Page MenuHomePhabricator
Create Task
Maniphest T311187

OAuth grant type validation/display improvements
Closed, InvalidPublic
Actions

Description

These suggestions were made in a comment on T297888: OAuth v2 client request form ignores default grant type values, which is otherwise resolved. Opening a separate task so the suggestion is not lost when the other task is closed:

  1. fail the form validation when there are no grant types - accepting a dysfunctional consumer definition and putting it in the approvals queue is a waste of everyone's time.
  2. show the grant types in Special:OAuthListConsumers. Missing from there made debugging T297888: OAuth v2 client request form ignores default grant type values hard for non-admins.

Related Objects

Event Timeline

BPirkle created this task.Jun 23 2022, 1:11 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 23 2022, 1:11 AM
BPirkle moved this task from Incoming to Must do now on the API Platform board.Jun 23 2022, 1:13 AM
BPirkle moved this task from Must do now to Incoming on the API Platform board.
VirginiaPoundstone moved this task from Incoming to Backlog on the API Platform board.Nov 14 2022, 9:24 AM
VirginiaPoundstone moved this task from Backlog to Incoming on the API Platform board.
VirginiaPoundstone moved this task from Incoming to Needs Grooming on the API Platform board.Nov 29 2022, 8:17 PM
JArguello-WMF moved this task from Needs Grooming to Incoming on the API Platform board.Feb 21 2023, 7:06 PM
JArguello-WMF moved this task from Incoming to Needs Grooming on the API Platform board.Apr 18 2023, 4:16 PM
JArguello-WMF moved this task from Needs Grooming to Incoming on the API Platform board.
Tgr added a comment.Apr 22 2023, 4:43 PM

Where does this happen? There is no way to submit Special:OAuthConsumerRegistration with an empty set of grants.

BPirkle closed this task as Invalid.Apr 25 2023, 6:46 PM

Where does this happen? There is no way to submit Special:OAuthConsumerRegistration with an empty set of grants.

I don't think it does anymore - the forms were changed since this task was created . And I wasn't able to reproduce this anymore on my local. See T297888: OAuth v2 client request form ignores default grant type values for how it was previously possible, and specifically see your comment on that task, which was made before that task was resolved.

I'm going to close this as invalid. Feel free to reopen if you think the remaining item, showing the grant types in Special:OAuthListConsumers, is still something we should do.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL