Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Provide a specific OAuth2 authorization endpoint for the MediaWiki standalone plugin

Download Browse

The only differences with the OAuth2 server endpoint is that only a few scopes can be requested but they are always auto approved without consent from the users. This situation is acceptable because we trust the MediaWiki installation. The only allowed scopes are the ones needed for the integration to work so information about the users, the sign-in scope to authenticate the users and read-only informations about projects. The generic OAuth2 server authorization endpoint cannot be used to deliver an auth code for the specific "MediaWiki" apps and vice versa. Functionnal tests is a bit tedious at this stage since there is nothing generating a "MediaWiki app" (so no client ID/client secret). However the generic OAuth2 server authorization endpoint should continue to work as before (you can check that using the E2E tests of the OAuth2 plugin). Part of story #24227: have private oauth2 endpoints for Mediawiki Change-Id: I4653f9b9c07fec9c1662c32fc51cf8996572cdc1

+581 −14
Thomas Gerbet (tgerbet) 2022-02-25 11:41
Thomas Gerbet (tgerbet) 2022-02-25 11:41
a1367d22607b51324bcd0bb0c690ecacadb759f5
71eca942cf6b387b7c87166a3618645d5ac58728
git #tuleap/stable/a1367d22607b51324bcd0bb0c690ecacadb759f5

Modified Files

Side by side diff
Inline diff
Name
A plugins/mediawiki_standalone/include/OAuth2/MediawikiStandaloneOAuth2ConsentChecker.php +71 −0 Go to diff View file
A plugins/mediawiki_standalone/include/OAuth2/RejectAuthorizationRequiringConsent.php +55 −0 Go to diff View file
M plugins/mediawiki_standalone/include/mediawiki_standalonePlugin.php +111 −0 Go to diff View file
A plugins/mediawiki_standalone/tests/unit/OAuth2/MediawikiStandaloneOAuth2ConsentCheckerTest.php +88 −0 Go to diff View file
A plugins/mediawiki_standalone/tests/unit/OAuth2/RejectAuthorizationRequiringConsentTest.php +85 −0 Go to diff View file
M plugins/oauth2_server/include/oauth2_serverPlugin.php +5 −1 Go to diff View file
M src/common/OAuth2ServerCore/App/AppDao.php +3 −3 Go to diff View file
M src/common/OAuth2ServerCore/App/AppFactory.php +2 −2 Go to diff View file
A src/common/OAuth2ServerCore/App/AppMatchingClientIDFilterAppTypeRetriever.php +47 −0 Go to diff View file
A src/common/OAuth2ServerCore/App/RetrieveAppMatchingClientID.php +31 −0 Go to diff View file
M tests/unit/common/OAuth2ServerCore/App/AppFactoryTest.php +8 −8 Go to diff View file
A tests/unit/common/OAuth2ServerCore/App/AppMatchingClientIDFilterAppTypeRetrieverTest.php +75 −0 Go to diff View file