This article or section may contain out-of-date information. The information is no longer correct, or no longer has relevance.|
If you know about the current state of affairs, please help keep everyone informed by updating this information. (Discussion)
|Test it here: |
An attempt to create a MediaWiki AuthPlugin to perform logins against OSM db rather than MW's separate db (Single sign on)
The following are required by the AuthPlugin interface:
bool userExists(string $username)
From testing, it appears this method is tried before authenticate.
bool authenticate(string $username, string $password)
Rudimentary implementation with PEAR HTTP_Request done, but needs userExists to work before it can be tested.
bool setPassword(User $user, string $password)
If there's nothing in the API, this should return false. Otherwise, allowPasswordChange should be true.
(void) initUser(User &$user, bool $autocreate=false)
Fills preferences, etc. Can be used to do things like pulling the email address from OSM into MW.
string getCanonicalName(string $username)
MW capitalizes the first letter, and translates all underscores to spaces.
autoCreate: create internal account on Wiki for users that exist on the main DB but not here? Probably should be true.
allowPasswordChange: can users change their passwords? Unless there's something in the API to do this, false.
canCreateAccounts: can accounts on the OSM DB be created through the MW interface? Without API support, false.
strict: should failures against the OSM DB be fatal? For the moment, this should probably be false to allow people with different account names to login using their MW details.
Things needed to push forward:
A URL that returns very little data, that the Authorization: header can be sent to (preferably via HTTP HEAD), and actually returns something other than HTTP 200 when this fails.
- Some means (preferably via an API call) of establishing simply whether or not a given username is taken.
- Confirmation that there are no usernames containing both spaces and underscores, and that no usernames contain [ or ].