Dear All,
I have been trying to develop a tool which uses OAuth with Flask using
mwoauth as specified here[1].
Unfortunately, the OAuth request seems to not work as it ends with no error
messages.
After investigating, it looks like /oauth-callback does not execute (which
seems unusual).
This is
Does this mean the WMF will kill its 1.x provider for Phabricator login and
move to the built in 2.x?
(Phabricator knowledge may be slightly out of date, but, seem to recall
this was the case a few years back)
-- Lewis Cawte
On Sat, 18 Jan 2020, 01:39 Cindy Cicalese, wrote:
> The OAuth
https://www.mediawiki.org/wiki/OAuth/For_Developers#OAuth_2
On Tue, Jan 21, 2020 at 8:59 AM Chico Venancio
wrote:
> Do we have documentation on the OAuth 2.0 endpoints?
> Chico Venancio
>
>
> Em dom., 19 de jan. de 2020 às 11:15, Chico Venancio <
> chicocvenan...@gmail.com> escreveu:
>
> >
Do we have documentation on the OAuth 2.0 endpoints?
Chico Venancio
Em dom., 19 de jan. de 2020 às 11:15, Chico Venancio <
chicocvenan...@gmail.com> escreveu:
> Great news!
>
> Chico Venancio
>
> Em sex, 17 de jan de 2020 22:39, Cindy Cicalese
> escreveu:
>
>> The OAuth extension [0], which
Great news!
Chico Venancio
Em sex, 17 de jan de 2020 22:39, Cindy Cicalese
escreveu:
> The OAuth extension [0], which implements an OAuth server in MediaWiki, has
> been updated. OAuth is an industry-standard protocol for authorization. The
> OAuth extension now supports OAuth 2.0 [1] in
Cool, greetings from me.
Best regards,
Zoran.
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Awesome! Thanks to everyone involved in getting this done :)
-Ursprüngliche Nachricht-
Von: Wikitech-l Im Auftrag von Cindy
Cicalese
Gesendet: Samstag, 18. Januar 2020 02:38
An: wikitech-l@lists.wikimedia.org
Betreff: [Wikitech-l] OAuth 2.0 support in OAuth extension
The OAuth
The OAuth extension [0], which implements an OAuth server in MediaWiki, has
been updated. OAuth is an industry-standard protocol for authorization. The
OAuth extension now supports OAuth 2.0 [1] in addition to its previous
support for OAuth 1.0a [2]. The updated extension version is now available
glish Wikipedia.
>
> Kind regards
>
>
> -Original Message-
> From: Wikitech-l On Behalf Of
> David Barratt
> Sent: 31 August 2019 15:58
> To: Wikimedia developers
> Subject: Re: [Wikitech-l] Oauth non working properly
>
> What's the url of the dashboar
=d0524b6bae49ef4ca74dcf099086cfb2_consumer_key=5709c54e5e241577730e27c13e1a56cf
And it remains on English Wikipedia.
Kind regards
-Original Message-
From: Wikitech-l On Behalf Of David
Barratt
Sent: 31 August 2019 15:58
To: Wikimedia developers
Subject: Re: [Wikitech-l] Oauth non working properly
What's the url
What's the url of the dashboard? also, what is the url of the empty page
(that you get redirected to)?
On Sat, Aug 31, 2019 at 9:09 AM wrote:
> Hi all,
>
> I am doing an edit-a-thon and I have a strange behaviour with an user.
>
>
>
> He allows the use of Oauth for the Dashboard but he does the
Hi all,
I am doing an edit-a-thon and I have a strange behaviour with an user.
He allows the use of Oauth for the Dashboard but he does the login and he is
not redirected to the Dashboard. The page remains empty even if he is
logged.
Do you have an idea?
Kind regards
Ilario
Ivo,
Can you maybe describe what issues you're having? There are several people
who can help with OAuth, but finding the right person based on, what
language your Consumer is written, what framework you're using, or the
exact issue you're having, will be easier with more details.
On Fri, Oct 16,
On Thu, Oct 15, 2015 at 12:48 PM, Jon Katz wrote:
> haha, awesome. I'll actually take a look :)
Scratch that last comment. My wires got crossed. I am not the person to
talk to about OAuth. I am, however, a product manager on the reading team
interested in exploring
Hi!
I'm working on a commenting platform for Wikipedia -- WikiComment -- and
would need some help with getting OAuth working there. If someone has a bit
of time to help me with that, then please let me know.
http://wikicomment.ut.ee/
With regards
Ivo Kruusamägi
haha, awesome. I'll actually take a look :)
On Thu, Oct 15, 2015 at 10:27 AM, Ivo Kruusamägi
wrote:
> Hi!
>
> I'm working on a commenting platform for Wikipedia -- WikiComment -- and
> would need some help with getting OAuth working there. If someone has a bit
> of
Hi all,
OAuth support was added to MediaWiki two years ago, and has seen some
significant uptake.
(In case you are not familiar with it, OAuth[1] is a feature through which
users can allow tools to act in limited ways through their account, without
giving out their password. See Crosswatch[2] for
Hi all,
due to a scheduled migration [1] OAuth authorization and management will be
disabled between 21:00–23:00 UTC [2][3[. That means users will not be able
to enable new applications (ie. this dialog [4] will not work)
and developers and OAuth admins won't be able to
For those who run one of our 76(!) approved OAuth apps, or are using
OAuth extension on their own wiki..
We have a patch [1] from Mitar to allow OAuth apps to pass a
configurable callback during the OAuth handshake. This will probably
make a lot of app author's lives easier, but can also open up
On 27 August 2014 20:13, Chris Steipp cste...@wikimedia.org wrote:
* Assuming we implement one or two of: dynamic callbacks, automatic
approval of apps, or public consumers, but not all three, which are
most desired?
I would order them:
1. Public consumers. As I understand it, there's no
2014-03-19 20:34 GMT+01:00 Cristian Consonni kikkocrist...@gmail.com:
Eventually I found that in my case the source for the error was the
econding of title, since I was doing it (erroneously) two times, so
that, for example:
Teatro_comunale_(Bolzano) - Teatro_comunale_%28Bolzano%29
On Wed, Mar 19, 2014 at 3:20 PM, Magnus Manske
magnusman...@googlemail.comwrote:
Hi Brad,
I'm sure that's correct, but:
* When I just sign the OAuth params (no content type, no POST fields), I
get The authorization headers in your request are not valid: Invalid
signature
* When I then add
YES! THANK YOU!
The removal of http_build_query was the missing, secret ingredient. All is
well now in my OAuth world!
Thanks again,
Magnus
On Thu, Mar 20, 2014 at 2:05 PM, Brad Jorsch (Anomie) bjor...@wikimedia.org
wrote:
On Wed, Mar 19, 2014 at 3:20 PM, Magnus Manske
On Wed, Mar 19, 2014 at 12:07 PM, Magnus Manske magnusman...@googlemail.com
wrote:
Is there any example code for uploading local files to Commons via OAuth?
A trick I can't find? Anything?
The trick is that you only include the POST data in the signature when the
content-type is
I'm guessing the crop tool developer figured it out. That's not one use
case I have code for. If anyone has writing code, I'd love a link to it so
I can get a demo posted.
There is a trick to getting the form type right, since OAuth's spec
explicitly specified out doesn't work with multipart
Hi Brad,
I'm sure that's correct, but:
* When I just sign the OAuth params (no content type, no POST fields), I
get The authorization headers in your request are not valid: Invalid
signature
* When I then add the content-type to the header, I get ... the API help
page, wrapped in the XML tag
2014-03-19 20:20 GMT+01:00 Magnus Manske magnusman...@googlemail.com:
Hi Brad,
I'm sure that's correct, but:
* When I just sign the OAuth params (no content type, no POST fields), I
get The authorization headers in your request are not valid: Invalid
signature
* When I then add the
Unfortunately I wasn't able to get the recording to work, but everything we
discussed is here:
https://www.mediawiki.org/wiki/OAuth/For_Developers
The notes and examples should be able to get most people started
integrating their applications. But if you have trouble, ping me via email
or irc,
And if anyone's curious, the session helped me get identify implemented in
Wikimetrics: https://gerrit.wikimedia.org/r/#/c/102618/. I had to hack the
unmaintained Flask-Oauth module quite a bit, so eventually I might move to
rauth. But it seems to work and makes me feel fuzzier about using OAuth
On Fri, Dec 20, 2013 at 9:33 PM, Dan Andreescu dandree...@wikimedia.org wrote:
And if anyone's curious, the session helped me get identify implemented in
Wikimetrics: https://gerrit.wikimedia.org/r/#/c/102618/. I had to hack the
unmaintained Flask-Oauth module quite a bit, so eventually I
Just a reminder that I'll be running a training tomorrow for any developers
interested in OAuth at 11am PST / 19:00 UTC. If you're still interested,
let me know and I'll add you to the hangout invite list. For everyone who
already responded, I'll send you the link in a bit.
Several people asked
Dear all,
OAuth is currently broken on any wiki that has CirrusSearch deployed to it
in either primary or secondary mode.
We're working on getting this issue fixed as soon as possible. I'll post an
update here when we have a timescale for the fix.
Thanks,
Dan
--
Dan Garry
Associate Product
For reference, the list of wikis which Cirrus is deployed, and therefore
where OAuth is broken, is available here:
https://www.mediawiki.org/wiki/Search#Wikis
Dan
On 12 December 2013 16:46, Dan Garry dga...@wikimedia.org wrote:
Dear all,
OAuth is currently broken on any wiki that has
Note that the wikis that say they were deployed on December 11th but do not
have a strike through them have Cirrus running, but their indexes are still
being built. I believe OAuth will be broken on those wikis as well.
This requires two fixes to actually fix, both of which are in review state
On Thu, Dec 12, 2013 at 11:53 AM, Nikolas Everett never...@wikimedia.orgwrote:
Note that the wikis that say they were deployed on December 11th but do
not have a strike through them have Cirrus running, but their indexes are
still being built. I believe OAuth will be broken on those wikis as
I'll probably try and attend, although it's during the day so there's no
guarantee my boss won't randomly schedule a meeting or something.
*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class of 2016
Major in Computer Science
On Tue, Dec 10, 2013 at 11:43 PM, Aaron Halfaker
Hi all,
For any developers who have been thinking about connecting their
application to MediaWiki, but haven't gotten around to diving in, I'm going
to have a short training/workshop session next week. I'll give a brief
intro to using the version of OAuth that we're running, and walk through
some
I'm bummed that I won't be able to join in since this overlaps
substantially with the Analytics Research Data showcase that starts @
11:30 AM PST. Would you be interested in recording the presentation for
those of us who cannot attend?
-Aaron
On Tue, Dec 10, 2013 at 6:47 PM, Chris Steipp
Hi Chris,
On 22 October 2013 05:45, Chris Steipp cste...@wikimedia.org wrote:
OAuth does not support this, since the results of an api call
using OAuth signatures aren't signed (only the request from the OAuth
consumer is signed), so it's possible that an attacker could forge a
response back
On 10/21/2013 08:45 PM, Chris Steipp wrote:
Hi all,
I wanted to get some input from you all about any ideas or plans they have
for identifying OAuth user in your applications.
tl;dr, Since lots of people want to do authentication with OAuth, I'm
thinking we'll implement a custom way to get
On Tue, Oct 22, 2013 at 1:57 AM, Merlijn van Deen valhall...@arctus.nlwrote:
Hi Chris,
On 22 October 2013 05:45, Chris Steipp cste...@wikimedia.org wrote:
OAuth does not support this, since the results of an api call
using OAuth signatures aren't signed (only the request from the OAuth
I am basically interested only in oauth that can be used by remote
applications / processes running on user's PC, which isn't available
yet
On Tue, Oct 22, 2013 at 7:18 PM, Chris Steipp cste...@wikimedia.org wrote:
On Tue, Oct 22, 2013 at 1:57 AM, Merlijn van Deen valhall...@arctus.nlwrote:
Hi
On Tue, Oct 22, 2013 at 10:33 AM, Petr Bena benap...@gmail.com wrote:
I am basically interested only in oauth that can be used by remote
applications / processes running on user's PC, which isn't available
yet
This is the second most requested feature that we don't support yet.
We've been
Do you realize that these application are asking users for their
password in this moment? That seems to me even worse than oauth with
these caviots
On Tue, Oct 22, 2013 at 7:54 PM, Chris Steipp cste...@wikimedia.org wrote:
On Tue, Oct 22, 2013 at 10:33 AM, Petr Bena benap...@gmail.com wrote:
I
Petr Bena wrote:
Do you realize that these application are asking users for their
password in this moment? That seems to me even worse than oauth with
these caviots
Which applications are asking users for their password?
The only partial example I can come up with off-hand is AutoWikiBrowser,
Hi all,
I wanted to get some input from you all about any ideas or plans they have
for identifying OAuth user in your applications.
tl;dr, Since lots of people want to do authentication with OAuth, I'm
thinking we'll implement a custom way to get identity information from the
wiki in the near
Done:
https://bugzilla.wikimedia.org/show_bug.cgi?id=53322
On Fri, Aug 23, 2013 at 1:22 PM, Chris Steipp cste...@wikimedia.org wrote:
On Fri, Aug 23, 2013 at 8:59 AM, Petr Bena benap...@gmail.com wrote:
I am just wondering if we really need so complicated names like
On Wed, Aug 21, 2013 at 5:04 PM, Chris Steipp cste...@wikimedia.org wrote:
On Wed, Aug 21, 2013 at 2:05 AM, Nicolas Vervelle nverve...@gmail.com
wrote:
Hi,
I'm completely new to OAuth, so bear with me if my questions are basic
or I
missed a point ;-)
It seems interesting, but seems
On Fri, Aug 23, 2013 at 10:38 AM, Nicolas Vervelle nverve...@gmail.comwrote:
On Wed, Aug 21, 2013 at 5:04 PM, Chris Steipp cste...@wikimedia.org
wrote:
For bots too, I'd like to have the extension implement something like
I am just wondering if we really need so complicated names like
[[Special:MWOAuthManageMyGrants]]
Couldn't it be just [[Special:MWOAuthManage]]
or [[Special:MWOAuthGrants]]
On Fri, Aug 23, 2013 at 5:52 PM, Brad Jorsch (Anomie)
bjor...@wikimedia.org wrote:
On Fri, Aug 23, 2013 at 10:38 AM,
On Fri, Aug 23, 2013 at 7:38 AM, Nicolas Vervelle nverve...@gmail.comwrote:
The best workaround now is probably to have each user register their copy
of your desktop application as its own consumer. It's a little ugly
having
to give your user instructions on cutting and pasting tokens and
On Fri, Aug 23, 2013 at 8:59 AM, Petr Bena benap...@gmail.com wrote:
I am just wondering if we really need so complicated names like
[[Special:MWOAuthManageMyGrants]]
Couldn't it be just [[Special:MWOAuthManage]]
or [[Special:MWOAuthGrants]]
I think it would make sense. Could you open
Hi,
I'm completely new to OAuth, so bear with me if my questions are basic or I
missed a point ;-)
It seems interesting, but seems very oriented for web applications, not so
much for desktop applications.
I'm interested in developing this for WPCleaner [1], which is a desktop
application.
Is the
Shouldn't Special:MWOAuth with no other parameters do something better than
just returning an error?
Also, how is normal user supposed to learn about
Special:MWOAuthManageMyGrants?
I would expect this to be available from Preferences, but I didn't find
anything there.
Petr Onderka
On Wed, Aug 21, 2013 at 1:00 PM, Petr Onderka gsv...@gmail.com wrote:
Also, how is normal user supposed to learn about
Special:MWOAuthManageMyGrants?
I would expect this to be available from Preferences, but I didn't find
anything there.
There's a link to it on the first page of
On Wed, Aug 21, 2013 at 5:05 AM, Nicolas Vervelle nverve...@gmail.comwrote:
I'm completely new to OAuth, so bear with me if my questions are basic or I
missed a point ;-)
It seems interesting, but seems very oriented for web applications, not so
much for desktop applications.
I cannot speak
On Wed, Aug 21, 2013 at 2:05 AM, Nicolas Vervelle nverve...@gmail.comwrote:
Hi,
I'm completely new to OAuth, so bear with me if my questions are basic or I
missed a point ;-)
It seems interesting, but seems very oriented for web applications, not so
much for desktop applications.
This is
On Wed, Aug 21, 2013 at 5:05 AM, Nicolas Vervelle nverve...@gmail.comwrote:
I'm completely new to OAuth, so bear with me if my questions are basic or
I missed a point ;-)
You have some good questions here.
I'm interested in developing this for WPCleaner [1], which is a desktop
As mentioned earlier this week, we deployed an initial version of the OAuth
extension to the test wikis yesterday. I wanted to follow up with a few
more details about the extension that we deployed (although if you're just
curious about OAuth in general, I recommend starting at oauth.net, or
This is highly anticipated on my part and awesome. I will integrate it
into wikimetrics asap.
Dan
On Tue, Aug 20, 2013 at 9:15 PM, Chris Steipp cste...@wikimedia.org wrote:
As mentioned earlier this week, we deployed an initial version of the OAuth
extension to the test wikis yesterday. I
There was a discussion recently about OAuth, and I just saw this blog
posthttp://insanecoding.blogspot.com/2013/03/oauth-great-way-to-cripple-your-api.html
(posted
on
slashdothttp://tech.slashdot.org/story/13/03/22/1439235/a-truckload-of-oauth-issues-that-would-make-any-author-quit)
with some
Most of those concerns are valid. Daniel Friesnen has managed to convince
me that OAuth is absolutely horrible, and that we will probably have to
make our own authentication framework.
*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class of 2015
Major in Computer Science
Hoi,
MAY I QUOTE YOU ???
Thanks,
GerardM
On 22 March 2013 17:11, Tyler Romeo tylerro...@gmail.com wrote:
Most of those concerns are valid. Daniel Friesnen has managed to convince
me that OAuth is absolutely horrible, and that we will probably have to
make our own authentication
I think the caricature of OAuth there should be taken with a grain of
salt. The author talks about OAuth, but seems to be referring to
OAuth 2 primarily, which is very different from OAuth 1. Also, the
author says that the protocol was designed for authorizing
website-to-website communication, but
On Fri, Mar 22, 2013 at 8:59 AM, Yuri Astrakhan
yastrak...@wikimedia.org wrote:
There was a discussion recently about OAuth, and I just saw this blog
posthttp://insanecoding.blogspot.com/2013/03/oauth-great-way-to-cripple-your-api.html
(posted
on
Oh yay, I actually convinced someone.
This post is a little different than mine. A random spattering of
high-level qualms with it. OAuth 2 not being a protocol. Flow issues
(though a little debatable). And some stuff about enterprise that
besides being irrelevant to us sounds like berating
On 03/22/2013 12:48 PM, Chris Steipp wrote:
I think the caricature of OAuth there should be taken with a grain of
salt. The author talks about OAuth, but seems to be referring to
OAuth 2 primarily, which is very different from OAuth 1. Also, the
author says that the protocol was designed for
Is anybody working on OAuth for MediaWiki? Because if not I might put
something together (i.e., start putting together design documents based on
http://www.mediawiki.org/wiki/OAuth).
*--*
*Tyler Romeo*
Stevens Institute of Technology, Class of 2015
Major in Computer Science
www.whizkidztech.com |
On Thu, 16 Aug 2012 11:39:54 -0700, Tyler Romeo tylerro...@gmail.com
wrote:
Is anybody working on OAuth for MediaWiki? Because if not I might put
something together (i.e., start putting together design documents based
on
http://www.mediawiki.org/wiki/OAuth).
*--*
*Tyler Romeo*
Stevens
Yeah I've noticed. I decided to start with reading the OAuth IETF document
first so I'm totally familiarized with the protocol. Then I'm going to look
at the PHP extension (although in the long run I don't want to have it as a
dependency), and finally I'm going to look through the mailing list and
Read both OAuth 2 (and it's Bearer and MAC specs) and the OAuth 1 RFC.
I would probably avoid reading the PHP code for it. I have a feeling that
it's
going to do nothing but give you some wrong ideas about how OAuth should
be implemented.
--
~Daniel Friesen (Dantman, Nadir-Seen-Fire)
Read both OAuth 2 (and it's Bearer and MAC specs) and the OAuth 1 RFC.
I would probably avoid reading the PHP code for it. I have a feeling that
it's going to do nothing but give you some wrong ideas about how OAuth
should be implemented.
I think he meant the OAuth extension for PHP [0] rather
Mhm, sounds good. *sigh* Going to be a long journey.
*--*
*Tyler Romeo*
Stevens Institute of Technology, Class of 2015
Major in Computer Science
www.whizkidztech.com | tylerro...@gmail.com
On Thu, Aug 16, 2012 at 3:23 PM, Daniel Friesen
li...@nadir-seen-fire.comwrote:
Read both OAuth 2 (and
I indeed meant the OAuth extension for PHP (the PECL one).
*--*
*Tyler Romeo*
Stevens Institute of Technology, Class of 2015
Major in Computer Science
www.whizkidztech.com | tylerro...@gmail.com
On Thu, Aug 16, 2012 at 3:41 PM, Derric Atzrott
datzr...@alizeepathology.com wrote:
Read both
Hi Tyler,
I've been slowly trying to organize getting an implementation done.
OAuth does have it's issues, but about once a week I have other
developers here at WMF who want to do a project that would be much
easier and more secure if we had OAuth.
We started a list of stories here
I wanted to get in a couple responses to Daniel, as well as try to
make sure the conversation doesn't die. Obviously having a lead person
in the OAuth2 process leave may effect what we want to implement. Or
may spawn a new standard in the near future. But I hope we can still
move ahead with laying
On Fri, 27 Jul 2012 10:59:30 -0700, Chris Steipp cste...@wikimedia.org
wrote:
I wanted to get in a couple responses to Daniel, as well as try to
make sure the conversation doesn't die. Obviously having a lead person
in the OAuth2 process leave may effect what we want to implement. Or
may
On Fri, Jul 27, 2012 at 3:05 PM, Daniel Friesen
li...@nadir-seen-fire.comwrote:
On Fri, 27 Jul 2012 10:59:30 -0700, Chris Steipp cste...@wikimedia.org
wrote:
I think I understand what your saying about that, and that's one way
it could be done. I had also given some thought to extending the
On Fri, 27 Jul 2012 16:03:34 -0700, Rob Lanphier ro...@wikimedia.org
wrote:
On Fri, Jul 27, 2012 at 3:05 PM, Daniel Friesen
li...@nadir-seen-fire.comwrote:
On Fri, 27 Jul 2012 10:59:30 -0700, Chris Steipp cste...@wikimedia.org
wrote:
I think I understand what your saying about that, and
From the start of the OAuth idea I've been thinking we should handle the
code in an abstract way.
ie: Applications and Authorizations should be something MediaWiki
implements internally in an abstract way. And then we write an OAuth
extension that extends this and lets you authorize OAuth 2
In the OAuth user stories it was suggested that we might want to support
OAuth Implicit Grant.
-- Explanation of Implicit Grant --
In OAuth 2 the Implicit Grant is one where you send the user to the
Authorization endpoint. The user allows your application access. And then
sends the user
I've been reading over various OAuth related specs and resources.
Some interesting things I learned while reading up:
== Clients cannot be trusted with security ==
As far as SSL/TLS goes, this doesn't provide OAuth with as much security
as one might think.
The whole SSL is broken factor aside
On 14 July 2012 11:30, Daniel Friesen li...@nadir-seen-fire.com wrote:
I've been reading over various OAuth related specs and resources.
Some interesting things I learned while reading up:
Can we have TL;DR version too? Anything else than there are many
problems with OAuth?
-Niklas
--
On Sat, 14 Jul 2012 06:09:54 -0700, Niklas Laxström
niklas.laxst...@gmail.com wrote:
On 14 July 2012 11:30, Daniel Friesen li...@nadir-seen-fire.com wrote:
I've been reading over various OAuth related specs and resources.
Some interesting things I learned while reading up:
Can we have
Hi all,
Thanks to everyone who contributed user stories about ways that would
like to see OAuth incorporated into MediaWiki!
A few of us here at WMF have looked at the stories, and I've distilled
them down to some general statements about what it seems like the
community wants from the project
I don't have much experiences in this area, but I really want to see
this happen, so if there is anything I can help with (for example set
up a test site on wikimedia labs where we could work on this), let me
know. As soon as there is any public code I can take a look in that
and try to
Some updates on this? Is WMF or someone going to work on this or it's
waiting for someone to start?
On Fri, Mar 16, 2012 at 3:19 PM, Petr Bena benap...@gmail.com wrote:
Sorry, few typos:
So, right now a question is if it's supposed to be implemented as
extension or in core, or both (in case
Petr,
OAuth is something we're committing to on the roadmap for Summer/Fall of
this year. So baring anything crazy occurring, oauth should be happening
over the next few months. I'm planning to help drive the process from WMF's
side, but it's something I'm hoping some people in the community will
The current version of http://www.mediawiki.org/wiki/OAuth was written by
me and Dario.
It's definitely a starting point and not a finished proposal. I am not sure
to what extent the OAuth 2
protocol has evolved since this was written but that definitely needs to be
checked.
Diederik
On Fri,
I still have the same stance on the topic as before:
http://thread.gmane.org/gmane.science.linguistics.wikipedia.technical/59502
I really don't want MediaWiki to fall into the trap of implementing this
in a way that ONLY works with OAuth 2, completely excludes other protocols
(OAuth 1,
Well, make sure to participate in the development of the system then!
On Fri, Apr 27, 2012 at 3:12 PM, Daniel Friesen
li...@nadir-seen-fire.com wrote:
I still have the same stance on the topic as before:
http://thread.gmane.org/gmane.science.linguistics.wikipedia.technical/59502
I really
Am 28.04.2012 00:18, schrieb Ryan Lane:
Well, make sure to participate in the development of the system then!
On Fri, Apr 27, 2012 at 3:12 PM, Daniel Friesen
li...@nadir-seen-fire.com wrote:
I still have the same stance on the topic as before:
sorry to drop in, just a question:
why haven't
sorry to drop in, just a question:
why haven't you ever thought about implementing Extension:OpenID ?
Well, this discussion is on OAuth. They do different things.
- Ryan
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
Am 28.04.2012 00:25, schrieb Ryan Lane:
sorry to drop in, just a question:
why haven't you ever thought about implementing Extension:OpenID ?
Well, this discussion is on OAuth. They do different things.
- Ryan
okay :
Good, concise answer Tom.
If you have an OAuth use case / user story, please update:
http://www.mediawiki.org/wiki/OAuth/User_stories
Thanks!
On Fri, Apr 27, 2012 at 3:29 PM, Thomas Gries m...@tgries.de wrote:
Am 28.04.2012 00:25, schrieb Ryan Lane:
sorry to drop in, just a question:
why
On Fri, Apr 27, 2012 at 4:05 PM, Chris Steipp cste...@wikimedia.org wrote:
If you have an OAuth use case / user story, please update:
http://www.mediawiki.org/wiki/OAuth/User_stories
Hi everyone,
I'd like to second this ^^^ Support for OAuth is not a binary thing,
and so we'll need these user
So, right now a question is if it's supposed to be implemented as
extension or in core, or both (in case extension can't be created now,
updated core do that it's possible).
I would rather make is as extension since there is a little benefit
for most of mediawiki users in having this feature. I
Sorry, few typos:
So, right now a question is if it's supposed to be implemented as
extension or in core, or both (in case extension can't be created now,
update core so that it's possible).
^ that's what I was about to say
On Fri, Mar 16, 2012 at 3:17 PM, Petr Bena benap...@gmail.com wrote:
Am 13.03.2012 16:10, schrieb John Erling Blad:
Exporting authentication from Mediawiki by OAuth is probably both
acceptable and interesting, even if OAuth is said to give a rather
weak security. It could be that people are a bit confused about OAuth
vs OpenID.
Please don't touch or change
On Tue, 13 Mar 2012 04:50:05 -0800, Petr Bena benap...@gmail.com wrote:
Hi, it's been almost 4 years since we came with the idea of
implementing an OAuth to mediawiki. I think it's time to start.
Question now is if it should be a part of core or extension for
mediawiki. I myself would rather
1 - 100 of 113 matches
Mail list logo