Last modified: 2013-11-22 20:49:05 UTC
I set an empty list for $wgOpenIDProviders, set $wgOpenIDConsumerDenyByDefault = true and left $wgOpenIDConsumerAllow empty, set $wgOpenIDAllowExistingAccountSelection false, and set $wgOpenIDHideOpenIDLoginLink true. But it still allows Special:OpenIDLogin to pretend to work, and it still shows the "Your OpenIDs for login" section on Special:Preferences.
Hi Brad, your question needs a clarification: From the wording of the bug subject I do understand, that you want to run your MediaWiki as "provider only". This has not yet been foreseen, currently - with the extension included you can chose between "consumer only" and "consumer and provider" modes. Please let me know, if you really meant and need the "provider only" mode.
Yes, that is exactly what I meant. Chris can correct me if I'm wrong, but I believe the current plan for WMF wikis is just that: to allow using OpenID for e.g. labs wikis to authenticate against production wikis, but (at least to start with) not to let people use other OpenID providers to log into the WMF production wikis.
Brad, that's correct. I think we were planning to implement that by whitelisting providers, and having no providers on our whitelist.
While whitelisting providers and having none in the whitelist does effectively work, you wind up with non-functional things in the UI as mentioned in comment 0. Those non-functional things should be hideable. Ideally you could just set something like $wgOpenIDConsumer = false and not have to worry about setting an empty whitelist or anything else at all. And then the confusingly-named $wgOpenIDConsumerAndAlsoProvider could just change to $wgOpenIDProvider.
He, stop it. I will introduce a third value for the variable which is currently (currently not confusingly) named $wgOpenIDConsumerAndAlsoProvider, the name must change, too. So I understand that you all want to have three modes for a MediaWiki with the E:OpenID: 1 - consumer only 2 - consumer and provider 3 - provider only mode 3 is not yet implemented. I think, I understand what you want and will implement this. But I need you ! you helping me to fix this https://gerrit.wikimedia.org/r/#/c/81629/ first. This way is necessary, even when it looks unrelated, I need to get it working.
Clarification request: What's about having a new switch (replacing $wgOpenIDConsumerAndAlsoProvider) having (new:) FOUR possible values: $wgOpenIDMode = 'off' | 'consumer' | 'provider' | 'consumer-and-provider' 0 - OpenID extension inactive 1 - consumer only 2 - provider only 3 - consumer and provider In my view, this can be implemented quite easily, and would make the code more readable and also better to maintain. By they way, I will also introduce new rights (names not yet finalised): - can-create-account-with-openid - can-create-account-without-openid - can-login-with-openid see https://gerrit.wikimedia.org/r/#/c/94977/6/OpenID.php . Any comment is welcome! Please let me know. Here's the linke to the other open bugs https://bugzilla.wikimedia.org/buglist.cgi?component=OpenID&list_id=250013&query_format=advanced&resolution=---&order=bug_id%20DESC&query_based_on= .
Change 94977 had a related patch set uploaded by Wikinaut: Bug 54508: Add "provider only" mode; Bug 46617: allow Sysops to always create account https://gerrit.wikimedia.org/r/94977
Change 94977 had a related patch set (by Wikinaut) published: Bug 54508: Add "provider only" mode; Bug 46617: allow Sysops to always create account https://gerrit.wikimedia.org/r/94977
+++ Important +++ @Ryan, Chris, other reporters: THIS is what you wanted. My invitation to code-review: https://gerrit.wikimedia.org/r/#/c/94977/ Code is live on http://openid-wiki.instance-proxy.wmflabs.org/wiki/ . Special:Version should show you "4.00 20131115" Please test. Please code-review.
Change 94977 merged by Wikinaut: Bug 54508: Add "provider only" mode; Bug 46617: allow Sysops to always create account https://gerrit.wikimedia.org/r/94977
solved in 4.00 20131122 https://gerrit.wikimedia.org/r/#/c/94977/