I think you can completely remove api.js and ForeignApi.js, I upstreamed the remaining bits of their functionality recently.
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | Jdlrobson | T110102 Completely remove api.js and ForeignApi.js, their functionality has been upstreamed | |||
| Resolved | matmarex | T66636 Upstream ForeignAPI code in MobileFrontend into core/CentralAuth | |||
| Resolved | Jdlrobson | T113752 Convert PageApi to PageGateway pattern | |||
| Resolved | Jdlrobson | T113753 Convert WatchstarApi to gateway class | |||
| Resolved | Jdlrobson | T115146 Convert CollectionsApi and RelatedPagesApi in Gather to Gateways |
Change 233635 had a related patch set uploaded (by Jdlrobson):
WIP: Use core code where available for api
Thanks for this update matmarex. It's a little disappointing we seem to have repeated efforts on the progress events. Would be great to think about how we can do this better in future.
Unfortunately I still can't fully remove it - my patch removes everything we can though. Would be great to get this even leaner by considering whether Api should use event emitter and whether ForeignApi can support jsonp
I basically copied the code for tracking upload progress from MobileFrontend wholesale, I only changed how the actual events are emitted – as you say, we're not using OOjs EventEmitter in mediawiki.api currently, so I thought it was more consistent not to introduce it and instead use the notify/progress feature of jQuery.Deferred. Is this problematic?
I'm not sure what you mean by "support JSONP". If you want to perform non-authenticated[1] requests, you can explicitly pass centralauthtoken: false, and no token will be acquired or sent. Do you need the ability to actually use JSONP requests with a callback explicitly?
(By the way, I only just tested it and discovered that api.php?callback=foo¢ralauthtoken=bar&... always fails with a badtoken error, even if the token is in fact correct. Interesting.)
[1] Or rather, a request with whatever cookies the browser happens to have for the target domain, which might correspond to a logged-in user.
You can take a look at https://gerrit.wikimedia.org/r/233635 to see what we're doing differently in MobileFrontend.
Essentially we only do a GET request via CORS when we have to to make working locally without vagrant easier and avoiding handshaking for tokens. Once that's merged I'm happy to iterate further and try and get MobileFrontend completely using core's api code.
In terms of new approach around progress that's cool - I had understood incorrectly that you guys had implemented it separately. The frontend standards group would be a great place to talk about things we are doing and identify code which extensions are using that are likely to be of use to others in future.
Change 233635 abandoned by Jdlrobson:
Hygiene: Use core code where available for api
Reason:
https://gerrit.wikimedia.org/r/237279 < new approach
Change 238992 had a related patch set uploaded (by Jdlrobson):
WIP: Remove api code from MobileFrontend