[openstreetmap-website] Add Twitter and GitHub authentication (#989)

Paul Norman notifications at github.com
Mon Mar 21 16:46:34 UTC 2016

>From GitHub support

> Hi Paul,

> Thanks for reaching out! Our API terms are included in our general terms of service and can be found here:

> https://help.github.com/articles/github-terms-of-service/#b-api-terms

> Does this help answer your question?

> Please let us know if we can help in any other way!

The section states

> Customers may access their GitHub account data via an API (Application Program Interface). Any use of the API, **including use of the API through a third-party product that accesses GitHub**, is bound by these Terms of Service plus the following specific terms:

> 1. You expressly understand and agree that GitHub shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data or other intangible losses (even if GitHub has been advised of the possibility of such damages), resulting from your use of the API or third-party products that access data via the API.

> 2. Abuse or excessively frequent requests to GitHub via the API may result in the temporary or permanent suspension of your account's access to the API. GitHub, in its sole discretion, will determine abuse or excessive usage of the API. GitHub will make a reasonable attempt via email to warn the account owner prior to suspension.

> 3. GitHub reserves the right at any time to modify or discontinue, temporarily or permanently, your access to the API (or any part thereof) with or without notice.

They've last updated their terms this year, and I believe the current terms clearly address API usage while the ones when this PR was started didn't.

Nothing jumps out with the terms as a problem. There's the standard may not use the service for illegal or unauthorized purpose clause, but we didn't have a problem with FB's clause, and GitHub's appears more reasonable. The restrictions on one login per person and not sharing login information might cause some operational issues getting a key.

Otherwise, I think the GH terms are ready to go to the LWG for review, while we throw out Twitter authentication, as we [don't meet their display requirements](https://github.com/openstreetmap/openstreetmap-website/pull/989#issuecomment-110209086).

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20160321/492b2b26/attachment.html>

More information about the rails-dev mailing list