Private wiki support?

[heaveaxy]

Hi,
Is it possible to use extension with private wiki where "all" group doesn't have read right? LocalSettings.php contains
$wgGroupPermission['*']['read'] = false;
which cause an error "readapidenied" when trying to use extension. If change it to true extensions works properly.

Steps to reproduce:

1. I create a bot inside my account on MW.
2. In extension settings I wrote username and password got on previous step.
3. Check and correct all other settings - host name, usr schema, api endpoint etc.
4. Open new tab, write some wikitext.
5. Trying to preview - error "readapidenied".

MW 1.40

In logs of webserver I see one query to api.php every time I run preview. As I know mediawiki requires several queries - one to get token, another one to authorize and finally useful query.

[Frederisk]

First try Ctrl+Shift+P and then choose Wikitext:Login. Then perform a preview. This should solve the problem.

[heaveaxy]

Yes, it solved the problem. Thanks!
It will be good to have a note about it in "Usage" section of README.

[heaveaxy]

Still, there is a problem with authentication when you open arcticle using Wikitext-Extension-Gadget it shows same error even if authentication has prepared using Ctrl+Shift+P and Wikitext:Login. Some additional actions needed?

[Frederisk]

This part can be a little complicated. Because I originally designed these extensions mainly to provide support for some public wikis.

You need to delete or comment out the following three lines here:

// RemoteBot: ...
// TransferProtocol: ...
// SiteHost: ...

Then recompile it and add the compiled snippet to your preferences.

[Frederisk]

I might consider releasing a private wiki version later.🤔

[threddast]

Would it be possible to use this with the OpenIDConnect extension?

[Frederisk]

@heaveaxy @threddast Sorry to bother you, but I would be very grateful if you cloud help me test it.

Instead of doing what I'm saying here. Just change this line to:

RemoteBot: 'false',

Compile and add it to the user script and check if it works properly in a private wiki. If any problems occur, please let me know. Thanks.

[simonmysun]

Hi, I'm trying to use this plugin in my own private wiki. However, because I have enabled TOTP, I cannot log in via Wikitext:Login

ErrorName: Error; ErrorMessage: invalidjson: No valid JSON response;

Are you planning to support TOTP? Or should I set up a bot?

Thx

[Frederisk]

@simonmysun Sorry for the late reply. There is no plan to support other login methods at present. I still recommend you to use Bot Passwords to log in.

[simonmysun]

@Frederisk Ok. Thank you for your answer. I assumed it was simply stealing session cookies without looking into the code.

Using a bot will lead to relatively messy edit records and lower the security level. I hope in the future we could find a better workaround.