[OSM-dev] OAuth

[Frederik Ramm]

Hi,

    I just wanted to say (though it isn't normally my style) that I 
think this OAuth stuff is really great and a leap forward for the OSM 
developer community. Thank you for implementing that!

Until now, developers were forced to either deal with Rails and somehow 
write extensions to the Rails port and get them accepted (not for the 
faint at heart, nor for those who are really bad at human communications 
which unfortunately geeks tend to be), or they set up their own stuff 
which then did ugly things like churn out .osm files that you would have 
to open in JOSM and upload or things like that.

With a working OAuth implementation, all these people can now integrate 
their applications properly with OSM, which will greatly enhance the 
palette of tools available to users on any level.

I haven't looked at your implementation - which SVN revision should I 
check out to do so?

Does the implementation
* allow third party applications to identify an OSM user so that they 
can, for example, store local preferences under that username?
* allow users to grant third party applications the right to make edits 
in their name?
* allow the first item above WITHOUT at the same time allowing the 
second item above (so that I can authenticate with a third party 
application but I may not trust that application enough to actually make 
edits in my name)?
* allow users to grant third party applications the right to retrieve 
their non-public GPS tracks, and again, give the user a choice whether a 
given third-party application should have this right (or only know the 
username, or only make edits)?

I'll happily try my hand at implementing those features of the above 
that aren't in there yet. I'm very eager to create application 
prototypes in various programming languages and unleash them onto our 
developer community - I am sure the uptake will be great.

Bye
Frederik