In the case of MediaWiki's OAuth Extension; Configuring a provider in request_token when the key is part of the body

[renoirb]

While attempting to configure MediaWiki's OAuth Extension (OAuth v1.0a).

I wanted to create the provider, but it turns out that the current model to create a provider (at least what I understand of it) is either not supporting the implementation details of MediaWiki OAuth extension, or I'm missing something.

My question is, due to those limitations, how can I configure in oauthd? Is it possible?

Extension implementation details

1. Extension uses OAuth 1.0

   Note: most of my attempts were made through a shell script that shows how to use the extension and it might be much helpful to see the implementation details.

2. base url HAS to be in the form 'http://mediawikihost/w/index.php?title=Special:OAuth' (as in, must have index.php (known Caveat).

   Quoting, in Extension:OAuth: When constructing your url, use /w/index.php?title=Special:OAuth/initiate instead of /wiki/Special:OAuth/initiate, because MediaWiki Extension will silently creates in the index.php?title=Special:OAuth/initiate format and therefore makes the hash invalid.

   url in provider conf.json therefore has to have this format. I guess that when you append request_token {Request-Object} parameters to it, it would create a different address to call, right?

3. The key given by MediaWiki is within the body of the response, in the following format:

   {"key":"OAUTH_VERIFIER_VALUE","secret":"SECRET","oauth_callback_confirmed":"true"}
   

   And the extension requires that you request your token with oauth_callback set to oob (i.e. "Out Of Band"), see Endpoint samples below.

Endpoint samples:

• request_token:

      https://mediawikihost/w/index.php?title=Special:OAuth/initiate&format=json&oauth_callback=oob` 
  

  OAUTH_VERIFIER_VALUE is inside the body of the content (i.e. out of band). They also require that oauth_callback=oob; oob is for Out Of Band, it is not a random string.

• access_token:

       https://mediawikihost/w/index.php?format=json&oauth_consumer_key=....&oauth_nonce=....&oauth_signature=....&oauth_signature_method=....&oauth_timestamp=....&oauth_token=....&oauth_verifier=OAUTH_VERIFIER_VALUE&oauth_version=1.0&title=Special%3AOAuth%2Ftoken`
  

• authorize:

      https://mediawikihost/w/index.php?title=Special:OAuth/authorize&oauth_token=....&oauth_consumer_key=...
  

Attempt to create a provider

I understand that I could configure oauth1 members (e.g. "request_token" with a few keys based on (url, parameters, etc) but
Here is what I ended up trying:

{
        "name": "MediaWiki instance",
        "desc": "TODO",
        "url": "https://mediawikihost/w/index.php?title=Special:OAuth",
        "oauth1": {
                "request_token": "/initiate&format=json&oauth_callback=oob",
                "authorize": "/authorize&format=json",
                "access_token": "/token&format=json"
        },
        "href": {
                "keys": "https://mediawikihost/wiki/Special:OAuthConsumerRegistration/propose",
                "docs": "http://mediawikihost/#docpage-todo",
                "apps": "http://mediawikihost/#appspage-todo",
                "provider": "http://mediawikihost/#providerpage-todo"
        }
}