Page MenuHomePhabricator
Create Task
Maniphest T364829

Update Wikimedia apps to use central login domain
Open, Needs TriagePublic
Actions

Description

We want to change login to always happen on one specific domain (T348388: Use central login wiki for login (SUL3)). This will probably have some effect on Wikimedia mobile apps.

These apps currently use the clientlogin API to get CentralAuth cookies, and use those cookies on all requests. The clientlogin API is tightly coupled to the login UI and will change when the login UI changes. We plan to change the login UI on all wikis that aren't the central login wiki to redirect to the central login wiki; correspondingly, the clientlogin API will return a REDIRECT response, which the apps aren't prepared for. The old login flow will probably remain available but only behind a feature flag (such as adding a usesul3=0 parameter to the login page URL / login API request).

Apps will have to implement one of these changes:

  • Switch to using the clientlogin API on the central domain. This should be a trivial change (but for now blocked on figuring out what the central domain will be - T363695: Create a Wikimedia login domain that can be served by any wiki).
  • Keep using the clientlogin API on wherever they are logging in currently, but use the fallback flag (which will eventually go away, but not soon).

Given that code changes for apps take time, we have to make sure that either the fallback flag, or the clientlogin API on the central login wiki, is operational long enough before the clientlogin API behavior change on the other wikis.

Alternatively, we could have the SUL3 feature flag default to true on web but false on API.

Related Objects
Search...

Event Timeline

Tgr created this task.May 14 2024, 9:44 AM
Restricted Application added a project: MediaWiki-Platform-Team. · View Herald TranscriptMay 14 2024, 9:44 AM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Tgr renamed this task from Update Wikimedia apps to use central login domain (SUL3) to Update Wikimedia apps to use central login domain.May 14 2024, 9:44 AM
Tgr added a parent task: T348388: Use central login wiki for login (SUL3).
Tgr added a project: SUL3.May 14 2024, 12:59 PM
Tgr moved this task from Backlog to Ready on the SUL3 board.May 14 2024, 1:02 PM
Tgr moved this task from Ready to Blocked / External on the SUL3 board.
larissagaulia moved this task from Inbox, needs triage to Soon on the MediaWiki-Platform-Team board.May 27 2024, 2:26 PM
Tgr updated the task description. (Show Details)Jun 20 2024, 12:05 PM
Tgr added a subscriber: Seddon.Jun 20 2024, 1:53 PM

Per @Seddon, breaking changes to the API should not happen for at a minimum 12, preferably 24 months after the apps were updated for the new behavior. So we'll need to use different defaults for the SUL3 feature flag on the API and web (which on second thought isn't particularly confusing - to API users it will just be exposed as a normal API parameter, they won't know or care that a similar feature flag exists on the web).

Tgr updated the task description. (Show Details)Jun 20 2024, 1:54 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits