Email and password cannot be changed for MediaWiki SSO accounts

[mariobehling]

For users whose accounts were created via MediaWiki SSO, it is impossible to change either the email or the password.

The problem is caused by the account settings form requiring the “current password” field to be filled out before any change can be saved.
However, MediaWiki SSO accounts do not have a local password, and no password is shown or stored for the user. As a result:

• Users cannot change their email address.
• Users cannot set or update a password.
• The form cannot be submitted because “current password” cannot be provided.

Expected Behavior

• MediaWiki SSO accounts should allow email changes without requiring a local password.
• If a password field is shown, it should allow setting a new password without requiring a “current password”.
• Alternatively, password fields should be hidden entirely for SSO-only accounts.

Current Behavior

• “Current password” is mandatory but cannot be provided.
• Email and password changes are blocked for all MediaWiki SSO accounts.

Tasks

• Update profile settings logic to detect SSO-only accounts.

• Remove or bypass “current password” requirement for SSO accounts.

• Allow email updates for SSO accounts without entering a password.

• Allow setting a new password directly (optional) or hide password fields.

• Test flows for:

  • MediaWiki SSO–only accounts
  • Accounts with both SSO and email/password login

[Piyushrathoree]

@hongquan hey can I work on this ?