Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
MediaWiki Restful Authentication
PHP Shell
Branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
tests
README.markdown
mw_restful_auth.php
run_tests.sh

README.markdown

MediaWiki Restful Auth

MediaWiki Restful Auth (MWRA) provides bare-bones SSO that works with standalone web apps.

MWRA is a MW extension that replaces the global $wgAuth authentication instance to take complete control of the user authentication.

MWRA features include Login, Logout, and MW-User auto-creation.

Installing MWRA

Overview

MWRA is maintained on a public repository at http://github.com/andyl/mwra. To install MWRA, first clone the repository into <MediaWikiDir>/extensions, then update LocalSettings.php.

Required Software

MWRA depends on these packages:

  • PHP5
  • Apache2
  • MediaWiki

Cloning the MWRA Repo

> cd <MediaWikiDir>/extensions
> git clone http://github.com/andyl/mwra

Updating LocalSettings.php

Place the following two lines in your LocalSettings.php file:

require_once('./extensions/mwra/mw_restful_auth.php');
$wgAuth = new MW_Restful_Auth();

Disabling Login/Logout Links

Since login is handled by MWRA, you can disable the pages Special:UserLogin and Special:UserLogout, and remove the login and logout links. Add the following code to LocalSettings.php.

function RemoveSpecialPages(&$list) {
  unset( $list['Userlogout'] );
  unset( $list['Userlogin'] );
  return true;
}
$wgHooks['SpecialPage_initList'][] = 'RemoveSpecialPages';

function RemoveLogoutLink(&$personal_urls, &$wgTitle) {  
  unset( $personal_urls["logout"] );
  return true;
}
$wgHooks['PersonalUrls'][] = 'RemoveLogoutLink';

More Information:

How MWRA Works

The authenticate_user function

Every time a MW page renders, the authenticate_user function is called. If the user is logged in, the page renders normally. If the user is not logged in, the function looks for a username passed in the url (?username=My.Name). If a valid username was found, a MW session is created for the user, a MWRA session is created, and the page renders.

Remote authentication

If a valid username is not found, MWRA redirects to a third party web-app. This web-app can authenticate the user, then return the user to MW with the username parameter (?username=My.Name).

Changing users / Logging out

To log in as another user, send the username parameter with the new name (?username=New.Name). To log out, send the username parameter with a blank name (?username=).

Related Auth Extensions

Debugging MWRA

This section is for MediaWiki/PHP newbies...

Log Files

Log file location (most linux systems): /var/log/apache2

View the access log and error log:

> cd <log file directory>
> tail -f access.log
> tail -f error.log

To generate log file output: error_log("your string");

Browsing the MediaWiki Source using Vim

Using ctags, Vim does an OK job of jumping to MW function definitions.

MWRA Tests

MWRA comes with a set of unit tests built using PHPUnit. These tests are used by developers who maintain or extend MWRA.

Developers who are experienced in languages like Ruby or Python may find PHPUnit to be crude and complicated. But PHPUnit has already been integrated with MediaWiki, and even crude testing is better than no testing.

The Test Environment

MediaWiki Tests depend on these software packages.

  • Pear - for installing PhpUnit
  • PhpUnit - for running the MWRA tests
  • MediaWiki/Phase3 - a special MediaWiki distribution for developers

Sudo is required to install Pear and PhpUnit.

MediaWiki has a distribution for developers with test support. Get it using:

svn checkout http://svn.wikimedia.org/svnroot/mediawiki/trunk/phase3

MediaWiki Tests

Before running MWRA tests, make sure you can run MediaWiki tests.

cd <MediaWikiDir>/tests/phpunit
make help

Running MWRA Tests

Once the MediaWiki tests run, you can run the MWRA tests.

cd <MediaWikiDir>/extensions/mwra
./run_tests.sh

MediaWiki Testing References

Something went wrong with that request. Please try again.