I created a patch for python-social-auth for the Mediawiki OAuth backend. I want to use the backend for a Django application on wmflabs and would like to make sure that the security is handled correctly. It would be great if someone from the WMF engineering department could comment on the pull requests.
Description
Description
Related Objects
Related Objects
- Mentioned In
- T230536: Write OAuth auth plugin for Synapse (Matrix)
T249678: Add OAuth login to mailman for accessing list memberships/archive viewing
T257729: Python social_core incorrectly escapes text in AuthException - Mentioned Here
- T59500: Impossible to use https://www.mediawiki.org/wiki/Special:OAuth/initiate?format=&oauth_callback= style URL
Event Timeline
Comment Actions
I left a few comments on https://github.com/python-social-auth/social-core/pull/25/files/f286a12e10de7121d34d00f071d8f17636348961. I haven't tried to actually test the implementation.
Comment Actions
I'm going to assign this back to @Tobias1984 pending updates to the patch that need further review. Feel free to reassign to me when you have new changes that you would like me to take a look at.
Comment Actions
Thank you both for the review. I will see what the maintainer of the library has to say and will close this when it is merged and no other questions arise.