Identity management service to centralize account creation/settings, access groups for Wikimedia Developer accounts.
See https://wikitech.wikimedia.org/wiki/IDM
As of 2023, stewarded by Infrastructure-Foundations
Identity management service to centralize account creation/settings, access groups for Wikimedia Developer accounts.
See https://wikitech.wikimedia.org/wiki/IDM
As of 2023, stewarded by Infrastructure-Foundations
Change #1100451 merged by jenkins-bot:
[operations/software/bitu@master] Password reset: use passlib for hashing
Change #1100451 had a related patch set uploaded (by Slyngshede; author: Slyngshede):
[operations/software/bitu@master] Password reset: use passlib for hashing
In T381327#10379053, @SLyngshede-WMF wrote:@Dogu is it the wrong password :-)
It should be the same password you use for https://idp.wikimedia.org
Maybe something else went wrong with the hashing.
One workaround is to sign out on https://idm.wikimedia.org and then sign out of SSO as well, from https://idp.wikimedia.org/logout and then go to https://idm.wikimedia.org and pretend that you forgot your password. Or perhaps just a easy, use Toolforge: https://toolsadmin.wikimedia.org/profile/settings/change_password/ that will work as well.
I'll do a bit more digging, but I can understand if you just need to change your password. I'll work out the issue separately.
@Dogu is it the wrong password :-)
In T381327#10378573, @SLyngshede-WMF wrote:@Dogu We've updated idm.wikimedia.org with the fix. If you still have a need to update your password, please give it a go and let me know how it goes.
@Dogu We've updated idm.wikimedia.org with the fix. If you still have a need to update your password, please give it a go and let me know how it goes.
Change #1100388 had a related patch set uploaded (by Slyngshede; author: Slyngshede):
[operations/software/bitu@master] Updated notification handling
Change #1100058 merged by jenkins-bot:
[operations/software/bitu@master] Password update: avoid triggering invalid hash error
Change #1100058 had a related patch set uploaded (by Slyngshede; author: Slyngshede):
[operations/software/bitu@master] Password update: avoid triggering invalid hash error
Okay, the bug has been located. We're using the passlib library to do password validation. Apparently that library is a little particular about formatting of hashes.
Hi, thank you for reporting.
In T381075#10364902, @SLyngshede-WMF wrote:I like that, it's not to complicated and flexible enough for most I should think.
I like that, it's not to complicated and flexible enough for most I should think. Technically that would also allow some one to be notified about requests, while not actually having the permission to approve, or would we like to guard against that?
How about something like the following?
Change #1098470 merged by jenkins-bot:
[operations/software/bitu@master] Show CN as signed in username
Change #1098881 had a related patch set uploaded (by Slyngshede; author: Slyngshede):
[operations/software/bitu@master] Only show sign in link for anonymous users
Change #1098470 had a related patch set uploaded (by Slyngshede; author: Slyngshede):
[operations/software/bitu@master] Show CN as signed in username
Thanks! Seems to work now :).
Wikitech can no longer update email an address in LDAP and Bitu will no long cache, or even attempt to use any email address beyond what is stored in LDAP.
Cannot reproduce and we've where not able to find any indication in the logs that the email where not sent.
Moving feature requests to new task.
@Urbanecm this should be fixed now.
Authentication has been disabled on idm-test.wikimedia.org. If everything works we can deploy the change to production.