How to make oauth authentication with wikipedia?

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

How to make oauth authentication with wikipedia?

Shrinivasan T
I am thinking on developing an android app to record audio and send to commons.

Is there any such app available already?

if not, we can make one.

How to make the users login to the app with their wikipedia credentials?

Please share the links for using wikipedia as oauth endpoint.

Thanks.

--
Regards,
T.Shrinivasan


My Life with GNU/Linux : http://goinggnu.wordpress.com
Free E-Magazine on Free Open Source Software in Tamil : http://kaniyam.com

Get Free Tamil Ebooks for Android, iOS, Kindle, Computer :
http://FreeTamilEbooks.com

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: How to make oauth authentication with wikipedia?

Andre Klapper-2
Hi,

On Fri, 2018-07-27 at 12:29 +0530, Shrinivasan T wrote:
> I am thinking on developing an android app to record audio and send
> to commons.
>
> Is there any such app available already?

https://lingualibre.fr/ has a similar goal, and has an extension at
https://github.com/lingua-libre/RecordWizard (but not a mobile app).

> if not, we can make one.
>
> How to make the users login to the app with their wikipedia
> credentials?
>
> Please share the links for using wikipedia as oauth endpoint.

I'd hope that https://www.mediawiki.org/wiki/OAuth/For_Developers
covers this. The Commons Android app developers had a similar request in https://phabricator.wikimedia.org/T179519 .

Cheers,
andre
--
Andre Klapper | Bugwrangler / Developer Advocate
https://blogs.gnome.org/aklapper/



_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: How to make oauth authentication with wikipedia?

Shrinivasan T
> I'd hope that https://www.mediawiki.org/wiki/OAuth/For_Developers
> covers this. The Commons Android app developers had a similar request in https://phabricator.wikimedia.org/T179519 .

The request for oauth fro commons app is rejected due to some legal issues.

Seems we also have to use the regular username, password login method.


--
Regards,
T.Shrinivasan


My Life with GNU/Linux : http://goinggnu.wordpress.com
Free E-Magazine on Free Open Source Software in Tamil : http://kaniyam.com

Get Free Tamil Ebooks for Android, iOS, Kindle, Computer :
http://FreeTamilEbooks.com

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: How to make oauth authentication with wikipedia?

Sam Wilson
On 27/07/18 17:01, Shrinivasan T wrote:
>> I'd hope that https://www.mediawiki.org/wiki/OAuth/For_Developers
>> covers this. The Commons Android app developers had a similar request in https://phabricator.wikimedia.org/T179519 .
>
> The request for oauth fro commons app is rejected due to some legal issues.
>
> Seems we also have to use the regular username, password login method.
>

I've been wondering about how this sort of thing would work as well, in
the context of a Piwigo plugin that I've been working on for easily
uploading photos to Commons (or any MediaWiki site). It seems the
easiest way to do it is to get users to register their own personal
(owner-only) OAuth consumer (which I think never requires approval?) and
then have them enter the consumer token in the app. Then they still have
to go through the access token request process, but it feels reasonably
straight forward, if less convenient than just clicking "log in with
Commons".

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: How to make oauth authentication with wikipedia?

Gergo Tisza
On Sat, Jul 28, 2018 at 10:37 AM Sam Wilson <[hidden email]> wrote:

> I've been wondering about how this sort of thing would work as well, in
> the context of a Piwigo plugin that I've been working on for easily
> uploading photos to Commons (or any MediaWiki site). It seems the
> easiest way to do it is to get users to register their own personal
> (owner-only) OAuth consumer (which I think never requires approval?) and
> then have them enter the consumer token in the app.


I'd say that's the hardest (although it could be made more user-friendly
with some effort).
See https://phabricator.wikimedia.org/T179519#3727899 for other options.
_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: How to make oauth authentication with wikipedia?

Sam Wilson
On 29/07/18 00:35, Gergo Tisza wrote:

> On Sat, Jul 28, 2018 at 10:37 AM Sam Wilson <[hidden email]> wrote:
>
>> I've been wondering about how this sort of thing would work as well, in
>> the context of a Piwigo plugin that I've been working on for easily
>> uploading photos to Commons (or any MediaWiki site). It seems the
>> easiest way to do it is to get users to register their own personal
>> (owner-only) OAuth consumer (which I think never requires approval?) and
>> then have them enter the consumer token in the app.
>
>
> I'd say that's the hardest (although it could be made more user-friendly
> with some effort).
> See https://phabricator.wikimedia.org/T179519#3727899 for other options.

Good point: I guess I meant "easiest" as in "closest to getting oauth
working"! :) But yeah, hardly simple from the user's point of view.

I was thinking that bot passwords are generally discouraged as part of a
normal user workflow. I'm probably thinking too strongly though, and
it's fine to direct people to Special:BotPasswords. Although, by default
it does say "If you don't know why you might want to do this, you should
probably not do it." which might be discouraging to some people. Still,
easy enough to spell out what's going on before sending people there.

Thanks for the breakdown of the options here. :-)

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: How to make oauth authentication with wikipedia?

rupert THURNER-2
On Sun, Jul 29, 2018 at 8:16 AM, Sam Wilson <[hidden email]> wrote:

> On 29/07/18 00:35, Gergo Tisza wrote:
>
>> On Sat, Jul 28, 2018 at 10:37 AM Sam Wilson <[hidden email]> wrote:
>>
>> I've been wondering about how this sort of thing would work as well, in
>>> the context of a Piwigo plugin that I've been working on for easily
>>> uploading photos to Commons (or any MediaWiki site). It seems the
>>> easiest way to do it is to get users to register their own personal
>>> (owner-only) OAuth consumer (which I think never requires approval?) and
>>> then have them enter the consumer token in the app.
>>>
>>
>>
>> I'd say that's the hardest (although it could be made more user-friendly
>> with some effort).
>> See https://phabricator.wikimedia.org/T179519#3727899 for other options.
>>
>
> Good point: I guess I meant "easiest" as in "closest to getting oauth
> working"! :) But yeah, hardly simple from the user's point of view.
>
> I was thinking that bot passwords are generally discouraged as part of a
> normal user workflow. I'm probably thinking too strongly though, and it's
> fine to direct people to Special:BotPasswords. Although, by default it does
> say "If you don't know why you might want to do this, you should probably
> not do it." which might be discouraging to some people. Still, easy enough
> to spell out what's going on before sending people there.
>

if one takes an example, lke https://tools.wmflabs.org/video2commons/, is
this implemented like it should? is there any difference from "any"
application or applications on the tools server? am looking at the code
here currently:
https://github.com/toolforge/video2commons/blob/master/video2commons/frontend/app.py
the "dologin" method.

rupert
_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: How to make oauth authentication with wikipedia?

Bryan Davis
On Sun, Jul 29, 2018 at 12:37 AM rupert THURNER
<[hidden email]> wrote:
>
> if one takes an example, lke https://tools.wmflabs.org/video2commons/, is
> this implemented like it should? is there any difference from "any"
> application or applications on the tools server? am looking at the code
> here currently:
> https://github.com/toolforge/video2commons/blob/master/video2commons/frontend/app.py
> the "dologin" method.

Yes, there is a major difference between a web application like the
video2commons tool and a device native application like an Android
app. That difference is that in a web application secret data can be
kept on the web server side that is not visible to the end user. This
allows the OAuth application secret to be used in signing requests to
the Wikimedia servers without exposing that secret to anyone who is
looking at the source code of the web application. This separation is
not possible when the application is running on end-user controlled
devices as a phone or desktop application does.

Bryan
--
Bryan Davis              Wikimedia Foundation    <[hidden email]>
[[m:User:BDavis_(WMF)]] Manager, Technical Engagement    Boise, ID USA
irc: bd808                                        v:415.839.6885 x6855

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l