source: josm/trunk/src/org/openstreetmap/josm/gui/oauth/AccessTokenInfoPanel.java@ 18991

Last change on this file since 18991 was 18991, checked in by taylor.smock, 3 months ago

Fix #22810: OSM OAuth 1.0a/Basic auth deprecation and removal

As of 2024-02-15, something changed in the OSM server configuration. This broke
our OAuth 1.0a implementation (see #23475). As such, we are removing OAuth 1.0a
from JOSM now instead of when the OSM server removes support in June 2024.

For third-party OpenStreetMap servers, the Basic Authentication method has been
kept. However, they should be made aware that it may be removed if a non-trivial
bug occurs with it. We highly recommend that the third-party servers update to
the current OpenStreetMap website implementation (if only for their own security).

Failing that, the third-party server can implement RFC8414. As of this commit,
we currently use the authorization_endpoint and token_endpoint fields.
To check and see if their third-party server implements RFC8414, they can go
to <server host>/.well-known/oauth-authorization-server.

Prominent third-party OpenStreetMap servers may give us a client id for their
specific server. That client id may be added to the hard-coded client id list
at maintainer discretion. At a minimum, the server must be publicly
available and have a significant user base.
  • Property svn:eol-style set to native
File size: 3.3 KB
Line 
1// License: GPL. For details, see LICENSE file.
2package org.openstreetmap.josm.gui.oauth;
3
4import static org.openstreetmap.josm.tools.I18n.tr;
5
6import java.awt.GridBagConstraints;
7import java.awt.GridBagLayout;
8import java.awt.Insets;
9
10import javax.swing.JCheckBox;
11import javax.swing.JLabel;
12import javax.swing.JPanel;
13
14import org.openstreetmap.josm.data.oauth.IOAuthToken;
15import org.openstreetmap.josm.data.oauth.OAuth20Token;
16import org.openstreetmap.josm.data.oauth.OAuthAccessTokenHolder;
17import org.openstreetmap.josm.gui.widgets.JosmTextField;
18import org.openstreetmap.josm.tools.JosmRuntimeException;
19
20/**
21 * Displays the key of an OAuth Access Token.
22 * @since 2746 (modified for OAuth 2 in 18991)
23 */
24public class AccessTokenInfoPanel extends JPanel {
25
26 private final JosmTextField tfAccessTokenKey = new JosmTextField(null, null, 0, false);
27 private final JCheckBox cbSaveAccessTokenInPreferences = new JCheckBox(tr("Save Access Token in preferences"));
28
29 /**
30 * Constructs a new {@code AccessTokenInfoPanel}.
31 */
32 public AccessTokenInfoPanel() {
33 build();
34 }
35
36 protected final void build() {
37 setLayout(new GridBagLayout());
38 GridBagConstraints gc = new GridBagConstraints();
39
40 // the access token key
41 gc.anchor = GridBagConstraints.NORTHWEST;
42 gc.fill = GridBagConstraints.HORIZONTAL;
43 gc.weightx = 0.0;
44 gc.insets = new Insets(0, 0, 3, 3);
45 add(new JLabel(tr("Access Token Key:")), gc);
46
47 gc.gridx = 1;
48 gc.weightx = 1.0;
49 add(tfAccessTokenKey, gc);
50 tfAccessTokenKey.setEditable(false);
51
52 // the access token secret
53 gc.gridx = 0;
54 gc.gridy = 1;
55 gc.weightx = 0.0;
56 gc.insets = new Insets(0, 0, 3, 3);
57 add(new JLabel(tr("Access Token Secret:")), gc);
58
59 gc.weightx = 1.0;
60 // the checkbox
61 gc.gridx = 0;
62 gc.gridy = 2;
63 gc.gridwidth = 2;
64 add(cbSaveAccessTokenInPreferences, gc);
65 cbSaveAccessTokenInPreferences.setToolTipText(tr(
66 "<html>Select to save the Access Token in the JOSM preferences.<br>"
67 + "Unselect to use the Access Token in this JOSM session only.</html>"
68 ));
69 cbSaveAccessTokenInPreferences.setSelected(OAuthAccessTokenHolder.getInstance().isSaveToPreferences());
70
71 // filler - grab the remaining space
72 gc.gridx = 0;
73 gc.gridy = 3;
74 gc.weightx = 1.0;
75 gc.weighty = 1.0;
76 gc.fill = GridBagConstraints.BOTH;
77 gc.gridwidth = 2;
78 add(new JPanel(), gc);
79 }
80
81 /**
82 * Displays the key and secret in <code>token</code>.
83 *
84 * @param token the access token. If null, the content in the info panel is cleared
85 */
86 public void setAccessToken(IOAuthToken token) {
87 if (token == null) {
88 tfAccessTokenKey.setText("");
89 return;
90 }
91 if (token instanceof OAuth20Token) {
92 tfAccessTokenKey.setText(((OAuth20Token) token).getBearerToken());
93 } else {
94 throw new JosmRuntimeException("Unknown token type: " + token.getClass());
95 }
96 }
97
98 public void setSaveToPreferences(boolean saveToPreferences) {
99 cbSaveAccessTokenInPreferences.setSelected(saveToPreferences);
100 }
101
102 public boolean isSaveToPreferences() {
103 return cbSaveAccessTokenInPreferences.isSelected();
104 }
105}
Note: See TracBrowser for help on using the repository browser.