User talk:BDavis (WMF)/Archives/2021

Latest comment: 2 years ago by নকীব বট in topic OAuth Approval

logrotate on toolforge tools?

Hello! I hope that you're doing okay. I was wondering if we could use logrotate on Toolforge tools? Last time I issued a plain logrotate command (followed Toolforge said that no such thing existed. Thanks for your assistance. Best regards, —MarcoAurelio (talk) 21:26, 10 February 2021 (UTC)

@MarcoAurelio: /usr/sbin/logrotate certainly exists on the Toolforge bastions and grid exec nodes. If you are looking for logrotate inside a Kubernetes container, you are right that it is not there. If you feel that there is s justification for having a tool like logrotate in a container, #toolforge-software would be the correct place to request that. --BDavis (WMF) (talk) 01:32, 11 February 2021 (UTC)
Thanks for your reply. I am not sure what a Kubernetes container is to be honest, but I won't be asking further here and will respect your notice above. Best regards, —MarcoAurelio (talk) 12:21, 13 February 2021 (UTC)

Consumer misflagged as "local testing": callback URL for local public clients

Hi, Bryan! Please let me know if this is not the place to post this (I'd appreciate it if you could tell me where to post it, if it isn't). Thanks for approving OAuth consumers Cita 0.2 and Cita 0.3. I see you've flagged them as "localhost testing". I guess this was because the redirect URL is http://localhost:23119/cita/oauth/callback. However, I didn't mean it was for testing.

Cita is an extension for the reference management software Zotero, running on users' computers. This local callback URL is handled by a local web server run by Zotero, which parses the authorization code and passes it to Cita, so it can request the access token. Unfortunately, Cita does not have a companion web service online to which the callback URL could point to instead. Maybe I misunderstood where the callback URL should point to for this kind of local public clients?

On the other hand, I recently posted a question about making anonymous edits with the tool through OAuth 2, so they would get the same revision tag that logged-in edits do. If you think you can add to that discussion, I would really appreciate it as well.

Thank you! --Diegodlh (talk) 23:21, 23 May 2021 (UTC)

@Diegodlh: Ack on the "testing" part, but it is certainly "localhost" right? This is OAuth web flow and the redirect from meta will return a redirect to the non-routable http://localhost:23119 URL to deliver the auth token to the client.
I don't have any coherent thoughts on your OAuth 2 question other than it sounds a bit like you are wanting to abuse the feature of edit tagging for OAuth attribution, which is primarily an anti-abuse/attribution feature to show that an authed edit was made via a externally held grant, as analytics for all actions done via your tool. My initial feeling is that mw:Manual:Tags may be a better way to do that, but maybe there are concerns I'm not understanding. --BDavis (WMF) (talk) 20:36, 24 May 2021 (UTC)

OAuth Approval

The Oauth you approved is not working as it says the Bot is not approved as a connected app. [1]নকীব বট (talk) 20:54, 5 September 2021 (UTC)

নকীব বট, you requested an OAuth 2.0 consumer application. The consumer that you registered must use an OAuth 2.0 Authorization Code flow to acquire credentials for another user account. The prior consumers that you have registered for this tool were configured to use the OAuth 1.0a protocol. Those use a different flow and API endpoints to obtain credentials. You will need to either change your application code to use the OAuth 2.0 process, or request a different consumer using the OAuth 1.0a protocol to make things work as expected. --BDavis (WMF) (talk) 00:51, 6 September 2021 (UTC)
Got it, I had to write the code from specification though. Thank you. নকীব বট (talk) 13:22, 6 September 2021 (UTC)
Return to the user page of "BDavis (WMF)/Archives/2021".