TL;DR I wrote a little extension for Firefox for script developers to get an OAuth token in a couple clicks
OSM will soon remove support for Basic Auth and OAuth 1.0.
The proposal is to use OAuth 2.0, which has a much worse UX for novice developers than Basic Auth.
To show that OAuth 2.0 can be made more convenient even than Basic Auth I made a Firefox extension to automatically get an OAuth token:
A bit of technical details and emotion:
-
Works with any Redirect URI
-
We have a confidential OAuth applications. In order to use them, you need a user account. I.e. such applications are useless because you can’t do anything with only client_id and client_secret.
-
It follows that the client_secret parameter is useless. The extension, by the way, does not use it ¯\(ツ)/¯
-
Did you know that you can specify multiple Redirect URIs? Guess what delimiter to use in the input field? And then how do you do authorization?
-
Did you know about the magic urn:ietf:wg:oauth:2.0:oob ?
-
And about the fact that without HTTPS you can only use 127.0.0.1?
There is somewhere on the wiki at the end of the page after the description of OAuth 1.0 and 2.0 about it…..
You couldn’t google it? You are a bad programmer! </sarcasm>