Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TECHDEBT-Upgrade to oauth2 #2

Open
chrisdebian opened this issue Sep 8, 2024 · 7 comments
Open

TECHDEBT-Upgrade to oauth2 #2

chrisdebian opened this issue Sep 8, 2024 · 7 comments
Labels
bug Something isn't working help wanted Extra attention is needed

Comments

@chrisdebian
Copy link
Owner

Nick has done some brilliant work to get his unmaintained code working https://gitlab.com/nickw1/mapthepaths-android/-/commits/morow-investigation. A couple of things need to be updated, and one of these is oauth2.

Can anyone with the appropriate skills, help to implement oauth2; this would be a change from the deprecated oauth that is currently implemented.

Many thanks,

Chris.
@chrisdebian chrisdebian added bug Something isn't working help wanted Extra attention is needed labels Sep 8, 2024
@nickw1
Copy link
Contributor

nickw1 commented Sep 8, 2024

Have had a quick look for libraries to write an OAuth2 client in Android and have come up with this one from OpenID which looks promising:

https://github.com/openid/AppAuth-Android

I could almost certainly implement this, though I don't want to promise as it's dependent on my time availability.

@chrisdebian
Copy link
Owner Author

Hi, Nick.

All 'comers' are welcome. If you get a chance to give it a try, perfect! Don't think this is 'on you', though.

Thank you for anything you can manage.

Chris

@chrisdebian
Copy link
Owner Author

Nick,

If oath2 is implemented, in the future, would this automatically satisfy the OSM login requirement?

Just trying to avoid creating duplicate issues.

Thanks,

Chris

@chrisdebian chrisdebian changed the title Upgrade to oauth2 TECHDEBT-Upgrade to oauth2 Sep 8, 2024
@nickw1
Copy link
Contributor

nickw1 commented Sep 9, 2024
edited
Loading

Chris - yes it would. The OAuth protocol is used to login to OSM: third-party OSM logins now require oauth2, the old oauth1 protocol is no longer supported.

@nickw1
Copy link
Contributor

nickw1 commented Jan 1, 2025
edited
Loading

@chrisdebian I've now got a working implementation of OAuth2 authentication to the OSM API. It's not within the current mapthepaths app, as I am rebuilding the interface using Jetpack Compose as I've already mentioned.

It's in the ofm-maplibre branch of my fork, in the morow-compose directory:

https://github.com/nickw1/MOROW/tree/ofm-maplibre/src/morow-compose

There's no edit or GPX upload functionality yet, but it will now be easy to update the code to use OAuth2. I'm thus wondering whether I should create a PR and we can close this issue now?

@chrisdebian
Copy link
Owner Author

Hi, Nick.

That would be brilliant! Any progress would be good, whilst I find time to 'get the show on the road'.

Happy New Year,

Chris

@nickw1
Copy link
Contributor

nickw1 commented Jan 2, 2025

Hello Chris, happy new year to you too. Will add a PR, as I said it's only a proof-of-concept now but it essentially means that the oauth2 login requirement has been implemented.

There are enhancements that can be done at a later date e.g. it's not recommended to ship an app with your secret as it can be obtained: but we can do that later once we're nearing production.

@nickw1 nickw1 mentioned this issue Jan 2, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nickw1 @chrisdebian