Page MenuHomePhabricator

Add OAuth support for Pywikibot
Closed, ResolvedPublic

Description

Summary

Try to integrate basic OAuth functions with Pywikibot. Insipred by @jayvdb's comment on T102599

Pywikibot will supply OauthLoginManager to fetch OAuth access token (comparing to the original LoginManager fetching cookies). Pywikibot can be configured to use OAuth tokens instead of cookies as authentication information to send http requests.

Patch merged on Gerrit: https://gerrit.wikimedia.org/r/219787

Authentication using OAuth

Pywikibot has two types of account: user and sysop, so we may need two types of OAuth consumer when using OAuth for authentication: the first one is for common user, which need basic rights, the second is for sysop, which need advanced rights. Those rights can be configured when proposing a new OAuth consumer. For now, we just consider supporting user.

OAuth is supported through authenticate defined in user-config.py like http basic auth. OAuth tokens can be fetched by using scripts/login.py. Then user could set tokens in authenticate for target site. Pywikibot will use the user-defined tokens for OAuth authentication.

OAuth token fetching involves user interaction which is implemented in OauthLoginManager.

Main idea

  1. OauthLoginManager: a new login manager to fetch access token using mwoauth.
  1. User interface of OAuth authentication: scripts/login.py. Users could use this script to finish OAuth authentication and get the OAuth tokens.
  1. OAuth configuration:
    1. Use authenticate dict to configure OAuth tokens in user-config.py
    2. Adapt pywikibot/comms/http.py to OAuth tokens
  1. Tests: tests/oauth_test.py:
    1. OAuthSiteTestCase: The test class for testing sites which enable OAuth.
    2. TestOauthLoginManger: The test case uses OAuth tokens configured in environmental variables to test OauthLoginManager.

Event Timeline

VcamX created this task.Jun 16 2015, 10:44 AM
VcamX claimed this task.
VcamX raised the priority of this task from to Normal.
VcamX updated the task description. (Show Details)
VcamX added a project: Pywikibot-OAuth.
VcamX added subscribers: Sitic, Halfak, jayvdb and 2 others.

Change 219787 had a related patch set uploaded (by VcamX):
Integrate OAuth login mechanism

https://gerrit.wikimedia.org/r/219787

VcamX updated the task description. (Show Details)Jun 22 2015, 8:21 AM
VcamX removed a project: Patch-For-Review.
VcamX set Security to None.
VcamX removed a subscriber: gerritbot.
VcamX updated the task description. (Show Details)Jun 22 2015, 8:23 AM
VcamX updated the task description. (Show Details)Jun 23 2015, 10:55 AM
VcamX updated the task description. (Show Details)Jun 29 2015, 4:35 PM
VcamX updated the task description. (Show Details)Jul 2 2015, 7:03 AM

Change 219787 merged by jenkins-bot:
Add OAuth support for Pywikibot

https://gerrit.wikimedia.org/r/219787

VcamX renamed this task from Create OauthLoginManager with basic tests to Add OAuth support for Pywikibot.Aug 17 2015, 1:19 PM
VcamX closed this task as Resolved.
VcamX updated the task description. (Show Details)
whym added a subscriber: whym.Oct 29 2016, 3:07 AM

Pywikibot has two types of account: user and sysop, so we may need two types of OAuth consumer when using OAuth for authentication: the first one is for common user, which need basic rights, the second is for sysop, which need advanced rights. Those rights can be configured when proposing a new OAuth consumer.

I think this part is continued in T142303.