Page MenuHomePhabricator
Create Task
Maniphest T245050

OAuth extension should display clear error messages when the wrong protocol version is used
Open, Needs TriagePublic
Actions

Description

  • Apparently if you are using an OAuth 2 consumer and library to connect to the OAuth 1 endpoint, you get An error occurred in the OAuth protocol: Invalid signature which is confusing (although technically correct). It would be nice to check whether the consumer is appropriate for the endpoint before validating the signature.
  • Special:OAuth displays mwoauthserver-bad-consumer ("not approved as a Connected App") when the registered and actual protocol version do not match.

Related Objects
Search...

Event Timeline

Tgr created this task.Feb 12 2020, 7:01 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 12 2020, 7:01 PM
Tgr updated the task description. (Show Details)Feb 12 2020, 7:01 PM
Tgr renamed this task from OAuth extension should check consumer before validating signature to OAuth extension should display clear error messages when the wrong protocol version is used.Feb 13 2020, 7:20 PM
Tgr updated the task description. (Show Details)
Tgr added a parent task: T245477: OAuth server should provide clear and useful feedback about client errors.Feb 18 2020, 1:14 AM
Tgr merged a task: T254777: (Some?) OAuth consumers cannot be used by their owner before admin approval.Jun 8 2020, 8:00 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL