Make Selenium tests work with AuthManager
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Tgr
	May 20 2016, 9:51 PM

Description

AuthManager replaces the createaccount API; the new API is meant for generating UIs for humans (the fields and steps are not predictable and depend on what types of auth extensions are enabled). For browser tests, we would need a machine-oriented API though, something like the API version of user::newSystemUser. (Or maybe a session provider that identifies via some kind of shared secret and then just autocreates whatever username it is told to use?)

Example of errors caused by the lack of this: https://integration.wikimedia.org/ci/job/mwext-mw-selenium/6607/console

Given I am logged into the mobile website # features/step_definitions/common_steps.rb:28
  The token parameter must be set (createnotoken) (MediawikiApi::ApiError)
  ./features/step_definitions/common_steps.rb:30:in `/^I am logged into the mobile website$/'

Details

Subject	Repo	Branch	Lines +/-
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Echo	REL1_27	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Echo	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/MobileFrontend	REL1_27	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/MobileFrontend	master	+7 -10
Make Selenium tests work with AuthManager	mediawiki/core	master	+9 -9
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/ArticleFeedbackv5	master	+57 -36
Update dependency of mediawiki_api	wikidata/browsertests	master	+12 -12
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Wikibase	master	+12 -12
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/VisualEditor	master	+10 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/ContentTranslation	master	+22 -20
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Popups	master	+1 -1
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/MultimediaViewer	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/QuickSurveys	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Flow	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/CentralNotice	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/CentralAuth	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/GettingStarted	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/PageTriage	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/PdfHandler	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/RelatedArticles	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/WikiLove	master	+7 -10
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/ZeroPortal	master	+14 -18
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/TwnMainPage	master	+19 -20
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/UniversalLanguageSelector	master	+19 -20
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Translate	master	+19 -20
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Gather	master	+1 -1
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Wikidata	master	+1 -1
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/CirrusSearch	master	+1 -1
Update mediawiki_api gem to 1.7.1	mediawiki/extensions/Math	master	+1 -1
[DO NOT MERGE] Test mediawiki_api Selenium helper with AuthManager	mediawiki/extensions/MobileFrontend	master	+2 -1
Update account creation code for AuthManager	mediawiki/ruby/api	master	+141 -35

Related Objects
Search...

Status	Subtype	Assigned	Task
Resolved		• Deskana	T75616 Tracking: API/backend issues blocking Wikipedia app development
Resolved		Anomie	T32788 Allow triggering of user password reset email via the API
Open		None	T90925 General authentication improvements for MediaWiki
Resolved		Anomie	T48179 Allow a challenge stage during authentication
Open		None	T5709 Refactoring to make external authentication and identity systems easier
Resolved		Tgr	T43201 UserLoadFromSession considered evil
Resolved		Anomie	T67493 Session is started by EditAction (problem for extensions using UserLoadFromSession hook)
Open	Feature	None	T55156 Provide option to force a login session to end within a certain time
Open		None	T89459 Modernize MediaWiki authentication system (AuthManager)
Resolved		• demon	T135498 Release AuthManager with MediaWiki 1.27
Resolved		None	T130340 [Reading Infrastructure 2015-16 Q4] Enable two-factor authentication via AuthManager on the Wikimedia cluster
Resolved		• Mattflaschen-WMF	T68699 Increase "remember me" login cookie expiry from 30 days to 1 year on Wikimedia wikis
Resolved		Tgr	T135504 Enable AuthManager in WMF production
Resolved		Tgr	T135884 Make Selenium tests work with AuthManager

Event Timeline

Tgr created this task.May 20 2016, 9:51 PM

Restricted Application added subscribers: Zppix, Aklapper. · View Herald TranscriptMay 20 2016, 9:51 PM

Tgr added a parent task: T135504: Enable AuthManager in WMF production.May 20 2016, 9:52 PM

In the shorter term, $wgDisableAuthManager = true should probably be set for CI MediaWiki installs which run browser tests (but ideally not for the ones which run PHPUnit). Or if that's not possible just revert https://gerrit.wikimedia.org/r/#/c/289498/ which triggered this.

Reverted out of master for now, we'll revisit Monday prior to cutting the RC.

Tgr updated the task description. (Show Details)May 23 2016, 2:47 PM

Change 290269 had a related patch set uploaded (by Gergő Tisza):
Update account creation code for AuthManager

https://gerrit.wikimedia.org/r/290269

gerritbot added a project: Patch-For-Review.May 23 2016, 4:58 PM

The shared-secret SessionProvider is a good idea if the tests just need to be logged in and not worry about how that happened. Or, if you can assume a $wgAuthManagerConfig with no surprises (e.g. no ConfirmEdit, no two-factor auth extension offering to set itself up), you can treat the new action=createaccount much like the old one and just feed it what it expects.

Difficulties with a general machine-usable account creation API include:

Chances are the features that make it machine-usable would also make it attractive to spammers and other attackers. For example, it would have to bypass captchas.
AuthManager specifically includes interactive methods of establishing authentication credentials for the account, such as interacting with a third-party authentication service.

Note we have the same problem with login under AuthManager, and note the solutions for machine-usable login: OAuth, a shared-secret SessionProvider, and BotPasswords, which bypasses AuthManager entirely while trying to reduce the security risk by limiting the userrights available to the session, requiring long randomly generated passwords, and restricting use to the API only.

Change 290269 merged by Zfilipin:
Update account creation code for AuthManager

https://gerrit.wikimedia.org/r/290269

Change 290805 had a related patch set uploaded (by Gergő Tisza):
[DO NOT MERGE] Test mediawiki_api Selenium helper with AuthManager

https://gerrit.wikimedia.org/r/290805

Change 290805 abandoned by Gergő Tisza:
[DO NOT MERGE] Test mediawiki_api Selenium helper with AuthManager

Reason:
Works as expected.

https://gerrit.wikimedia.org/r/290805

Change 290832 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290832

Change 290833 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290833

Change 290834 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290834

Change 290837 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290837

Change 290838 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290838

Change 290839 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290839

Change 290840 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290840

Change 290841 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290841

Change 290842 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290842

Change 290843 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290843

Change 290844 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290844

Change 290845 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290845

Change 290846 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290846

Change 290847 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290847

Change 290848 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290848

Change 290849 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290849

Change 290850 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290850

Change 290851 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290851

Change 290852 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290852

Change 290853 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290853

Change 290854 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290854

Change 290855 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290855

Change 290856 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290856

Change 290857 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290857

Change 290858 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290858

Tgr mentioned this in rEQS5145b812a820: Update mediawiki_api gem to 1.7.1.May 25 2016, 11:51 PM

Change 290843 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290843

Change 290837 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290837

I looked at a few of these patches and they do not update the Gemfile.lock after the Gemfile was changed. Please amend so they can be merged.

Change 290897 had a related patch set uploaded (by JanZerebecki):
Update dependency of mediawiki_api

https://gerrit.wikimedia.org/r/290897

Change 290856 abandoned by JanZerebecki:
Update mediawiki_api gem to 1.7.1

Reason:
There is now one for both Wikibase and one for browsertests.

https://gerrit.wikimedia.org/r/290856

Change 290841 abandoned by JanZerebecki:
Update mediawiki_api gem to 1.7.1

Reason:
Extension is archived.

https://gerrit.wikimedia.org/r/290841

JanZerebecki mentioned this in R1909:7d53438deaa5: Update dependency of mediawiki_api.May 26 2016, 9:26 AM

Tgr mentioned this in rEQS73f011526cc4: Update mediawiki_api gem to 1.7.1.May 26 2016, 10:56 AM

Change 290851 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290851

Change 290853 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290853

Change 290852 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290852

Change 290844 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290844

Change 290858 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290858

Change 290857 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290857

Change 290845 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290845

Change 290839 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290839

Change 290850 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290850

Change 290847 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290847

Change 290849 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290849

Change 290846 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290846

Change 290840 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290840

Change 290842 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290842

Change 290833 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290833

Change 290834 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290834

Change 290848 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290848

Change 290838 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290838

Change 290854 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290854

Tgr mentioned this in R1909:63604dbfc5e6: Update dependency of mediawiki_api.May 27 2016, 12:17 PM

Tgr mentioned this in R1909:6d4fdebc38c1: Update dependency of mediawiki_api.May 27 2016, 12:24 PM

Tgr mentioned this in R1909:50d00f6e6a58: Update dependency of mediawiki_api.May 27 2016, 12:29 PM

Tgr mentioned this in R1909:1801a4c39b09: Update dependency of mediawiki_api.May 27 2016, 12:41 PM

Tgr mentioned this in R1909:dc1d431897ff: Update dependency of mediawiki_api.May 27 2016, 1:05 PM

Change 290855 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290855

Change 290897 merged by jenkins-bot:
Update dependency of mediawiki_api

https://gerrit.wikimedia.org/r/290897

Tgr closed this task as Resolved.May 27 2016, 3:35 PM

Tgr claimed this task.

Well done @Tgr and thank you very much.

Change 290832 abandoned by Gergő Tisza:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/290832

ReleaseTaggerBot added a project: MW-1.28-release (WMF-deploy-2016-06-07_(1.28.0-wmf.5)).May 31 2016, 10:01 PM

Anomie mentioned this in T137885: mediawiki/core selenium tests targeting mediawiki-vagrant are failing with `The token parameter must be set (createnotoken) (MediawikiApi::ApiError)`.Jun 15 2016, 1:33 PM

Change 294493 had a related patch set uploaded (by Zfilipin):
Make Selenium tests work with AuthManager

https://gerrit.wikimedia.org/r/294493

Change 294493 merged by jenkins-bot:
Make Selenium tests work with AuthManager

https://gerrit.wikimedia.org/r/294493

Change 296523 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/296523

Change 296523 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/296523

Change 296532 had a related patch set uploaded (by Gergő Tisza):
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/296532

Change 296532 merged by jenkins-bot:
Update mediawiki_api gem to 1.7.1

https://gerrit.wikimedia.org/r/296532

Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:39 PM

Make Selenium tests work with AuthManagerClosed, ResolvedPublicActions

Description

Details

Related ObjectsSearch...

Event Timeline

Make Selenium tests work with AuthManager
Closed, ResolvedPublic
Actions

Related Objects
Search...