Last modified: 2014-11-16 00:48:01 UTC
Steps to reproduce: 1) Create a totally new account on the English Wikipedia. 2) Go to https://tools.wmflabs.org/oauth-hello-world/ 3) Click "Authorize this application" Expected result: I am able to authorise the application Actual result: Error "Unified login needed, E008" The error is caused because the totally new user doesn't have a local account on mediawiki.org. One is created immediately afterwards, but it's that little bit too late. If you refresh the page showing you the error, it works just fine.
Could we just silently create the user's account if they own the global login for their name? That solution is future-proofed as when the SUL finalisation happens there'll be no edge cases.
(In reply to Dan Garry from comment #1) > Could we just silently create the user's account if they own the global > login for their name? That solution is future-proofed as when the SUL > finalisation happens there'll be no edge cases. To be precise, I meant to silently create their account the very first time they're directed to mediawiki.org to authorise an application.
(In reply to Dan Garry from comment #2) > (In reply to Dan Garry from comment #1) > > Could we just silently create the user's account if they own the global > > login for their name? That solution is future-proofed as when the SUL > > finalisation happens there'll be no edge cases. > > To be precise, I meant to silently create their account the very first time > they're directed to mediawiki.org to authorise an application. If they go to mediawiki.org to authorize the app, then they will be autocreated and everything will work. The issue is that authorization works on any wiki, so the app owner can chose to have their zh users authorize on zhwiki... in which case they don't ever touch mw.o / meta, so they never get autocreated. Trying to force an autocreation on the central wiki as part of the authorization process is probably possible. We had talked about dropping a hidden iframe on the page and just letting the normal create-on-view process work, but that seemed like a giant hack.
*** Bug 72791 has been marked as a duplicate of this bug. ***
A user ran into this with Quarry at the Community Data Science Workshop I was at today, and it was really confusing trying to clear whatever caches were stopping the user from successfully logging in even after visiting another wiki. Given that OAuth apps are increasingly often the entry point for new users, this bug really hamstrings OAuth.