jenkins-bot has submitted this change and it was merged.
Change subject: Allow for non-web-based consumers
......................................................................
Allow for non-web-based consumers
Some consumers are not web sites, so they don't really have a sane value
to enter for the callback URL.
This change allows Special:MWOAuth/verified to be used as the callback
URL, which will display the verification code and instructions to copy
this code into the consumer application.
Change-Id: I0193101050419c42f981c61c440880a4cda1fdf1
---
M frontend/language/MWOAuth.i18n.php
M frontend/specialpages/SpecialMWOAuth.php
2 files changed, 24 insertions(+), 1 deletion(-)
Approvals:
Aaron Schulz: Looks good to me, approved
jenkins-bot: Verified
diff --git a/frontend/language/MWOAuth.i18n.php
b/frontend/language/MWOAuth.i18n.php
index f4bb18f..7317be4 100644
--- a/frontend/language/MWOAuth.i18n.php
+++ b/frontend/language/MWOAuth.i18n.php
@@ -12,6 +12,10 @@
'mwoauth' => 'OAuth',
'mwoauth-desc' => 'OAuth 1.0a API Authorization',
+ 'mwoauth-verified' => 'The application is now allowed to access
MediaWiki on your behalf.
+
+To complete the process, provide this verification value to the application:
\'\'\'$1\'\'\'',
+
'mwoauth-missing-field' => 'Missing value for "$1" field',
'mwoauth-invalid-field' => 'Invalid value provided for "$1" field',
@@ -266,6 +270,9 @@
$messages['qqq'] = array(
'mwoauth' => 'Title of MWOAuth page',
'mwoauth-desc' => 'Used as subtitle.',
+ 'mwoauth-verified' => 'Displayed to the user when the consumer does not
have a callback URL, to provide the verification token that the consumer needs
to complete the authorization process. Parameters:
+* $1 - Verificiation token
+* $2 - Request token (the app should already have this)',
'mwoauth-missing-field' => 'Parameters:
* $1 - field name
See also:
diff --git a/frontend/specialpages/SpecialMWOAuth.php
b/frontend/specialpages/SpecialMWOAuth.php
index 542a62d..2efdc05 100644
--- a/frontend/specialpages/SpecialMWOAuth.php
+++ b/frontend/specialpages/SpecialMWOAuth.php
@@ -9,7 +9,7 @@
$this->setHeaders();
$request = $this->getRequest();
$format = $request->getVal( 'format', 'raw' );
- if ( !in_array( $subpage, array( 'initiate', 'authorize',
'token' ) ) ) {
+ if ( !in_array( $subpage, array( 'initiate', 'authorize',
'verified', 'token' ) ) ) {
$this->showError( 'oauth-client-invalidrequest',
$format );
}
@@ -122,6 +122,22 @@
$this->returnToken( $token, $format );
break;
+ case 'verified':
+ $format = $request->getVal( 'format',
'html' );
+ $verifier = $request->getVal(
'oauth_verifier', false );
+ $requestToken = $request->getVal(
'oauth_token', false );
+ if ( !$verifier || !$requestToken ) {
+ throw new MWOAuthException(
'mwoauth-bad-request' );
+ }
+ $this->getOutput()->addSubtitle(
$this->msg( 'mwoauth-desc' )->escaped() );
+ $this->showResponse(
+ $this->msg( 'mwoauth-verified',
+ wfEscapeWikiText(
$verifier ),
+ wfEscapeWikiText(
$requestToken )
+ )->parse(),
+ $format
+ );
+ break;
default:
throw new OAuthException(
'mwoauth-invalid-method' );
}
--
To view, visit https://gerrit.wikimedia.org/r/80569
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I0193101050419c42f981c61c440880a4cda1fdf1
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/OAuth
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>
Gerrit-Reviewer: Aaron Schulz <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: CSteipp <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
