Page MenuHomePhabricator

Review Mediawiki OAuth backend for python-social-auth
Closed, ResolvedPublic

Description

I created a patch for python-social-auth for the Mediawiki OAuth backend. I want to use the backend for a Django application on wmflabs and would like to make sure that the security is handled correctly. It would be great if someone from the WMF engineering department could comment on the pull requests.

https://github.com/python-social-auth/social-core/pull/25

Event Timeline

Restricted Application added a project: User-bd808. · View Herald TranscriptJan 22 2017, 5:08 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Tgr awarded a token.Jan 22 2017, 7:48 PM
Tgr added a subscriber: Tgr.Jan 22 2017, 7:54 PM

The docs should probably call out that nice URLs cannot be used (due to T59500).

bd808 reassigned this task from bd808 to Tobias1984.Jan 23 2017, 10:56 PM
bd808 added a subscriber: bd808.

I'm going to assign this back to @Tobias1984 pending updates to the patch that need further review. Feel free to reassign to me when you have new changes that you would like me to take a look at.

Thank you both for the review. I will see what the maintainer of the library has to say and will close this when it is merged and no other questions arise.

Tobias1984 closed this task as Resolved.Jan 28 2017, 4:43 PM

The patch was accepted. Thank you for all your help!