Page MenuHomePhabricator
Create Task
Maniphest T159789

Include information about OAuth app review process and criteria into the interface
Open, HighPublic
Actions

Description

Information about review criteria and the process itself should be easily available to the user going through the process, and to the admin doing the review:

  • link to the policy on the app registration page
  • provide some kind of summary/checklist/best practices
  • provide in-context information when filling out the description
    • show warning when the URL us unsafe
    • warn about Labs policy if the URL points to Labs
    • warn when sensitive grants are included
  • make it clear that this does not apply to owner-only consumers (maybe separate owner-only consumer creation completely)
  • after the proposal was submitted, make it clear what's going to happen and whether the user is expected to do anything)
  • when an admin is reviewing the proposal, the policy should be linked and a summary information available on the special page

Related Objects
Search...

Event Timeline

Tgr created this task.Mar 7 2017, 3:00 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 7 2017, 3:00 AM
Tgr added a subtask: T159788: Establish OAuth app policy for Wikimedia wikis.Mar 7 2017, 3:00 AM
Tgr mentioned this in T62125: Document OAuth approvals process better.
Tgr merged a task: T62125: Document OAuth approvals process better.
Tgr added subscribers: bzimport, Anomie, Deskana and 4 others.
Tgr mentioned this in T93326: Document how tools should use OAuth.Mar 7 2017, 3:08 AM
Tgr moved this task from Backlog to Tool User wants on the MediaWiki-extensions-OAuth board.
Tgr moved this task from Tool User wants to Consumer wants on the MediaWiki-extensions-OAuth board.Mar 7 2017, 3:30 AM
Tgr triaged this task as High priority.Mar 7 2017, 3:38 AM
Tgr merged a task: T116681: OAuth consumer registration success message should include instructions on how to ask for review.Mar 7 2017, 3:54 AM
Tgr added a subscriber: Johan.
Tgr updated the task description. (Show Details)May 15 2017, 10:12 AM
Tgr added a parent task: T103587: Improve OAuth application approval workflow.
Liuxinyu970226 subscribed.May 23 2017, 1:44 PM
Aklapper removed subscribers: wikibugs-l-list, Anomie, bzimport.Oct 16 2020, 5:01 PM
Tgr closed subtask T159788: Establish OAuth app policy for Wikimedia wikis as Resolved.Apr 22 2023, 4:47 PM
Tgr mentioned this in T67750: Low-risk OAuth consumers should be automatically approved.Apr 22 2023, 4:50 PM
bd808 awarded a token.Apr 25 2023, 9:19 PM
Tgr added a project: MediaWiki-Platform-Team.Feb 5 2024, 5:35 AM

One of the higher-value OAuth UI tasks IMO.

Tgr moved this task from Inbox, needs triage to Soon on the MediaWiki-Platform-Team board.Feb 5 2024, 5:36 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL