[openstreetmap/openstreetmap-website] blocks with needs_view flag not shown when user does oauth authorisation (for example login into an OSM editor) (Issue #5490)

[Tobias Zwick]

> that may not be popular with clients that have invested a lot here in optimising the flow

Looking at JOSM, I seem to remember that they *used to* have some "fully automatic" authorization where you'd input the username and password into JOSM itself and JOSM would then fake towards the OSM website to being a browser, i.e. logging in behind the curtains with these credentials and then granting authorization to itself in the next step, scraping the necessary data from the webpage that was never displayed to the user. _(If I remember correctly!)_
Fortunately, looking at it again now, it looks like they are doing it as intended by OAuth 2 now - opening osm.org in the browser and getting the callback for authorization back into the app.

So, displaying the block message on an attempt to login and/or trying to authorize a new app would be of great help because whenever OSM responds with a 403 Forbidden, users will tend to check what's up with their access token, try to login again or whatever.
Didn't test with other apps, but at least StreetComplete will just forget the access token and prompt the user to login again when presented with a 403 Forbidden error.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/5490#issuecomment-2584958819
You are receiving this because you are subscribed to this thread.

Message ID: <openstreetmap/openstreetmap-website/issues/5490/2584958819 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20250110/ec79c98c/attachment.htm>