|Declined||None||T168170 Block Special:OAuth/authorize for WP Zero users|
|Declined||None||T168171 Add a Hook in OAuth extension in handleAuthorizationForm()|
|Declined||None||T168172 Add in WikimediaEvents extension a blocker for WP Zero by using Hook in OAuth extension|
Thanks for your comment, I agree with your argument.
But in an other hand I think that we need to be able to do this block, if it's needed, in a larger vision than phabricator. Perhaps we should work on the software to be able to do this in case of emergency. Curently as I know nothing is designed to do this. Do you think that it's necessary ? Or it's a spent of time ?
Even apart from collateral damage, this does not seem particularly useful. There is no such thing as a Zero user; only a Zero request. Users could easily do the authorization via some proxy or different provider and do the file uploads via Zero. In the case of Phabricator, OAuth is only used to log you in, anyway (and it's not even the only way to do that); actual usage of Phabricator does not depend on OAuth in any way.
Also, the point of the Zero piracy is to allow users to download pirated material free of charge. Uploading it free of charge is convenient but I doubt the pirates really depend on it as it is easy to make money out of pirate sites. And public files can be downloaded from Phabricator without logging in, so the only part of the workflow that requires Zero does not involve login at all.