Pywikibot will supply OauthLoginManager to fetch OAuth access token (comparing to the original LoginManager fetching cookies). Pywikibot can be configured to use OAuth tokens instead of cookies as authentication information to send http requests.
Patch merged on Gerrit: https://gerrit.wikimedia.org/r/219787
Authentication using OAuth
Pywikibot has two types of account: user and sysop, so we may need two types of OAuth consumer when using OAuth for authentication: the first one is for common user, which need basic rights, the second is for sysop, which need advanced rights. Those rights can be configured when proposing a new OAuth consumer. For now, we just consider supporting user.
OAuth is supported through authenticate defined in user-config.py like http basic auth. OAuth tokens can be fetched by using scripts/login.py. Then user could set tokens in authenticate for target site. Pywikibot will use the user-defined tokens for OAuth authentication.
OAuth token fetching involves user interaction which is implemented in OauthLoginManager.
- OauthLoginManager: a new login manager to fetch access token using mwoauth.
- User interface of OAuth authentication: scripts/login.py. Users could use this script to finish OAuth authentication and get the OAuth tokens.
- OAuth configuration:
- Use authenticate dict to configure OAuth tokens in user-config.py
- Adapt pywikibot/comms/http.py to OAuth tokens
- Tests: tests/oauth_test.py:
- OAuthSiteTestCase: The test class for testing sites which enable OAuth.
- TestOauthLoginManger: The test case uses OAuth tokens configured in environmental variables to test OauthLoginManager.