On Thu, Dec 22, 2016 at 11:16 AM, Scott Koranda <skoranda(a)gmail.com> wrote:
First question: Is that form of the token,
specifically having +\ at the
end, correct and expected?
Yes. They were included years ago, I believe to help catch data corruption
introduced by broken proxies.
If I then take that token and execute
$createAccountToken =
$response['query']['tokens']['createaccounttoken'];
$oauth->fetch("https://myserver/w/api.php?action=
createaccount&format=json&name=FooBar&email=foobar@
gmail.com&realname=FooBar&mailpassword=false&reason=
provisioning&language=en&token=$createAccountToken", null,
OAUTH_HTTP_METHOD_PUT);
I receive
{"error":{"code":"createnotoken","info":"The
token parameter must be
set","*":"See
https://myserver/w/api.php for API usage"}}
Second question: What am I doing wrong when invoking the createaccount
action?
Two things:
1. The parameter is named "createtoken", not "token".
2. You're not urlencoding it.
I am following documentation at
https://www.mediawiki.org/wiki/API:Account_creation
but it is not clear to me which parts of that page may be deprecated and
precisely how I should provision a new account.
I should update that page for AuthManager. In the mean time, account
creation in 1.27 and later works much like action=clientlogin, as
documented at
https://www.mediawiki.org/wiki/API:Login#The_clientlogin_action. See also
https://www.mediawiki.org/w/api.php?modules=createaccount for the
auto-generated documentation.
--
Brad Jorsch (Anomie)
Senior Software Engineer
Wikimedia Foundation