[OSM-dev] OAuth down
Pierre GIRAUD
pierre.giraud at gmail.com
Thu Nov 17 22:31:32 GMT 2011
Hi,
I had a look at the oauth-plugin code
(https://github.com/pelle/oauth-plugin) which is supposed to be used
in OSM website to find where there could be an issue.
I suspect something goes wrong in the "oauth1_authorize" method:
https://github.com/pelle/oauth-plugin/blob/master/lib/oauth/controllers/provider_controller.rb#L101
If I understand correctly, the browser should be redirected to
"redirect_url". This "redirect_url" value comes either:
- from the application settings (as set by user when registering the
application) if "oob" is given as value for "oauth_callback",
- or, from the "oauth_callback" value set in parameters if not equal to "oob".
If "redirect_url" is empty, then "authorize success" is rendered.
I'm pretty sure that the latter is the case I'm currently facing.
Can someone please confirm I'm right?
Once again, as a test, you can try to login in
http://tasks.hotosm.org, or maybe use this client tester
http://term.ie/oauth/example/client.php.
I can provide advices on how to use the latter.
Thanks a lot.
Pierre
On Thu, Nov 17, 2011 at 10:01 AM, Tom Hughes <tom at compton.nu> wrote:
> On 17/11/11 08:58, Andy Allan wrote:
>>
>> On 17 November 2011 06:59, Pierre GIRAUD<pierre.giraud at gmail.com> wrote:
>>>
>>> Can you point me to urls to show me what changed recently ? (commits,
>>> diffs)
>>
>> https://github.com/openstreetmap/openstreetmap-website/network
>>
>> The "what changed recently" was that we upgraded from rails 2.x to 3.1
>> - so many things needed changing. You can see the commits that were
>> rebased onto master, there's plenty of them, and lots of plugins have
>> changed too. It's unlikely that the diffs will help you figure out
>> what changed, since so much has! I guess if you can reproduce the
>> issue then a binary search might help, but it's likely to be a plugin
>> upgrade or some other large change.
>
> Correct - the oauth and/or oauth-plugin gems are probably involved
> especially as the oauth-plugin gem is an rc not a final release.
>
> What should be happening is that the rack module in oauth-plugin should be
> setting the token_callback_url on the ClientApplication object, which is
> then propagated to the RequestToken.
>
> Tom
>
> --
> Tom Hughes (tom at compton.nu)
> http://compton.nu/
>
--
-------------------------------------------------------------
| Pierre GIRAUD
| http://pierrelebricoleur.blogspot.com
| http://www.flickr.com/photos/pierregiraud
-------------------------------------------------------------
More information about the dev
mailing list