[openstreetmap/openstreetmap-website] OAuth 2: Granting partial not possible (Issue #4360)

Tobias Zwick notifications at github.com
Tue Nov 21 20:01:30 UTC 2023


Well, client developers had to deal with this situation somehow in OAuth 1.0a. And they were able to deal with it *very* gracefully, by querying the permissions endpoint. The permissions endpoint still exists, though I am not sure for what it would be useful now.
Or less gracefully, just show an error or force a re-login if any particular API call fails due to missing permissions. (StreetComplete does that in case of trying to use the GPX track feature without having granted that permission.)

It would be easier of course for client developers to not deal with this at all. But it would also be easier for (Android) app developers if an app would just have all the permissions it asks for on app install instead of the user being able to grant only a subset of what has been asked for. (As it had been the case before runtime app permissions were introduced in Android 6)

-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/4360#issuecomment-1821597309
You are receiving this because you are subscribed to this thread.

Message ID: <openstreetmap/openstreetmap-website/issues/4360/1821597309 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20231121/2abd2f32/attachment.htm>


More information about the rails-dev mailing list