Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move OSM authentication to OAuth 2.0 #656

Closed
pnorman opened this issue Sep 27, 2023 · 7 comments
Closed

Move OSM authentication to OAuth 2.0 #656

pnorman opened this issue Sep 27, 2023 · 7 comments

Comments

@pnorman
Copy link

pnorman commented Sep 27, 2023

OAuth 1.0a is deprecated, and programs which use it to authenticate requests to OpenStreetMap should move to OAuth 2.0. A date has not yet been set for turning off OAuth 1.0a and HTTP Basic.

It's best to move to OAuth 2.0 well in advance of any turn-off, because users may take some time to upgrade software and to re-authenticate.

See openstreetmap/operations#867 for details.
@pnorman pnorman mentioned this issue Sep 27, 2023
Open
@n1ngu
Copy link

n1ngu commented Sep 27, 2023

The least effort path forward might be resolving python-social-auth/social-core#758, then just use the new social auth backend.

Otherwise, this could mean finding a different authentication plugin.

@EdwardBetts
Copy link
Owner

I'll work on this.

@EdwardBetts
Copy link
Owner

I'd like to clarify that the OSM Wikidata matcher does not currently use an OAuth library for authentication. A few years ago, a deliberate decision was made to move away from using python-social-auth for OAuth integration due to certain limitations and considerations specific to our project.

Sorry if the documentation is out of date.

@EdwardBetts
Copy link
Owner

I take that back. I'm using the requests-oauthlib Python library.

@danieldegroot2
Copy link

danieldegroot2 commented Nov 1, 2023
edited

osm-wikidata/matcher/osm_oauth.py

Line 12 in 2a5ace3

osm_api_base = "https://api.openstreetmap.org/api/0.6"

Note, api.openstreetmap.org API url currently can not do OAuth 2 handshake. See openstreetmap/operations#951 (comment)
You can split the www. base URL and api. API url. See osmlab/osm-auth#123 (comment)

cc: @EdwardBetts

@n1ngu
Copy link

n1ngu commented Jan 30, 2024

A few years ago, a deliberate decision was made to move away from using python-social-auth for OAuth integration due to certain limitations and considerations specific to our project.

Passing-by to record that OSM-OAuth2 support has been recently merged into python-social-auth (see python-social-auth/social-core#877)

Out of curiosity, which were those project-specific limitations that made python-social-auth unsuitable? If you could point me into the right PRs/issues/commits I'd be happy to check them myself. Just asking because you may want to revisit those now that python-social-auth could save you from maintaining the auth backend.

@EdwardBetts
Copy link
Owner

@n1ngu Thanks for your comment!

I don't remember what problem I had with python-social-auth.

I'll take another look.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@EdwardBetts @pnorman @n1ngu @danieldegroot2