https://bugzilla.wikimedia.org/show_bug.cgi?id=60407

       Web browser: ---
            Bug ID: 60407
           Summary: API edit token in betalabs is always an anonymous edit
                    token
           Product: Wikimedia Labs
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: Unprioritized
         Component: deployment-prep (beta)
          Assignee: wikibugs-l@lists.wikimedia.org
          Reporter: jh...@wikimedia.org
                CC: benap...@gmail.com, cmcma...@wikimedia.org,
                    has...@free.fr, mhershber...@wikimedia.org,
                    platoni...@gmail.com
    Classification: Unclassified
   Mobile Platform: ---

In developing some test setup/teardown methods via the Mediawiki API, we have
noticed that en.wikipedia.beta.wmflabs.org (beta labs) always returns an
anonymous edit token, even following a successful login.  This does not happen
in other environments - in other environments, the edit API action is
authenticated as expected.

Repro workflow:

1) Request login token: curl -c cookies.txt -X POST
'http://en.wikipedia.beta.wmflabs.org/w/api.php?action=login&format=json&lgname=<username>&lgpassword=<password>&lgtoken='

2) Submit login token: curl -b cookies.txt -X POST
'http://en.wikipedia.beta.wmflabs.org/w/api.php?action=login&format=json&lgname=<username>&lgpassword=<password>&lgtoken=<token
obtained in previous step>'

3) Request edit token, reusing the same cookie obtained above: curl -b
cookies.txt -X POST
"http://en.wikipedia.beta.wmflabs.org/w/api.php?action=tokens&type=edit&format=json";

Response to step #3 is an anonymous edit token: {"tokens":{"edittoken":"+\\"}}


In other environments, such as test2.wikipedia.org, the response in step #3 is
something like the following, which is the expected behavior (a valid edit
token is returned):
{"tokens":{"edittoken":"5d75e6ca92d6de881921f068ebd7b695+\\"}}

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to