Opened 5 months ago
Last modified 5 months ago
#23679 new task
Update OSM Server preference page
Reported by: | skyper | Owned by: | team |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | Wiki content | Version: | |
Keywords: | preference OSM Server OAuth2 remote control | Cc: | taylor.smock |
Description
OSM Server preferences needs some updates:
- OAuth1 is outdated and can be removed
- Some screenshots need updates
- OAuth2 needs some better wording as the seems to be some confusion about "Remote Control", see https://community.openstreetmap.org/t/113078
- As I understand it, OAuth2 uses "Remote Control" under the hood which can lead to problems if there is already another instance of JOSM with enabled "Remote Control" running but you definitely do not have to enable "Remote Control" to get a token.
Besides that, what should we do with Help/Dialog/OAuthAuthorisationWizard. Is it still useful or should the whole page be deleted?
Attachments (0)
Change History (5)
comment:1 by , 5 months ago
Cc: | added |
---|
comment:2 by , 5 months ago
comment:3 by , 5 months ago
Besides that, what should we do with Help/Dialog/OAuthAuthorisationWizard. Is it still useful or should the whole page be deleted?
It's still referenced.
org/openstreetmap/josm/gui/oauth/TestAccessTokenTask.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard#AccessTokenOK") org/openstreetmap/josm/gui/oauth/TestAccessTokenTask.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard#AccessTokenFailed") org/openstreetmap/josm/gui/oauth/TestAccessTokenTask.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard#AccessTokenFailed") org/openstreetmap/josm/gui/oauth/TestAccessTokenTask.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard#AccessTokenFailed") org/openstreetmap/josm/gui/oauth/TestAccessTokenTask.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard#AccessTokenFailed") org/openstreetmap/josm/gui/oauth/TestAccessTokenTask.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard#AccessTokenFailed") org/openstreetmap/josm/gui/oauth/OAuthAuthorizationWizard.java: pnl.add(new JButton(new ContextSensitiveHelpAction(HelpUtil.ht("/Dialog/OAuthAuthorisationWizard")))); org/openstreetmap/josm/gui/oauth/OAuthAuthorizationWizard.java: HelpUtil.setHelpContext(getRootPane(), HelpUtil.ht("/Dialog/OAuthAuthorisationWizard")); org/openstreetmap/josm/gui/oauth/FullyAutomaticAuthorizationUI.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard#FullyAutomaticProcessFailed") org/openstreetmap/josm/gui/oauth/FullyAutomaticAuthorizationUI.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard#FullyAutomaticProcessFailed") org/openstreetmap/josm/gui/oauth/AdvancedOAuthPropertiesPanel.java: HelpUtil.ht("/Dialog/OAuthAuthorisationWizard") org/openstreetmap/josm/gui/preferences/server/OAuthAuthenticationPreferencesPanel.java: * Launches the OAuthAuthorisationWizard to generate a new Access Token
Also deleting a page kills the whole history. Better is to fill it with updated information ;-)
follow-up: 5 comment:4 by , 5 months ago
Ok, I have added a sentence to the description of the use of remote control and did some cosmetic work on the OSM Server page. I did not remove the section about OAuth1a but I think it should be removed. Any objections?
The problem with Help/Dialog/OAuthAuthorisationWizard is that it is mostly about OAuth1a. The wizard dialogs do not exist anymore and even the part about "Advanced OAuth parameters" is only about OAuth1a and does not fit with OAuth2. I think these advanced parameters can easily be added to Help/Preferences/Connection. Either the whole "wizard" page needs a major rework or we could mark it as outdated instead of deleting it.
So far, with current josm-latest, I only found one occasion where the context sensitive help links to the page. It is the message dialog when testing the OAuth2 token and the page does not give any help in this case.
comment:5 by , 5 months ago
Replying to skyper:
[...] I did not remove the section about OAuth1a but I think it should be removed. Any objections?
Not from me. I don't think we will ever be bringing OAuth 1 back.
The problem with Help/Dialog/OAuthAuthorisationWizard is that it is mostly about OAuth1a. The wizard dialogs do not exist anymore and even the part about "Advanced OAuth parameters" is only about OAuth1a and does not fit with OAuth2. I think these advanced parameters can easily be added to Help/Preferences/Connection. Either the whole "wizard" page needs a major rework or we could mark it as outdated instead of deleting it.
I've done a bit of work to readd advanced parameters, so I think outdated is better than deletion for that.
Anything mentioning
Fully automatic authorization
can be removed.I don't know how to better word the bit on remote control. I'll give a rundown on what happens so that maybe someone can come up with better wording.
Fetching the Authorization Token:
http://127.0.0.1:8111/oauth_authorization
after user logs in and authorizes the requestUsing the Authorization Token:
Authorization: OAuth ${token}
as a header.Remote Control is not required for using the authorization token. It is only required to fetch the token during the initial OAuth authorization flow.
The reason why I indicated that it uses remote control is that some users may have other JOSM instances running with remote control started, which would prevent the current instance from authenticating. I was trying to give some troubleshooting steps.