[openstreetmap/openstreetmap-website] Login screen for OAuth 2 authorization shows "sign up" tab that triggers googles android policy violation bot (Issue #5118)

[Simon Poole]

> But what's the solution? I'm certainly not interested in removing the account creation option because we want people to be able to signup!
I was assuming a solution along Antons suggestion, aka adding an option to the app configuration that gets passed to the signup page, and if it is set not displaying the signup bits and pieces.
> 
> Is the answer that clients shouldn't be trying to embed the oauth flow in the app and should be letting it go through a web browser? or would that still be a problem for google's rules?

I would be very surprised if that was considered anything else than "in app" (there's no way to ask google outside of submitting an update that implements that, so kind of a no from my pov to investigate that).

> Surely we can't be the only people to have this problem... Like every app that authenticates to a web service must encounter this?

Well, you need a combination of
- having a signup flow reachable from the same screen as the authorisation flow login
- the app not being provided by the operator of the target service and therefore assuming liability for the deletion process being iffy,
- updating the app often enough that by chance a reviewer notices the "issue" (as I pointed out, there was always a link so this should have already raised a flag last year when google introduced the policy).


-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/5118#issuecomment-2372027262
You are receiving this because you are subscribed to this thread.

Message ID: <openstreetmap/openstreetmap-website/issues/5118/2372027262 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20240924/9da2715a/attachment.htm>