-
-
Save mmd-osm/b61956bb4b92e9b37488189379b380c9 to your computer and use it in GitHub Desktop.
OAuth2 example as shell script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Register your own app under /oauth2/applications, use "urn:ietf:wg:oauth:2.0:oob" as redirect URL | |
CLIENT_ID="f4K_7SUtJluo94xj3hnN7NJ-U5ZtoOo87mpxuNKIxWs" | |
CLIENT_SECRET="pgnjYXX0jfSotaPavMswIhgEV3NQAQB1k8JqOd3y3bU" | |
DOMAIN="https://master.apis.dev.openstreetmap.org" | |
AUTHORIZATION_ENDPOINT=$(curl --silent $DOMAIN/.well-known/oauth-authorization-server | jq --raw-output '.authorization_endpoint') | |
TOKEN_ENDPOINT=$(curl --silent $DOMAIN/.well-known/oauth-authorization-server | jq --raw-output '.token_endpoint') | |
echo "Navigate to the following URL in your browser: " "$AUTHORIZATION_ENDPOINT?response_type=code&client_id=$CLIENT_ID&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=read_prefs" | |
read -p "Authorize the request on osm.org, then copy and paste the Authorization code: " CODE | |
ACCESS_TOKEN=$(curl --silent -X POST -d "grant_type=authorization_code&client_id=$CLIENT_ID&client_secret=$CLIENT_SECRET&code=$CODE&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob" "$TOKEN_ENDPOINT" | jq --raw-output '.access_token') | |
echo "Token: $ACCESS_TOKEN" | |
echo "Let's try to call some API endpoint:" | |
curl --silent -H "Authorization: Bearer $ACCESS_TOKEN" $DOMAIN/api/0.6/user/details.json |
Could the curl --oauth2-bearer
option be used here?
Yes, that's probably an option for line 14, although I haven't tested it. I tried to avoid parameters that people might not be familiar with, to make it a bit more explicit what is going on in each step.
By the way, lines 7 + 8 could be hardcoded as well, without going through the discovery based on .well-known/oauth-authorization-server. Since we're supporting RFC 8414, and the curl script from pydio already included it, I simply adjusted it to make it work on osm.org.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A bit more context what this is good for: https://www.openstreetmap.org/user/pnorman/diary/401157#comment56495
Line 9 includes the relevant scopes: "scope=read_prefs" - be sure to double check what scopes are needed for your use case and adjust that line as needed.
Script uses some ideas from https://pydio.com/en/docs/developer-guide/using-curl