My idea is that it would work like on facebook, a special page would
open from the external tool (in a separate browser), example:
Application "MOO" wants to access the site using your account, do you
want to allow it to perform these operations:
Yes, I want to allow MOO to access the site using my account
If user pick yes, the token is being sent back to application which
then use it to perform various api's etc The application would define
what kind of access it would need to use and which kind of
authentication (token / key / certificate) it wants to use
On Tue, Mar 13, 2012 at 3:13 PM, Petr Bena <benapetr(a)gmail.com> wrote:
Of course, I am following the proposal at
, even there is mentioned that
it's not clear if it should be extension or in core. In fact I don't
see a reason why it couldn't be extension. You can extends api's from
extension and even access the permission definitions.
On Tue, Mar 13, 2012 at 3:09 PM, John Du Hart <compwhizii(a)gmail.com> wrote:
> This isn't something that can be implemented as an extension, it needs
> to be in core. This goes way beyond just allowing a user to log in to
> a site with their MediaWiki account, it needs full integration with
> our permissions and API to be of any use.
> On Tue, Mar 13, 2012 at 8:50 AM, Petr Bena <benapetr(a)gmail.com> wrote:
>> Hi, it's been almost 4 years since we came with the idea of
>> implementing an OAuth to mediawiki. I think it's time to start.
>> Question now is if it should be a part of core or extension for
>> mediawiki. I myself would rather make it as extension, since there is
>> probably no use for most of installations, except for large wikis.
>> OAuth provides a standard protocol to negotiate secure access tokens
>> and to provide third-party tools (web or client) with granular access
>> to private resources. This protocol does not reveal usernames or
>> passwords to the third-party tool. Offering OAuth based authorization
>> on Mediawiki wiki's will increase the reusability of its data and spur
>> the creation of an ecosystem of app's around Mediawiki.
>> Is there anyone who is willing to help with this? If there is no one
>> interested in this, or no comments, I would start a new extension
>> called OAuth, which only purpose would be to enable this feature in
>> Wikitech-l mailing list
> Wikitech-l mailing list