Page MenuHomePhabricator

Add OAuth 2.0 support to MediaWiki for use by web-based clients
Open, NormalPublic

Description

This is an epic of a Core Platform Team initiative that is documented here.

Non-functional requirements:

  • OAuth 1.0 and OAuth 2.0 must be able to coexist
  • Implementation in an extension: OAuth2
  • Code must be extensible to support API-based clients in Epic 2
  • The MediaWiki code should not depend upon a particular client in any way
  • Possibly test with Wikimedia-hosted Discourse instance
  • Security review of all new code
  • Implement on top of new MediaWiki REST API support, if possible
  • Use existing library, if possible