[openstreetmap/openstreetmap-website] Welcome page interrupts Oauth authorization flow for newly created OSM accounts (Issue #4246)
Anton Khorev
notifications at github.com
Wed Nov 8 13:30:04 UTC 2023
I'll copy this again and note that this is on top of *some limitations*:
>> This won't work for some apps. An app may open https://www.openstreetmap.org/oauth2/authorize in a specific browser window and expect redirect back to itself in that window
> The link in the email would (...) drive the user to the same authorization link: /oauth2/authorize?.... If the invoking application is still up and the timeout set by the invoking app has not been reached, the authorization would complete successfully.
It won't if the app expects the redirect in another window, even if the browser is the same (and in general it's not the same).
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/4246#issuecomment-1801895010
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/4246/1801895010 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20231108/3d39b2eb/attachment.htm>
More information about the rails-dev
mailing list