The tag associated to a OAuth app cannot be undefined by the app publisher. There should be a way to undefine the tag so it can be deleted. At present, old inactive OAuth tags applied at least once remain at Special:Tags and there's no way to avoid that.
Description
Details
Subject | Repo | Branch | Lines +/- | |
---|---|---|---|---|
Implement ChangeTagsRegister hook for OAuth | mediawiki/extensions/OAuth | master | +27 -36 |
Event Timeline
There are three stages for OAuth consumers besides 'proposed' and 'approved' : expired, disabled and rejected. A consumer in the 'expired' stage may still be brought back to 'approved'. Would it make sense to not define tags for 'disabled' and 'rejected' consumers ?
Convenience link to MWOAuth.hooks.php.
It's not immediately obvious what to do here. We already mark tags for OAuth consumers that are not "proposed" or "approved" as inactive; this of course does not allow those tags to be deleted.
We could use the ChangeTagCanDelete hook to allow deleting tags in a 'disabled' or 'rejected' state. I couldn't find much documentation on OAuth statuses, but it appears that allowing deletion in these cases makes sense.
Tags in an 'expired' state would be marked as inactive but still not be deletable. To make it deletable, the client would have to explicitly change the status to 'disabled'.
Change 253567 had a related patch set uploaded (by Cenarium):
Implement ChangeTagsRegister for OAuth
Change 253567 abandoned by Bartosz Dziewoński:
[mediawiki/extensions/OAuth@master] Implement ChangeTagsRegister hook for OAuth
Reason:
Depends on an abandoned change