Opened 14 years ago

Last modified 14 years ago

#7183 closed defect

HTTP 302 response to OAuth full-auto authentication ? — at Version 6

Reported by: Don-vip Owned by: team
Priority: major Milestone:
Component: Core Version: latest
Keywords: OAuth, http, 302 Cc:

Description (last modified by Don-vip)

I'm getting some trouble to configure OAuth on the work notebook I've taken home for holidays :)

I don't know if this comes from this machine, if the OSM server is crazy or if it is a recent JOSM regression, but the OAuth authentication does not work with JOSM 4707. The error comes with this exception on the standard output:

org.openstreetmap.josm.gui.oauth.OsmOAuthAuthorizationException: L’autorisation de la requête OAuth '...' a échoué
	at org.openstreetmap.josm.gui.oauth.OsmOAuthAuthorizationClient.sendAuthorisationRequest(OsmOAuthAuthorizationClient.java:432)
	at org.openstreetmap.josm.gui.oauth.OsmOAuthAuthorizationClient.authorise(OsmOAuthAuthorizationClient.java:494)
	at org.openstreetmap.josm.gui.oauth.FullyAutomaticAuthorizationUI$FullyAutomaticAuthorisationTask.realRun(FullyAutomaticAuthorizationUI.java:533)
	at org.openstreetmap.josm.gui.PleaseWaitRunnable.doRealRun(PleaseWaitRunnable.java:79)
	at org.openstreetmap.josm.gui.PleaseWaitRunnable.run(PleaseWaitRunnable.java:125)
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
	at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
	at java.util.concurrent.FutureTask.run(FutureTask.java:138)
	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
	at java.lang.Thread.run(Thread.java:662)

I've checked in debug mode: JOSM receives a HTTP 302 response (redirect) from the OSM server instead of an expected HTTP 200 (OK).

I've never seen that before, am I the only one with this behavior ?

Change History (6)

comment:1 by Don-vip, 14 years ago

Description: modified (diff)

comment:2 by stoecker, 14 years ago

I changed the password handling a bit lately, but this should not have affected OAuth. But maybe login for fully automatic OAuth is affected, as this does not go to OSM-API.

comment:3 by bastiK, 14 years ago

For basic auth fix see, #7086. You could try earlier versions.

comment:4 by Don-vip, 14 years ago

I've cleared my preferences and tried with JOSM 4667, same result.
I wonder if it is related to my corporate environment, have to look further into this.

comment:5 by Don-vip, 14 years ago

The exact HTTP response I always have to the POST request to http://www.openstreetmap.org/oauth/authorize is the following:

Response code: 302
null: [HTTP/1.1 302 Found]
X-Runtime: [0.854605]
Content-Language: [en]
Content-Length: [129]
X-UA-Compatible: [IE=Edge,chrome=1]
Location: [http://www.openstreetmap.org/login?referer=%2Foauth%2Fauthorize]
Set-Cookie: [_osm_session=...; path=/; HttpOnly]
Connection: [Keep-Alive]
Server: [Apache/2.2.14 (Ubuntu)]
X-Powered-By: [Phusion Passenger (mod_rails/mod_rack) 3.0.11]
Cache-Control: [no-cache]
Status: [302]
Date: [Sun, 25 Dec 2011 21:55:54 GMT]
Vary: [Accept-Language,Accept-Encoding]
Keep-Alive: [timeout=15, max=100]
Content-Type: [text/html; charset=utf-8]

EDIT: I have the same 302 response with a good password and a bad one, I really don't understand (and I've checked my password on OSM website to see if I'm not crazy :))

Last edited 14 years ago by Don-vip (previous) (diff)

comment:6 by Don-vip, 14 years ago

Description: modified (diff)
Summary: HTTP 302 response to OAuth authentification ?HTTP 302 response to OAuth full-auto authentication ?

Tested with semi-automatic method, works fine. OAuth is a bit cryptic for me, does anyone have any idea what happens when I try with full-automatic method ?

Note: See TracTickets for help on using tickets.