Last modified: 2014-09-23 23:06:59 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T18524, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 16524 - Allow authentication plugins to report error messages
Allow authentication plugins to report error messages
Status: NEW
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
unspecified
All All
: Normal enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks: 56535
  Show dependency treegraph
 
Reported: 2008-12-02 03:05 UTC by Ryan Lane
Modified: 2014-09-23 23:06 UTC (History)
11 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Ryan Lane 2008-12-02 03:05:23 UTC 
Authentication plugins currently have no way to report custom error messages to the end user. There are some situations where something other than a password failure error should be reported.

I am willing to tackle this issue; should I submit patches here, or should I plan everything out here and then commit it?
Comment 1 Siebrand Mazeland 2011-09-03 17:42:45 UTC 
Suggesting you do the latter, as for the past 30 months no one took the effort to comment.
Comment 2 Jasper Deng 2012-12-16 22:49:34 UTC 
In particular without something of this sort, CentralAuth has no choice but to report "wrong password" when accounts are locked.
Comment 3 Ryan Lane 2012-12-17 19:47:10 UTC 
Ages ago I said I'd try to get to this, but it's not a small core change, may be better if someone else took this.
Comment 4 Sumana Harihareswara 2012-12-17 19:57:31 UTC 
Victor, do you have some time to help with this?  It's hurting more and more people regarding Wikimedia Labs login.
Comment 5 Tyler Romeo 2013-02-11 09:44:37 UTC 
What kind of errors are we talking about, because for Special:Userlogin at least it's very easy to report custom error messages.
Comment 6 Ryan Lane 2013-02-11 18:07:01 UTC 
It's easy to pass them from the authentication extension to Special:Userlogin? I don't see a way with a quick pass through the code. It looks to me like there are constant values defined and a Status class is used with those hardcoded values.
Comment 7 Tyler Romeo 2013-02-11 21:31:34 UTC 
If you mean when creating a new account, the AbortNewAccount hook in LoginForm::addNewAccountInternal allows you to pass a raw HTML message to be displayed to the user for errors. If you mean when just logging in, the AbortLogin hook in LoginForm::authenticateUserData, if passed LoginForm::ABORTED as the status, will show whatever custom message key is passed in the last parameter of the hook.
Comment 8 Ryan Lane 2013-02-11 23:18:13 UTC 
It's possible to workaround the lack of custom messages using these hooks, but it's a dirty hack. For instance, some password authentication plugins (like LDAP) should be able to send a custom error message when authentication occurs, such as "Your account is disabled". To do that using the hooks, it would be necessary to do authentication more than once, just to get a message.

Any call to wgAuth should allow a custom message.
Comment 9 Tyler Romeo 2013-02-11 23:19:37 UTC 
Oh, I see what you mean. Well, the new authnz system I'm designing would fix this, but it'll be a little while before it's finished.
Comment 10 Terry Chay 2013-04-13 00:20:57 UTC 
Just adding Brion and S Page to this old bug. :-)
Comment 11 Yuvi Panda 2013-04-13 19:22:44 UTC 
Just to note that all account creation on wikitech seems to be failing with this error message. I tried creating one, which failed - and Coren tells me that everything is failing with this error message.
Comment 12 Ryan Lane 2013-04-13 19:51:02 UTC 
There's no other error message to display ;)
Comment 13 Ryan Lane 2013-11-04 18:55:04 UTC 
*** Bug 56535 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links