[OSM-dev] OAuth

Thomas Wood grand.edgemaster at gmail.com
Sat Jun 27 09:45:31 BST 2009


2009/6/27 Frederik Ramm <frederik at remote.org>:
> Hi,
>
>    I just wanted to say (though it isn't normally my style) that I
> think this OAuth stuff is really great and a leap forward for the OSM
> developer community. Thank you for implementing that!
>
> Until now, developers were forced to either deal with Rails and somehow
> write extensions to the Rails port and get them accepted (not for the
> faint at heart, nor for those who are really bad at human communications
> which unfortunately geeks tend to be), or they set up their own stuff
> which then did ugly things like churn out .osm files that you would have
> to open in JOSM and upload or things like that.
>
> With a working OAuth implementation, all these people can now integrate
> their applications properly with OSM, which will greatly enhance the
> palette of tools available to users on any level.
>
> I haven't looked at your implementation - which SVN revision should I
> check out to do so?

http://svn.openstreetmap.org/sites/rails_port_branches/oauth/

> Does the implementation
> * allow third party applications to identify an OSM user so that they
> can, for example, store local preferences under that username?
Yeo
> * allow users to grant third party applications the right to make edits
> in their name?
Yep
> * allow the first item above WITHOUT at the same time allowing the
> second item above (so that I can authenticate with a third party
> application but I may not trust that application enough to actually make
> edits in my name)?
I'm guessing so
> * allow users to grant third party applications the right to retrieve
> their non-public GPS tracks, and again, give the user a choice whether a
> given third-party application should have this right (or only know the
> username, or only make edits)?
Yep

All the above options are listed as permissions a client application
may use at the application key registration page:
http://oauth.dev.openstreetmap.org/oauth_clients/new

> I'll happily try my hand at implementing those features of the above
> that aren't in there yet. I'm very eager to create application
> prototypes in various programming languages and unleash them onto our
> developer community - I am sure the uptake will be great.
>
> Bye
> Frederik

I think the one thing we've not yet seen is any client using OAuth,
that would make it even better.

An OAuth test server is online at http://oauth.dev.openstreetmap.org/
and following the svn branch.

-- 
Regards,
Thomas Wood
(Edgemaster)




More information about the dev mailing list