Extension:Ticket Authentication

The ticket-based authentication is the most simple and efficient type of authentication, it is used in many single sign-on (SSO) solutions, it can be easily implemented and adjusted to meet custom demands. Ticket in this case is a special web link which is generated by trusted external site and then validated by this MediaWiki extension. All necessary user information including login name, real name, e-mail address and possibly password hash is embedded into this ticket-link and digitally signed to verify that the ticket was issued by trusted source and that the ticket was not modified.

Look at the sample ticket-link: http://mywiki.com/w/index.php/Main_Page ?user=Simon &password=7198cda575b51b68a0dc83f5d66c2aee &name=Simon+Sayler &email=simon%40example.org &time=1389005243 &sign=4522098027f3af0e4e19340c84224ed6

In the example above you can see a ticket-link that was generated, say, by some external script http://sso.myportal.com/directory.php. The link points to the Main page of mywiki.com MediaWiki installation. The link contains several parameters:  (user's login name),   (user's password MD5 hash),   (user's real name), ,   (the time when the ticket-link was generated) and   (MD5 digital signature for verification). When a user clicks on this ticket-link, he gets to MediaWiki site, where the link is handled by this extension. This extension checks the digital signature and if it is all right authenticates the user with given login. If user has no account then the new account is automaticaly created and all provided user information (password, e-mail, etc.) is stored in MediaWiki's database.

Installation & Configuration
Download the extension. Unzip and save the files into  subdirectory of your wiki's   directory.

All configuration settings must be specified in global variables in MediaWiki's LocalSettings.php file. Below you can see the settings and their description:

Secret key, arbitrary string. This key is used both by ticket generation script to digitally sign the ticket and by this extension to verify ticket's validity. '' Caution: Don't use the key provided here. Make your own arbitrary key. '' Ticket expiration time (in minutes). Allow user to change password (true/false). If password hash was not provided in ticket's body, a user will not be able to log into MediaWiki directly from a login page unless this option is set to true and unless user will reset the password manually. Path to this file, relative to MediaWiki installation.

Important security notice
Allthough you can provide a password hash in the ticket-link to enhance your SSO solution integrity (the password will be saved in MediaWiki's database to enable user to login to MediaWiki directly in the future), it is generally considered a bad practice because it poses a security threat. The ticket-link can be easily seen in the browser by an unauthorized person if the authorized person has forgotten to close the browser. Moreover the ticket-link is recorded in browser's history and in web server's log. That doesn't mean that a person seeing the password hash could guess a password, hash is not a password and it's virtually impossible to calculate a password from it's hash value, but the hashes for weak passwords (like 'qwerty', '112233', 'lion', 'Bob', etc.) are known and publicly available.

Also, please, note that transferring password hashes from external source is incompatible with $wgPasswordSalt setting.

Example ticket generation PHP script
The following script is used to generate tickets. The complete script is available at SourceForge. Don't forget that  variable in this script must have the same value as   global variable in MediaWiki configuration.

Feedback
If you would like to report a bug or request a feature, you can do it on discussion page or on SourceForge. By the way, if you need advanced bot functionality for your wiki project, take a look at free DotNetWikiBot Framework, that I maintain..