Page MenuHomePhabricator
Create Task
Maniphest T110288

Update OpenStackManager to use AuthManager
Closed, ResolvedPublic
Actions

Description

Needs a way to interact with LdapAuthentication when it is the primary provider.

Details

SubjectRepoBranchLines +/-
Preserve shell account field for AuthManagermediawiki/extensions/OpenStackManagerREL1_27+110 -1
Preserve shell account field for AuthManagermediawiki/extensions/OpenStackManagermaster+110 -1
Preserve shell account field for AuthManagermediawiki/extensions/OpenStackManagerwmf/1.28.0-wmf.5+110 -1
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
 Resolved DeskanaT75616 Tracking: API/backend issues blocking Wikipedia app development
 ResolvedAnomieT32788 Allow triggering of user password reset email via the API
 OpenNoneT90925 General authentication improvements for MediaWiki
 ResolvedAnomieT48179 Allow a challenge stage during authentication
 OpenNoneT5709 Refactoring to make external authentication and identity systems easier
 ResolvedTgrT43201 UserLoadFromSession considered evil
 ResolvedAnomieT67493 Session is started by EditAction (problem for extensions using UserLoadFromSession hook)
 OpenFeatureNoneT55156 Provide option to force a login session to end within a certain time
 OpenNoneT89459 Modernize MediaWiki authentication system (AuthManager)
 OpenNoneT110291 Update all extensions to use AuthManager
 Resolved demonT135498 Release AuthManager with MediaWiki 1.27
 ResolvedTgrT138910 Backport AuthManager-related changes to 1.27
 ResolvedNoneT130340 [Reading Infrastructure 2015-16 Q4] Enable two-factor authentication via AuthManager on the Wikimedia cluster
 Resolved Mattflaschen-WMFT68699 Increase "remember me" login cookie expiry from 30 days to 1 year on Wikimedia wikis
 ResolvedTgrT135504 Enable AuthManager in WMF production
 ResolvedAnomieT110282 Update extensions which are deployed on the Wikimedia cluster to use AuthManager
 ResolvedAnomieT110288 Update OpenStackManager to use AuthManager
 ResolvedAnomieT110453 Update LdapAuthentication to use AuthManager
 Resolvedbd808T128501 Create role for testing/developing LDAPAuth

Event Timeline

Tgr created this task.Aug 26 2015, 6:35 AM
Tgr raised the priority of this task from to Needs Triage.
Tgr updated the task description. (Show Details)
Tgr added projects: Reading-Infrastructure-Team-Old (Don't use), MediaWiki-Core-AuthManager, MediaWiki-extensions-OpenStackManager.
Tgr added a subtask: T110284: Update LdapAuthentication to use AuthManager.
Tgr added subscribers: Aklapper, Tgr.
Krenair subscribed.Aug 26 2015, 1:09 PM
bd808 moved this task from Backlog to AuthManager Backlog on the MediaWiki-Core-AuthManager board.Aug 26 2015, 5:33 PM
Tgr edited subtasks, added: T110453: Update LdapAuthentication to use AuthManager; removed: T110284: Update LdapAuthentication to use AuthManager.Sep 4 2015, 2:58 AM
Liuxinyu970226 set Security to None.Sep 4 2015, 9:22 AM
bd808 merged a task: T110461: Update OpenStackManager to use AuthManager.Jan 28 2016, 6:48 PM
bd808 added subscribers: StudiesWorld, Liuxinyu970226.
Anomie subscribed.May 11 2016, 9:13 PM

The hard part is done with the merge of rEOSTca5602fbc403: Adjust to changes to LdapAuthentication in preparation for AuthManager. The one bit remaining is the use of the AbortNewAccount hook, which technically should be turned into a PreAuthenticationProvider but I'm somewhat inclined to just let LegacyHookPreAuthenticationProvider handle this one until OpenStackManager is killed.

Should we be lazy, or should we do the PreAuthenticationProvider?

Anomie added a comment.May 11 2016, 9:14 PM

Note that "do the PreAuthenticationProvider" probably also wants it converted to use extension.json so we can use a callback to check $wgDisableAuthManager at the right time.

Tgr added a comment.May 12 2016, 12:18 AM

I don't see much point in doing it if the extension is about to be abandoned anyway.

Anomie mentioned this in T110282: Update extensions which are deployed on the Wikimedia cluster to use AuthManager.May 12 2016, 8:49 PM
Anomie closed this task as Resolved.May 17 2016, 6:24 PM
Anomie claimed this task.

Ok, let's declare victory here.

Liuxinyu970226 unsubscribed.May 19 2016, 5:06 AM
Anomie closed subtask T110453: Update LdapAuthentication to use AuthManager as Resolved.May 31 2016, 3:31 PM
Tgr added a comment.Jun 8 2016, 4:43 PM
In T110288#2286963, @Anomie wrote:

The one bit remaining is the use of the AbortNewAccount hook, which technically should be turned into a PreAuthenticationProvider but I'm somewhat inclined to just let LegacyHookPreAuthenticationProvider handle this one until OpenStackManager is killed.

That didn't work out because the extension used some LdapAuthentication proxy hooks (e.g. LDAPModifyUITemplate instead of UserLoginForm) and those got disabled when LdapAuthentication was updated.

gerritbot subscribed.Jun 8 2016, 4:45 PM

Change 293130 had a related patch set uploaded (by Gergő Tisza):
Preserve shell account field for AuthManager

https://gerrit.wikimedia.org/r/293130

gerritbot added a project: Patch-For-Review.Jun 8 2016, 4:45 PM
gerritbot added a comment.Jun 8 2016, 7:46 PM

Change 293130 merged by jenkins-bot:
Preserve shell account field for AuthManager

https://gerrit.wikimedia.org/r/293130

ReleaseTaggerBot added a project: MW-1.28-release (WMF-deploy-2016-06-14_(1.28.0-wmf.6)).Jun 8 2016, 8:00 PM
gerritbot added a comment.Jun 8 2016, 10:12 PM

Change 293431 had a related patch set uploaded (by Gergő Tisza):
Preserve shell account field for AuthManager

https://gerrit.wikimedia.org/r/293431

gerritbot added a comment.Jun 8 2016, 10:14 PM

Change 293431 merged by jenkins-bot:
Preserve shell account field for AuthManager

https://gerrit.wikimedia.org/r/293431

ReleaseTaggerBot added a project: MW-1.28-release (WMF-deploy-2016-06-07_(1.28.0-wmf.5)).Jun 8 2016, 11:00 PM
gerritbot added a comment.Jun 29 2016, 7:21 AM

Change 296515 had a related patch set uploaded (by Gergő Tisza):
Preserve shell account field for AuthManager

https://gerrit.wikimedia.org/r/296515

gerritbot added a comment.Jul 6 2016, 12:35 AM

Change 296515 merged by jenkins-bot:
Preserve shell account field for AuthManager

https://gerrit.wikimedia.org/r/296515

Fjalapeno edited projects, added Product-Infrastructure-Team-Backlog-Deprecated; removed MW-1.28-release (WMF-deploy-2016-06-07_(1.28.0-wmf.5)), Reading-Infrastructure-Team-Old (Don't use).Jun 7 2017, 2:58 PM
Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:39 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL