The OAuth identity endpoint (the Special:OAuth/identify special page for OAuth 1, the oauth2/resource/profile REST API endpoint for OAuth 2) used to return an incorrectly formatted JSON web token, where value of the 'sub' field (the user's CentralAuth central user ID) was an integer, rather than a string as required by the JWT spec.
Due to the latest release of the pyJWT library getting more strict about format validation, this started causing errors in various tools recently. As of this week, this behavior has been fixed for Wikimedia sites, and it has been fixed in all maintained versions (MediaWiki 1.39 and upwards) of the OAuth MediaWiki extension which provides this API. Because the old behavior was a spec violation and caused errors, and it's unlikely the correct behavior would break clients, we are making this fix as a breaking change rather than following the usual API deprecation policies. For more details and discussion see https://phabricator.wikimedia.org/T382139
_______________________________________________ Mediawiki-api-announce mailing list -- mediawiki-api-annou...@lists.wikimedia.org To unsubscribe send an email to mediawiki-api-announce-le...@lists.wikimedia.org
_______________________________________________ Cloud mailing list -- cloud@lists.wikimedia.org List information: https://lists.wikimedia.org/postorius/lists/cloud.lists.wikimedia.org/
