Open 1ec5 opened 6 months ago
jmoldow
commented
6 months ago This would be fantastic, and would make a ton of sense in my opinion.
OSM has a rich ecosystem of applications that can all be utilized via a single OSM login. It makes sense to me that OHM would participate in that same ecosystem, rather than forcing users to have an entirely separate identity.
1ec5
commented
1 month ago @Firefishy pointed out recently in Slack that openstreetmap-website is only an OAuth consumer, not a provider, so although OHM could be configured to accept an identity from OSM and vice versa, neither site can currently supply an identity to the other. However, osm-website does support OpenID Connect as of https://github.com/openstreetmap/operations/issues/507#issuecomment-1747373216; I was under the impression that this would be an alternative method for federating the two sites, just as with the OSM forum or wiki.
jeffreyameyer
commented
1 month ago 
mmd-osm
commented
1 month ago I also thought this should work with OAuth 2.0 and OIDC, which we have in place for osm.org. I even looked into it, to leverage existing osm.org accounts for the master dev instance as well.
You would have to introduce osm.org as another provider next to Github, Microsoft, Google-OAuth2 somewhere in here:
This is all managed by the omniauth Gem in some way, and would require the development of another omniauth provider for osm.org (unless there's something more generic for OIDC available).
Maybe @tomhughes could comment, if I'm missing something obvious here, and if this is feasible at all.
tomhughes
commented
1 month ago There is https://github.com/nabetaro/omniauth-osm-oauth2/ for OAuth2 using OSM though probably just basic OAuth2 not OIDC.
jidanni
commented
1 week ago Maybe in the meantime, on the login page, add a link to this bug report, with the title "Looking for the 'Login with OSM' button?".
ohm-website inherited from openstreetmap-website the capability to accept external authentication providers as an alternative to logging in using a local account. Although the use of external providers isn’t preferred, certain providers can be a rich source of new contributors to the project. OpenStreetMap would be much more natural than the providers that were removed in #389, given the overlap between OSM and OHM in software, users, and culture.
openstreetmap-website added support for OpenID Connect in openstreetmap/openstreetmap-website#4226 https://github.com/openstreetmap/operations/issues/507#issuecomment-1747373216 and publishes an OpenID configuration response at a well-known path. This might pave the way for OHM users to log in using their OSM accounts, though it might require one or both sites to register an OAuth application with the other.