Page MenuHomePhabricator

OAuth authorization fails if account does not exist on the central wiki
Closed, ResolvedPublic

Description

Steps to reproduce:

  • create a new account, make sure it exists (and is logged in) centrally but does not exist locally on the central OAuth wiki. (On WMF wikis this is only possible when the account autocreation script errors out.)
  • try to authorize an OAuth consumer on some non-central wiki

You will get Unified login needed, E008.


See T94885 for reports of this bug.

Event Timeline

Tgr created this task.Oct 19 2016, 10:51 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 19 2016, 10:51 PM

Change 316914 had a related patch set uploaded (by Gergő Tisza):
Relax requirement for the user having an account on the central wiki

https://gerrit.wikimedia.org/r/316914

Is this just stuck waiting for code review? Would love to get the E008 issues wrapped up!

@Tgr what's the status with this?

Tgr added a subscriber: Anomie.Jan 5 2017, 1:52 AM

Still waiting for CR. @Anomie do you have time to look at it? It's a fairly simple change.

Per Anomie, someone from Security should take a look at the patch.

SamanthaNguyen triaged this task as Lowest priority.Jan 8 2017, 12:01 AM
SamanthaNguyen moved this task from Backlog / Other to Patch pending review on the Security board.

Change 316914 merged by jenkins-bot:
Relax requirement of the user having an account on the central wiki

https://gerrit.wikimedia.org/r/316914

Anomie closed this task as Resolved.Jan 18 2017, 3:49 PM
Anomie assigned this task to Tgr.