The Dev8D wiki I set up for a recent JISC event uses OAuth to allow people to log in to the wiki using their twitter accounts (or users can register for wiki accounts in the usual way).
As promised in an earlier post, here’s a rough guide to how it was done.
1. Set up MediaWiki
I won’t go into details of how to do this here, but first step should be download and install a recent release of MediaWiki.
For a new wiki, I’d recommend installation of the reCAPTCHA plugin, to prevent automatic account registrations from spam bots.
I’d also prevent anonymous editing/creation of pages on the wiki, by adding the following lines to the bottom of your LocalSettings.php:
# Disable anonymous editing and page creation
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['create'] = false;
2. Create a new table in the MediaWiki database
Create a table named ‘twitter_users’ in your wiki database, with the following fields:
CREATE TABLE IF NOT EXISTS `twitter_users` (
`user_id` int(10) unsigned NOT NULL,
`twitter_id` varchar(255) NOT NULL,
PRIMARY KEY (`user_id`),
UNIQUE KEY `twitter_id` (`twitter_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;Note: If you’re using a prefix for your wiki database tables, this ‘twitter_users’ table will also need the prefix.
This table maps MediaWiki user accounts to twitter user accounts. It’s used to track whether an account on MediaWiki was created using twitter OAuth or not, and ensures only accounts created from twitter can be authenticated against twitter.
Without this, someone could create a twitter account with the same username as a non-twitter based wiki account (such as an admin account), and gain access.
3. Register a new twitter application
Go to http://twitter.com/oauth_clients, and follow the “Register a new application” link.
Fill in the fields as follows:
- Application Icon: anything you like
- Application Name: anything you like
- Description: anything you like
- Application Website: http://[your wiki base URL]/
- Organization: anything you like
- Website: anything you like
- Application Type: Browser
- Callback URL: http://[your wiki base URL]/oauth/callback.php
- Default Access type: Read-only
- Use Twitter for login: Yes
After submitting the form, you should get a Consumer key, Consumer secret, Request token URL, Access token URL, Authorize URL (make a note of these, or keep the window open somewhere for now).
4. Setup PHP OAuth library
I used the twitteroauth library for this (.tgz download).
This library requires PHP’s cURL library to be installed (package php5-curl on Ubuntu or other Debian-like systems).
Untar and unzip this into your MediaWiki extensions directory, and rename the directory to ‘oauth’:
cd /[wiki root directory]/extensions
wget http://github.com/abraham/twitteroauth/tarball/0.2.0-beta3
tar xzf abraham-twitteroauth-76446fa.tar.gz
mv abraham-twitteroauth-76446fa oauth
Recommended: Some of the code from this library needs to be accessible from a browser, so I’d recommend symlinking to this directory from the wiki root:
cd /[wiki root directory]/
ln -s extensions/oauth
You don’t have to do this, but it looks a bit neater than having URLs containing your wiki extensions directory.
Edit the config file in the oauth directory:
vi /[wiki root directory]/extensions/oauth/config.php
Set the ‘CONSUMER_KEY’ and ‘CONSUMER_SECRET’ to the values you got when you registered your OAuth application with twitter.
Set the ‘OAUTH_CALLBACK’ to ‘http://[your wiki base URL]/oauth/callback.php’.
To test that everything’s worked so far, visit:
http://[your wiki base URL]/oauth/
and click the button to sign in using twitter.
You should then be taken to a page on twitter.com which asks about allowing the application access to your twitter account. Clicking on the ‘Allow’ button should then redirect you back to:
http://[your wiki base URL]/oauth/index.php
Refresh the page, and you should see all the information twitter has passed back to the application.
5. Set up the wiki to use OAuth
Download TwitterAuth.php, and put it into the extensions directory:
cd /[wiki root directory]/extensions
wget http://github.com/davechallis/misc-scripts/raw/master/TwitterAuth.php
Modify your LocalSettings.php, and add the following lines:
require_once("$IP/extensions/TwitterAuth.php");
global $wgHooks;
$wgHooks['UserLoadFromSession'][] = 'twitter_auth';
$wgHooks['UserLogoutComplete'][] = 'twitter_logout';
Once you’ve added this, and signing in using OAuth worked as in the section above, try navigating to any wiki page. You should now be logged with your twitter username.
6. Additional Setup
Two last things need adding before we’re done:
6.1 Add a login button to the login page
Make a copy of the original, and then edit:
/[wiki root directory]/includes/templates/Userlogin.php
After the line which reads:
<p id="userloginlink"><?php $this->html('link') ?></p>
add the following lines:
<?php
$return = '';
if (isset($_GET['returnto'])) {
$return = "?returnto={$_GET['returnto']}";
}
?>
<p>Or: <a href="http://[wiki base URL]/oauth/redirect.php<?php echo $return;?>">
<img src="/Sign-in-with-Twitter-lighter.png" alt="Sign in with Twitter" /></a></p>
Change the text/image above to anything suitable for your site (twitter has some preferred button images for this).
6.2 Redirect to the correct page after login
Some code needs adding/tweaking so that a user returns to the page they were on after logging in (the code added above for the login button helps with this).
Modify:
/[wiki root directory]/extensions/oauth/callback.php
and change the line near the bottom from:
header('Location: ./index.php');
to:
header('Location: http://[wiki base URL]/index.php/' . $_SESSION['returnto']);
And finally modify:
/[wiki root directory]/extensions/oauth/redirect.php
Underneath the line which reads:
case 200:
add the following:
if (isset($_GET['returnto'])) {
$_SESSION['returnto'] = $_GET['returnto'];
}
else {
$_SESSION['returnto'] = '/';
}
That’s mostly it! I’ve probably forgotten a few things, and a lot of changes were made at the last minute/during Dev8D, so any fixes/suggestions are welcome.
http://github.com/davechallis/misc-scripts/raw/master/TwitterAuth.php
404……
May you send me a copy? THANK YOU VERY MUCH!!!!!!
Oops, file should be at:
https://github.com/davechallis/misc-scripts/blob/master/php/TwitterAuth.php
I’ll edit the blog post to match.
Can you please submit this extension/instructions to the MediaWiki plug-in community? I’m sure that there are others that would benefit from this without having to track it down via Google.
Thanks in advance.
Hi Dave, I wanted to let you know I acted on Marc K’s plea and on our needs and created a fully-fledged extension based on your work: https://secure.wikimedia.org/wikipedia/mediawiki/wiki/Extension:TwitterLogin
So if you feel like contributing, you’d be more than welcome!
Fatal error: Call to undefined method User::SetupSession() in /home/content/19/9001819/html/rtp/extensions/TwitterAuth.php on line 8
at step 4