I am thinking on developing an android app to record audio and send to commons.
Is there any such app available already?
if not, we can make one.
How to make the users login to the app with their wikipedia credentials?
Please share the links for using wikipedia as oauth endpoint.
Thanks.
Hi,
On Fri, 2018-07-27 at 12:29 +0530, Shrinivasan T wrote:
I am thinking on developing an android app to record audio and send to commons.
Is there any such app available already?
https://lingualibre.fr/ has a similar goal, and has an extension at https://github.com/lingua-libre/RecordWizard (but not a mobile app).
if not, we can make one.
How to make the users login to the app with their wikipedia credentials?
Please share the links for using wikipedia as oauth endpoint.
I'd hope that https://www.mediawiki.org/wiki/OAuth/For_Developers covers this. The Commons Android app developers had a similar request in https://phabricator.wikimedia.org/T179519 .
Cheers, andre
I'd hope that https://www.mediawiki.org/wiki/OAuth/For_Developers covers this. The Commons Android app developers had a similar request in https://phabricator.wikimedia.org/T179519 .
The request for oauth fro commons app is rejected due to some legal issues.
Seems we also have to use the regular username, password login method.
On 27/07/18 17:01, Shrinivasan T wrote:
I'd hope that https://www.mediawiki.org/wiki/OAuth/For_Developers covers this. The Commons Android app developers had a similar request in https://phabricator.wikimedia.org/T179519 .
The request for oauth fro commons app is rejected due to some legal issues.
Seems we also have to use the regular username, password login method.
I've been wondering about how this sort of thing would work as well, in the context of a Piwigo plugin that I've been working on for easily uploading photos to Commons (or any MediaWiki site). It seems the easiest way to do it is to get users to register their own personal (owner-only) OAuth consumer (which I think never requires approval?) and then have them enter the consumer token in the app. Then they still have to go through the access token request process, but it feels reasonably straight forward, if less convenient than just clicking "log in with Commons".
On Sat, Jul 28, 2018 at 10:37 AM Sam Wilson sam@samwilson.id.au wrote:
I've been wondering about how this sort of thing would work as well, in the context of a Piwigo plugin that I've been working on for easily uploading photos to Commons (or any MediaWiki site). It seems the easiest way to do it is to get users to register their own personal (owner-only) OAuth consumer (which I think never requires approval?) and then have them enter the consumer token in the app.
I'd say that's the hardest (although it could be made more user-friendly with some effort). See https://phabricator.wikimedia.org/T179519#3727899 for other options.
On 29/07/18 00:35, Gergo Tisza wrote:
On Sat, Jul 28, 2018 at 10:37 AM Sam Wilson sam@samwilson.id.au wrote:
I've been wondering about how this sort of thing would work as well, in the context of a Piwigo plugin that I've been working on for easily uploading photos to Commons (or any MediaWiki site). It seems the easiest way to do it is to get users to register their own personal (owner-only) OAuth consumer (which I think never requires approval?) and then have them enter the consumer token in the app.
I'd say that's the hardest (although it could be made more user-friendly with some effort). See https://phabricator.wikimedia.org/T179519#3727899 for other options.
Good point: I guess I meant "easiest" as in "closest to getting oauth working"! :) But yeah, hardly simple from the user's point of view.
I was thinking that bot passwords are generally discouraged as part of a normal user workflow. I'm probably thinking too strongly though, and it's fine to direct people to Special:BotPasswords. Although, by default it does say "If you don't know why you might want to do this, you should probably not do it." which might be discouraging to some people. Still, easy enough to spell out what's going on before sending people there.
Thanks for the breakdown of the options here. :-)
On Sun, Jul 29, 2018 at 8:16 AM, Sam Wilson sam@samwilson.id.au wrote:
On 29/07/18 00:35, Gergo Tisza wrote:
On Sat, Jul 28, 2018 at 10:37 AM Sam Wilson sam@samwilson.id.au wrote:
I've been wondering about how this sort of thing would work as well, in
the context of a Piwigo plugin that I've been working on for easily uploading photos to Commons (or any MediaWiki site). It seems the easiest way to do it is to get users to register their own personal (owner-only) OAuth consumer (which I think never requires approval?) and then have them enter the consumer token in the app.
I'd say that's the hardest (although it could be made more user-friendly with some effort). See https://phabricator.wikimedia.org/T179519#3727899 for other options.
Good point: I guess I meant "easiest" as in "closest to getting oauth working"! :) But yeah, hardly simple from the user's point of view.
I was thinking that bot passwords are generally discouraged as part of a normal user workflow. I'm probably thinking too strongly though, and it's fine to direct people to Special:BotPasswords. Although, by default it does say "If you don't know why you might want to do this, you should probably not do it." which might be discouraging to some people. Still, easy enough to spell out what's going on before sending people there.
if one takes an example, lke https://tools.wmflabs.org/video2commons/, is this implemented like it should? is there any difference from "any" application or applications on the tools server? am looking at the code here currently: https://github.com/toolforge/video2commons/blob/master/video2commons/fronten... the "dologin" method.
rupert
On Sun, Jul 29, 2018 at 12:37 AM rupert THURNER rupert.thurner@gmail.com wrote:
if one takes an example, lke https://tools.wmflabs.org/video2commons/, is this implemented like it should? is there any difference from "any" application or applications on the tools server? am looking at the code here currently: https://github.com/toolforge/video2commons/blob/master/video2commons/fronten... the "dologin" method.
Yes, there is a major difference between a web application like the video2commons tool and a device native application like an Android app. That difference is that in a web application secret data can be kept on the web server side that is not visible to the end user. This allows the OAuth application secret to be used in signing requests to the Wikimedia servers without exposing that secret to anyone who is looking at the source code of the web application. This separation is not possible when the application is running on end-user controlled devices as a phone or desktop application does.
Bryan
wikitech-l@lists.wikimedia.org