-2018 Kern Sibbald
+ * Copyright (C) 2013-2019 Kern Sibbald
  *
  * The main author of Baculum is Marcin Haba.
  * The original author of Bacula is Kern Sibbald, with contributions
@@ -50,8 +50,8 @@ class BaculumAPIClient extends WebModule {
 	/**
 	 * OAuth2 authorization endpoints
 	 */
-	const OAUTH2_AUTH_URL = 'api/auth/';
-	const OAUTH2_TOKEN_URL = 'api/token/';
+	const OAUTH2_AUTH_URL = 'oauth/authorize/';
+	const OAUTH2_TOKEN_URL = 'oauth/token/';
 
 	/**
 	 * API server version for current request.
diff --git a/gui/baculum/protected/application.xml b/gui/baculum/protected/application.xml
index 4cbdc09f6..86d5351a0 100644
--- a/gui/baculum/protected/application.xml
+++ b/gui/baculum/protected/application.xml
@@ -17,7 +17,10 @@
 		<module id="url_manager" class="Application.Common.Class.BaculumUrlMapping" EnableCustomUrl="true" />
 	</modules>
 	<services>
-		<service id="api" class="TPageService" BasePath="Application.API.Pages" DefaultPage="Panel.MainPage" />
+		<service id="page" class="TPageService" BasePath="Application.Common.Pages" DefaultPage="CommonPage" />
+		<service id="oauth" class="TPageService" BasePath="Application.API.Pages.OAuth2" DefaultPage="Authorize" />
+		<service id="api" class="TPageService" BasePath="Application.API.Pages.API" DefaultPage="Welcome" />
+		<service id="panel" class="TPageService" BasePath="Application.API.Pages.Panel" DefaultPage="APIHome" />
 		<service id="web" class="TPageService" BasePath="Application.Web.Pages" DefaultPage="Dashboard" />
 	</services>
 </application>