Manual:Pywikibot/OAuth

From Linux Web Expert

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
See also the more detailed Wikimedia-specific tutorial.

MediaWiki supports OAuth v1.0a and v2.0 as methods of authentication, but Pywikibot only supports v1.0a.

More information about OAuth support of MediaWiki: OAuth/For Developers

Requirements

  • The wiki where you want to use the bot needs Extension:OAuth installed and configured properly
  • Python library mwoauth
  • Register your bot. The OAuth tokens could be generated at Special:OAuthConsumerRegistration/propose. In case of a wikifarm, this needs to be the central wiki of the farm. In case of Wikimedia, it's m:Special:OAuthConsumerRegistration/propose. You need to check the option "⧼Mwoauth-consumer-owner-only⧽"

Configuration

user-config.py

OAuth tokens are set in authenticate of user-config.py:

authenticate['en.wikipedia.org'] = ('consumer_token', 'consumer_secret', 'access_token', 'access_secret')

Use the site's host URL as the key of dict to specifying OAuth tokens. Also, Pywikibot supports wildcard '*' as the prefix of URL:

authenticate['*.wikipedia.org'] = ('consumer_token', 'consumer_secret', 'access_token', 'access_secret')

Pywikibot will match the best OAuth tokens for requests.

You should make user-config.py unreadable for others (chmod 600 user-config.py) before adding OAuth tokens/secrets to it.

Dynamically in code

Alternatively authenticate setting can be defined in code.

import pywikibot

pywikibot.config.usernames['commons']['commons'] = username
authenticate = (consumer_token, consumer_secret, access_token, access_secret)
pywikibot.config.authenticate['commons.wikimedia.org'] = authenticate
site = pywikibot.Site('commons', 'commons')
site.login()

Usage

When there's OAuth tokens matched in user-config.py, Pywikibot will disable password login automatically and use OAuth tokens for authentication instead.

NOTE: Using OAuth will block logout function.

See also