Page MenuHomePhabricator
Create Task
Maniphest T95603

Implement Security support for OAuth
Closed, DuplicatePublic
Actions

Description

Pywikibot is a collection of tools that automate work on MediaWiki sites. if in case if someone use a stolen password is someone logging in and changing e-mail address, password etc. to lock the user out of their own account.

With OAuth, only a token needs to be stored in the shared environment, and in worst case scenario someone can make a few edits with the token, but it can be revoked at any time, and the malicious user can not lock out the rightful user.

This task is to implement OAuth support in pywikibot. To complete this task, a unit test should be added to the test suite to perform a login and logout using OAuth with assertions that verify APISite._userinfo is correct, and a second unit test should login, edit a userpage, and confirm the edit was performed using the OAuth-authenticated account. The unit test should be configured to run on travis-ci when the secret key is available in the Travis configuration, and skipped when it isnt, able to use the key and secret that you receive when you complete the registration, as long as you approve it using the same mediawiki.org user that you used to register the application.

Related Objects
Search...

Event Timeline

Linkrachit created this task.Apr 9 2015, 7:23 PM
Linkrachit claimed this task.
Linkrachit raised the priority of this task from to High.
Linkrachit updated the task description. (Show Details)
Linkrachit added projects: Outreachy-Round-10, Google-Summer-of-Code (2015), Pywikibot-network, Pywikibot-login.py, Possible-Tech-Projects, Google-Code-in-2014, Pywikibot, Pywikibot-General.
Linkrachit added subscribers: Nv1620, Sampadmedda, Aklapper and 20 others.
Sitic unsubscribed.Apr 9 2015, 7:25 PM
Niharika moved this task from Backlog to Proposals Submitted on the Google-Summer-of-Code (2015) board.Apr 14 2015, 1:38 PM
Linkrachit added a comment.Apr 16 2015, 9:11 PM

My blog on the same:-

http://pywikibotoauthsupportbylinkrachit.blogspot.in/

Linkrachit added a comment.Apr 20 2015, 1:23 AM

3rd blog on Configuration File(user-config.py) -
http://pywikibotoauthsupportbylinkrachit.blogspot.in/2015/04/user-configpy.html

Niharika removed projects: Google-Code-in-2014, Possible-Tech-Projects, Outreachy-Round-10.Apr 20 2015, 3:08 AM
Niharika set Security to None.
Linkrachit added a comment.Apr 21 2015, 1:14 AM

Bogs-

Basic use of Pywikibot-
http://pywikibotoauthsupportbylinkrachit.blogspot.in/2015/04/basic-use.html

login.py
http://pywikibotoauthsupportbylinkrachit.blogspot.in/2015/04/loginpy.html

Niharika closed this task as a duplicate of T74065: Pywikibot: Implement support for OAuth.Apr 30 2015, 2:19 PM
Liuxinyu970226 unsubscribed.Apr 30 2015, 3:22 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits