valhallasw added a subscriber: valhallasw. valhallasw added a comment.

MediaWiki-OAuth is *probably* the project you want to use for this.

A rough outline of how this could work:

1. the user needs to register their own application. There is no API for this, so the user has to do this on-site, and has to select which permissions will be given.. This gives us consumer_key and consumer_secret, which need to be set somewhere. 2. The user then needs to log in with that token, using the OAuth handshake shown on https://github.com/wikimedia/MediaWiki-OAuth 3. We then have to sign requests. I'm not sure how to do this -- the underlying OAuth library ( https://pypi.python.org/pypi/oauthlib ) probably provides this?

This is not really convenient, though, so I'm not sure if @Krinkle's use case is actually covered well by the existing MediaWiki OAuth implementation.

Alternatively, we can provide a consumer_key and not-so-secret consumer_secret in pywikibot itself (that's how Google suggests to solve this workflow in their API)

TASK DETAIL https://phabricator.wikimedia.org/T74065

REPLY HANDLER ACTIONS Reply to comment or attach files, or !close, !claim, !unsubscribe or !assign <username>.

EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/

To: valhallasw Cc: pywikipedia-bugs, Krinkle, MZMcBride, jayvdb, yuvipanda, Halfak, Nemo_bis, valhallasw