[openstreetmap/openstreetmap-website] Update Github authentication mechanism (#2528)

Andy Allan notifications at github.com
Tue Feb 4 10:45:19 UTC 2020


I received a warning email from Github regarding the "OpenStreetMap Authentication" application. As far as I can tell, this is an application registered under the "OpenStreetMap" organization, and is used by the main www.osm.org site for allowing people to log in with their github id.

I would normally log this with the OSMF OWG, but I think it needs some source code changes to resolve so I'm opening it here. If I'm mistaken in any of this, please feel free to move this issue!

> your application (OpenStreetMap Authentication) used an access token (with the User-Agent Faraday v1.0.0) as part of a query parameter to access an endpoint through the GitHub API.
> https://api.github.com/user
> Please use the Authorization HTTP header instead as using the `access_token` query parameter is deprecated.
>[...]
>Visit https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters for more information.


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/2528
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20200204/78721a63/attachment-0001.htm>


More information about the rails-dev mailing list