Page MenuHomePhabricator
Create Task
Maniphest T278135

Implement OAuth login for WMCH's members wiki
Closed, ResolvedPublic
Actions

Description

Talking with @Ilario it would be very nice to implement an OAuth authentication for the Wikimedia CH's members wiki, for multiple reasons:

  • avoid to remember another password
  • speedup login process on multiple devices
  • making the wiki more accessible
  • more integration with the Wikimedia universe

Some required features:

  • allow login with local credentials
  • manage same accounts under different names
  • manage different accounts under same name

Plan

  • 1 h create a beta environment
  • 7 h analyze and test available OAuth extensions
  • 1 h register an OAuth application in Meta-wiki (like we have done in T262823)
  • 6 h configure business logic with all the bows and ribbons
  • 0 h init test phase
  • 0 h end test phase
  • 0 h announce the change
  • 1 h deploy in production

Revisions and Commits

rWCIN wikimedia-ch-wmch-infrastructure
rWCINa59b83c89dcb members.wikimedia.ch: enable PluggableAuth

Related Objects
Search...

Event Timeline

valerio.bozzolan created this task.Mar 22 2021, 3:27 PM
valerio.bozzolan claimed this task.Mar 22 2021, 3:38 PM
valerio.bozzolan triaged this task as Medium priority.
valerio.bozzolan updated the task description. (Show Details)
valerio.bozzolan added a subscriber: Ilario.
valerio.bozzolan updated the task description. (Show Details)Mar 22 2021, 3:43 PM
valerio.bozzolan mentioned this in T277278: Implement OAuth login into Wikimini.Mar 22 2021, 3:46 PM
valerio.bozzolan updated the task description. (Show Details)Mar 22 2021, 3:51 PM
valerio.bozzolan added a comment.Mar 27 2021, 1:19 PM

Just some notes for historical reasons.

$ ssh members2.wikimedia.ch

$ cd /var/lib/mediawiki/extensions

$ # install WSOAuth (latest master)
$ # https://www.mediawiki.org/wiki/Special:ExtensionDistributor?extdistname=WSOAuth&extdistversion=master
$ wget https://extdist.wmflabs.org/dist/extensions/WSOAuth-master-a223327.tar.gz

$ # install PluggableAuth (1.31)
$ wget https://extdist.wmflabs.org/dist/extensions/PluggableAuth-REL1_31-eb1b638.tar.gz

$ # historical verifications
$ md5sum WSOAuth-master-a223327.tar.gz PluggableAuth-REL1_31-eb1b638.tar.gz 
45f4994e0e7c11efae65c7ab71d555b4  WSOAuth-master-a223327.tar.gz
f65701aebdc34958011115126003fd6d  PluggableAuth-REL1_31-eb1b638.tar.gz

$ sha1sum WSOAuth-master-a223327.tar.gz PluggableAuth-REL1_31-eb1b638.tar.gz
d4469983d114793e31e9ed51ae32ee4a39bef245  WSOAuth-master-a223327.tar.gz
705540f0be166b3c560a958b1dc80fdd9d1c6341  PluggableAuth-REL1_31-eb1b638.tar.gz

$ tar -xzf PluggableAuth-REL1_31-eb1b638.tar.gz
$ tar -xzf WSOAuth-master-a223327.tar.gz

$ # clean
$ rm *.tar.gz
valerio.bozzolan updated the task description. (Show Details)Apr 23 2021, 10:30 AM
valerio.bozzolan added a comment.Apr 23 2021, 2:03 PM

Uh-oh. That's an interesting feature!

oauth-nonsense.png (592×339 px, 24 KB)

asd

I've opened a question to the maintainer about trusting local logged-in users.

valerio.bozzolan added a subtask: T283908: Implement a modern auto-verification for the WSOAuth extension.May 28 2021, 7:09 AM
valerio.bozzolan closed subtask T278140: WMCH spike test for the WSOAuth+PluggableAuth MediaWiki extension as Resolved.May 28 2021, 7:13 AM
Xxmarijnw closed subtask T283908: Implement a modern auto-verification for the WSOAuth extension as Resolved.Dec 14 2021, 7:26 PM
valerio.bozzolan closed this task as Resolved.Dec 15 2021, 9:37 AM
valerio.bozzolan updated the task description. (Show Details)
valerio.bozzolan moved this task from Backlog to Recent Changes on the WMCH-Infrastructure board.
valerio.bozzolan added a commit: rWCINa59b83c89dcb: members.wikimedia.ch: enable PluggableAuth.Sep 22 2023, 10:28 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL