Page MenuHomePhabricator
Create Task
Maniphest T148696

OAuth authorization fails if account does not exist on the central wiki
Closed, ResolvedPublic
Actions

Description

Steps to reproduce:

  • create a new account, make sure it exists (and is logged in) centrally but does not exist locally on the central OAuth wiki. (On WMF wikis this is only possible when the account autocreation script errors out.)
  • try to authorize an OAuth consumer on some non-central wiki

You will get Unified login needed, E008.

See T94885 for reports of this bug.

Details

SubjectRepoBranchLines +/-
Relax requirement of the user having an account on the central wikimediawiki/extensions/OAuthmaster+7 -11
Customize query in gerrit

Related Objects

Event Timeline

Tgr created this task.Oct 19 2016, 10:51 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 19 2016, 10:51 PM
Tgr mentioned this in T94885: OAuth: authorization fails if the user never visited a foreign wiki (and account was created before centralauth autocreation was enabled).Oct 19 2016, 10:53 PM
gerritbot subscribed.Oct 20 2016, 12:39 AM

Change 316914 had a related patch set uploaded (by Gergő Tisza):
Relax requirement for the user having an account on the central wiki

https://gerrit.wikimedia.org/r/316914

gerritbot added a project: Patch-For-Review.Oct 20 2016, 12:39 AM
Ragesoss mentioned this in T147787: Can not to add user in the course. Ed Dashboard.Oct 20 2016, 10:24 PM
Ragesoss added a comment.Nov 9 2016, 5:37 PM

Is this just stuck waiting for code review? Would love to get the E008 issues wrapped up!

Ragesoss added a comment.Jan 4 2017, 10:00 PM

@Tgr what's the status with this?

Tgr added a subscriber: Anomie.Jan 5 2017, 1:52 AM

Still waiting for CR. @Anomie do you have time to look at it? It's a fairly simple change.

Tgr added a project: acl*security.Jan 5 2017, 7:15 PM

Per Anomie, someone from Security should take a look at the patch.

SamanthaNguyen triaged this task as Lowest priority.Jan 8 2017, 12:01 AM
SamanthaNguyen moved this task from Backlog / Other to Patch pending review on the acl*security board.
gerritbot added a comment.Jan 18 2017, 8:00 AM

Change 316914 merged by jenkins-bot:
Relax requirement of the user having an account on the central wiki

https://gerrit.wikimedia.org/r/316914

ReleaseTaggerBot added a project: MW-1.29-release (WMF-deploy-2017-01-24_(1.29.0-wmf.9)).Jan 18 2017, 9:00 AM
Anomie closed this task as Resolved.Jan 18 2017, 3:49 PM
Anomie assigned this task to Tgr.
MarcoAurelio moved this task from Backlog to Done on the MediaWiki-extensions-CentralAuth board.Nov 22 2017, 9:46 AM
MarcoAurelio moved this task from Backlog to Done on the MediaWiki-extensions-CentralAuth board.
sbassett moved this task from Patch pending review to Done on the acl*security board.Sep 26 2019, 2:46 PM
chasemp added a project: Security.Feb 10 2020, 11:01 PM
chasemp removed a project: acl*security.Feb 20 2020, 8:18 PM
Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:43 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL