A possible design:
|Open||None||T90925 General authentication improvements for MediaWiki|
|Open||None||T86869 Support a nice sso experience with MediaWiki's OAuth|
|Open||None||T75062 OAuth permission screen needs redesign for better usability and comprehension|
|Open||None||T98879 OAuth authorization dialogs should have a plain (skinless) version so that they can be shown in popup windows.|
This is the current OAuth flow:
- the user visits the application's home page
- they click on a 'Login' link
- they are redirected to the authorization screen at mediawiki.org
- they click on the 'Allow' button
- they get redirected to the application
Using popups, there would be almost no way for the apps to know in real time that they've been authorized.
Not mentioning that, at least in a desktop environment, popups are very annoying and might be blocked even without the user noticing...