From fea9bb97685e380439823956e2016c833eb8526e Mon Sep 17 00:00:00 2001
From: Charly C <changaco@changaco.oy.lc>
Date: Mon, 29 Apr 2024 10:08:07 +0200
Subject: [PATCH] use OAuth 2.0 instead of 1.0a for OpenStreetMap (#2348)

closes #2293
---
 liberapay/elsewhere/_base.py         | 4 +++-
 liberapay/elsewhere/openstreetmap.py | 9 ++++++---
 liberapay/wireup.py                  | 1 +
 sql/app-conf-defaults.sql            | 9 +++++----
 sql/branch.sql                       | 5 +++++
 5 files changed, 20 insertions(+), 8 deletions(-)
 create mode 100644 sql/branch.sql

diff --git a/liberapay/elsewhere/_base.py b/liberapay/elsewhere/_base.py
index 37090d2698..c93ba734de 100644
--- a/liberapay/elsewhere/_base.py
+++ b/liberapay/elsewhere/_base.py
@@ -98,7 +98,7 @@ class Platform:
     required_attrs = ('account_url', 'display_name', 'name')
 
     def __init__(self, api_key, api_secret, callback_url, api_url=None, auth_url=None,
-                 api_timeout=20.0, app_name=None, app_url=None):
+                 api_timeout=20.0, app_name=None, app_url=None, access_token_url=None):
         self.api_key = api_key
         self.api_secret = api_secret
         self.callback_url = callback_url
@@ -108,6 +108,8 @@ def __init__(self, api_key, api_secret, callback_url, api_url=None, auth_url=Non
             self.auth_url = auth_url
         elif not getattr(self, 'auth_url', None):
             self.auth_url = self.api_url
+        if access_token_url:
+            self.access_token_url = access_token_url
         self.api_timeout = api_timeout
         self.app_name = app_name
         self.app_url = app_url
diff --git a/liberapay/elsewhere/openstreetmap.py b/liberapay/elsewhere/openstreetmap.py
index 0a4ab7abc3..e439316d9e 100644
--- a/liberapay/elsewhere/openstreetmap.py
+++ b/liberapay/elsewhere/openstreetmap.py
@@ -1,15 +1,18 @@
-from liberapay.elsewhere._base import PlatformOAuth1
+from liberapay.elsewhere._base import PlatformOAuth2
 from liberapay.elsewhere._extractors import not_available, xpath
 
 
-class OpenStreetMap(PlatformOAuth1):
+class OpenStreetMap(PlatformOAuth2):
 
     # Platform attributes
     name = 'openstreetmap'
     display_name = 'OpenStreetMap'
     account_url = 'http://www.openstreetmap.org/user/{user_name}'
 
-    # API attributes
+    # Auth attributes - https://wiki.openstreetmap.org/wiki/OAuth
+    oauth_default_scope = ['read_prefs']
+
+    # API attributes - https://wiki.openstreetmap.org/wiki/API_v0.6
     api_format = 'xml'
     api_user_info_path = '/user/{user_id}'
     api_user_self_info_path = '/user/details'
diff --git a/liberapay/wireup.py b/liberapay/wireup.py
index 89f3f5f82c..3c49e306de 100644
--- a/liberapay/wireup.py
+++ b/liberapay/wireup.py
@@ -219,6 +219,7 @@ class AppConf:
         linuxfr_id=str,
         linuxfr_secret=str,
         log_emails=bool,
+        openstreetmap_access_token_url=str,
         openstreetmap_api_url=str,
         openstreetmap_auth_url=str,
         openstreetmap_callback=str,
diff --git a/sql/app-conf-defaults.sql b/sql/app-conf-defaults.sql
index ed99a6c1a3..8126abb11f 100644
--- a/sql/app-conf-defaults.sql
+++ b/sql/app-conf-defaults.sql
@@ -22,11 +22,12 @@ INSERT INTO app_conf (key, value) VALUES
     ('linuxfr_id', '"c574b5f45ce054a0750a3764b3ff8ff2c9f88fe36611272a0bf5e4e07bd3c0bf"'::jsonb),
     ('linuxfr_secret', '"8c518595790487015cd0c33be2d04939946f99aad33c86a6af20a99bc749fb3b"'::jsonb),
     ('log_emails', 'true'::jsonb),
-    ('openstreetmap_api_url', '"https://api.openstreetmap.org/api/0.6"'::jsonb),
-    ('openstreetmap_auth_url', '"https://www.openstreetmap.org"'::jsonb),
+    ('openstreetmap_access_token_url', '"https://master.apis.dev.openstreetmap.org/oauth2/token"'::jsonb),
+    ('openstreetmap_api_url', '"https://master.apis.dev.openstreetmap.org/api/0.6"'::jsonb),
+    ('openstreetmap_auth_url', '"https://master.apis.dev.openstreetmap.org/oauth2/authorize"'::jsonb),
     ('openstreetmap_callback', '"http://127.0.0.1:8339/on/openstreetmap/associate"'::jsonb),
-    ('openstreetmap_id', '"w4eQbkobmMzpkJFwS4tM16a3lq9AFbcoNCKNcGBE"'::jsonb),
-    ('openstreetmap_secret', '"W08UgEhxQnh7nMzB7GfSFcqcwPnZMmKMNyxWdcw4"'::jsonb),
+    ('openstreetmap_id', '"xAVaXxy0BwUef4SIo55v7E1ofuC53EN8H-X5232d8Vo"'::jsonb),
+    ('openstreetmap_secret', '"JtqazsotvWZQ1G6ynYhDlHXouQji-qDwwU2WQW7j-kE"'::jsonb),
     ('password_rounds', '1'::jsonb),
     ('payday_repo', '"liberapay-bot/test"'::jsonb),
     ('payday_label', '"Payday"'::jsonb),
diff --git a/sql/branch.sql b/sql/branch.sql
new file mode 100644
index 0000000000..7db3ab1679
--- /dev/null
+++ b/sql/branch.sql
@@ -0,0 +1,5 @@
+INSERT INTO app_conf VALUES ('openstreetmap_access_token_url', '"https://master.apis.dev.openstreetmap.org/oauth2/token"') ON CONFLICT (key) DO NOTHING;
+UPDATE app_conf SET value = '"https://master.apis.dev.openstreetmap.org/api/0.6"' WHERE key = 'openstreetmap_api_url';
+UPDATE app_conf SET value = '"https://master.apis.dev.openstreetmap.org/oauth2/authorize"' WHERE key = 'openstreetmap_auth_url';
+UPDATE app_conf SET value = '"xAVaXxy0BwUef4SIo55v7E1ofuC53EN8H-X5232d8Vo"' WHERE key = 'openstreetmap_id';
+UPDATE app_conf SET value = '"JtqazsotvWZQ1G6ynYhDlHXouQji-qDwwU2WQW7j-kE"' WHERE key = 'openstreetmap_secret';