Jump to content

Topic on Talk:Requests for comment/AuthManager

Sharihareswara (WMF) (talkcontribs)

This RfC is due to be discussed briefly on April 9th; join us!

Sharihareswara (WMF) (talkcontribs)

Meeting log:


22:07:39 <sumanah> OK, let's move on to AuthStack
22:07:45 <sumanah> #topic Authstack
22:07:49 <sumanah> #link https://www.mediawiki.org/wiki/Requests_for_comment/AuthStack
22:07:55 <sumanah> #info Tyler updated this earlier this year. He responded to a request and "reduced the scope of the RFC by removing the Permissions infrastructure and the ClientSession class." So we could use a fresh opinion.
22:08:00 <sumanah> (parent5446 that is)
22:08:50 <brion> oh authn/z…. what a fun world :D
22:09:09 <sumanah> csteipp: you probably have opinions ^
22:09:17 <parent5446> Yeah, so the goal of this is to get rid of the ChainedAuth hook in LdapAuthentication
22:09:29 <parent5446> B/c it's basically a hack to allow more than one authnz method
22:09:55 <sumanah> (while I wait for other people to respond: I am writing to you from a hallway at PyCon, the Python convention. It is in Montreal, so I have unearthed the French I learned 15 years ago. Je voudrais acheter un bilet!)
22:10:06 <csteipp> I really do like the concept in general. The ldap especially makes a compelling use case.
22:10:30 <parent5446> It also tries to adopt the whole service-oriented architecture theme we have going
22:11:26 <brion> i’ll defer to those who have been poking at auth code more recently on this one, but it sounds good in theory
22:11:40 <brion> old AuthPlugin was a bit hacky and was done without benefit of experience in using said plugins  :D
22:12:07 <brion> any implications for LDAP, CentralAuth, etc?
22:12:10 <parent5446> I do need feedback on one thing. Is it OK to use ExternalUser as a class name? Because it is the same class name as the recently removed ExternalUser experiment.
22:12:25 * brion whispers “namespaces!”
22:12:47 <parent5446> Lol, I can put this stuff in a namespace if we support putting core classes in namespaces
22:13:34 <brion> parent5446: worst case we can change the class name i guess :)
22:13:35 <csteipp> Was there an "ExternalUser experiment"? I missed that. The name sounds ok to me, but "ExternalAuthUser" would be fine too
22:13:49 <brion> actually i’d kinda prefer ExternalAuthUser, that’s more descriptive
22:13:55 <parent5446> Yeah, I think it was removed in a previous version. I don't think anybody ever used it
22:14:13 <sumanah> peut-etre Tim pense un quelque chose ici <----- (terrible high school French for "maybe TimStarling thinks something here")
22:14:22 <parent5446> I'd support ExternalAuthUser as well.
22:14:44 <sumanah> (since he was the one to comment in July)
22:14:51 <csteipp> Definitely look into the bug that we have open about initializing users using session setup... just to avoid the situation we're currently in
22:14:53 <brion> #info some agreement to changing ExternalUser to ExternalAuthUser for clarity and to avoid potential conflict
22:15:46 * sumanah waits another minute for Tim to speak up before we move on to Abstract table definitions (which should be quick)
22:16:03 <brion> :)
22:16:16 <sumanah> hmm, anything else to #info here?
22:16:50 <sumanah> #info a few people like the idea in general
22:16:51 <parent5446> Once I finish up the Password patch I'll start working on AuthStack code
22:16:52 <brion> #info people seem to like the general idea — likely to proceed?
22:16:54 <MaxSem> #info Everyone believes it's generally a good idea
22:16:58 <brion> :D
22:17:06 <sumanah> #info <parent5446> Once I finish up the Password patch I'll start working on AuthStack code
22:17:16 <sumanah> All right
22:18:14 <csteipp> parent5446: bug 41201
22:18:51 <parent5446> csteipp: Thanks. That's for the the ClientSession part
Sharihareswara (WMF) (talkcontribs)

Summary:

  • some agreement to changing ExternalUser to ExternalAuthUser for clarity and to avoid potential conflict (brion, 22:14:53)
  • a few people like the idea in general (sumanah, 22:16:50)
  • people seem to like the general idea — likely to proceed? (brion, 22:16:52)
  • Everyone believes it's generally a good idea (MaxSem, 22:16:54)
  • <parent5446> Once I finish up the Password patch I'll start working on AuthStack code (sumanah, 22:17:06)
Sharihareswara (WMF) (talkcontribs)

Have you had time to work on this?

Parent5446 (talkcontribs)

Just a little tiny bit. Unfortunately the password patch has not been merged yet, so that's my main focus. But I have some code stored in a branch on my computer with an outline for this.

Reply to "April 9th discussion"