Simon Poole <[email protected]> writes: > If I understand Ilya correctly what he wants to avoid is (the hassle of) > the authorisation step when using OAuth. During this process you need to > login to openstreetmap.org with your credentials and then confirm that > the app is allowed to access the API on your behalf. > > To see what is involved in practical terms you can try to use the HOT > task manager, maproulette etc (or on a mobile device Vespucci, I assume > Go Map! uses OAuth too, as any current third party app for OSM should).
Thanks; I am begininng to understand. I dimly remember that Vespucci used to store username/paassword, but recently I tried to upload some changes and had to go through the oauth process. Other than having to know my osm password it was quite trivial, requiring typing 'gdt' and the password and then changing a few checkboxes. This seems like a very nice solution and I particularly appreciate the fine-grained permissions. > The authorisation is a one time process (per app) and as such I'm not > quite convinced that the whole discussion isn't a solution looking for a > problem, but Ilya is correct in that it does involve the hassle of > people remembering their google/FB/whatever password. Naturally on a > mobile device you want to minimize typing in any case so I'm mildly in > support of at least investigating what this would entail (it is unlikely > that we would use a proprietary solution in Vepsucci though, on other > devices and with other apps the trade-offs might be different). The word "social" (that you didn't use :-) seems confounding in this discussion. So is the notion: One could link some third-party openid/openauth provider to one's OSM account, either manually, or because it was used to sign up. On a device, one might already be authorized for this third-party openauth/openid provider. A program that does OSM stuff (Vespucci, OsmAnd, firefox) might then authorize to osm.org via this third-party provider, requiring only a yes click to an "authorize to osm via foo" popup? <channeling rms> That seems harmless enough as long as it doesn't lead to proprietary software showing up in Free programs, doesn't result in any data flowing to those third-party sites for users that don't already have a relationship with them, and doesn't lead to apps suggesting that people sign up with these other places. </> > The above is a separate but related issue to making the signup process > "mobile friendly" see > https://github.com/openstreetmap/openstreetmap-website/issues/894 for a > longish discussion. Thanks for the link. That mostly makes sense, except for the notion that Android is unusable without a Google account. I will agree with "base Android with google stuff (vs CM) is hostile to those without a google account" though.
signature.asc
Description: PGP signature
_______________________________________________ dev mailing list [email protected] https://lists.openstreetmap.org/listinfo/dev
