Last modified: 2014-05-16 22:06:10 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T61141, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 59141 - Get OAuth working in beta
Get OAuth working in beta
Status: RESOLVED FIXED
Product: Wikimedia Labs
Classification: Unclassified
deployment-prep (beta) (Other open bugs)
unspecified
All All
: Normal normal
: ---
Assigned To: Chris Steipp
:
Depends on: 63538
Blocks:
  Show dependency treegraph
 
Reported: 2013-12-30 21:10 UTC by Chris Steipp
Modified: 2014-05-16 22:06 UTC (History)
7 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Chris Steipp 2013-12-30 21:10:10 UTC 
Production is currently using mediawiki.org as the central oauth wiki (grants are kept centrally, on a single wiki, so a user can grant a connected app access to all wikis at once, instead of having to authorize each individually).

Since beta doesn't have a mediawikiwiki, developers can register OAuth applications in beta.

Eventually production is planning to use metawiki, but until then, it would be nice to make the exception for labs.
Comment 1 Gerrit Notification Bot 2013-12-30 21:11:45 UTC 
Change 104666 had a related patch set uploaded by CSteipp:
Central OAuth wiki for Labs (metawiki)

https://gerrit.wikimedia.org/r/104666
Comment 2 Gerrit Notification Bot 2014-04-07 09:30:38 UTC 
Change 104666 abandoned by Hashar:
Central OAuth wiki for Labs (metawiki)

Reason:
I guess this change is no more needed.

https://gerrit.wikimedia.org/r/104666
Comment 3 Bryan Davis 2014-04-11 22:48:00 UTC 
Chris, is this issue still valid?
Comment 4 Chris Steipp 2014-04-11 22:59:09 UTC 
It would be nice to eventually get OAuth working in beta.

Right now deployment.wikimedia.beta.wmflabs.org is the central wiki, but because we have $wgMWOAuthSecureTokenTransfer=true, the OAuth pages redirect to https, which doesn't work in beta. So it's still not possible for anyone to register new applications in beta, which was the overall purpose of my original report.

I updated the title to reflect that.
Comment 5 Antoine "hashar" Musso (WMF) 2014-04-15 11:18:41 UTC 
While the SSL is being sorted out, we could set on beta wgMWOAuthSecureTokenTransfer = false and fill a bug as a reminder to reenable it.
Comment 6 Chris Steipp 2014-04-16 00:07:05 UTC 
Yeah, we can do that. I'll also make sure we reset all secrets after we upgrade.
Comment 7 Gerrit Notification Bot 2014-04-16 00:51:08 UTC 
Change 126185 had a related patch set uploaded by CSteipp:
Temporarily allow insecure token trasfer for OAuth

https://gerrit.wikimedia.org/r/126185
Comment 8 Gerrit Notification Bot 2014-05-16 17:24:59 UTC 
Change 126185 merged by jenkins-bot:
Temporarily allow insecure token trasfer for OAuth

https://gerrit.wikimedia.org/r/126185
Comment 9 Chris Steipp 2014-05-16 22:06:10 UTC 
Reminder to reenable secure token transfer is bug 65421. In the meantime, OAuth is working on labs (I'm testing phabricator against it).
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links