OAuth/examples

From OpenStreetMap Wiki
Jump to navigation Jump to search

The following OAuth examples will help developers create new OpenStreetMap OAuth client software. The links give code snippets or fully working tools (with source code) in several programming languages. For more information see the general page on OAuth.

JavaScript

Ruby

Python

Example using authlib

# using requests implementation
from authlib.integrations.requests_client import OAuth2Session

# using httpx implementation (async)
#from authlib.integrations.httpx_client import AsyncOAuth2Client

client_id = 'YOUR_CLIENT_ID'
client_secret = 'YOUR_CLIENT_SECRET'
user_agent = 'YourAppName/0.1'

# api scopes (see https://wiki.openstreetmap.org/wiki/OAuth)
scope = 'read_prefs write_api'

# URI to redirect to after successful authorization
redirect_uri = 'https://example.com/callback'

client = OAuth2Session(
    client_id,
    client_secret,
    scope=scope,
    redirect_uri=redirect_uri,
    headers={'User-Agent': user_agent})

# generate authorization URL and state (save it for later)
uri, state = client.create_authorization_url('https://www.openstreetmap.org/oauth2/authorize')

# redirect the user to the authorization URL and wait for callback
print(uri)

# ...
# ...

# after authorization, capture the full callback URL
# replace `request.url` with the actual URL you received
callback_url = str(request.url)

# fetch the OAuth2 token using the state and callback URL
client.token = client.fetch_token(
    'https://www.openstreetmap.org/oauth2/token',
    state=state,
    authorization_response=callback_url)

# make authenticated API request
r = client.get('https://api.openstreetmap.org/api/0.6/user/details.json')
r.raise_for_status()
print(r.json())

Example using requests_oauthlib and OAuth1 (***OAuth1 is deprecated***)

Assuming that you collected an access token from the API, you may call the API using this access token using the library requests oauthlib, using the Oauth1 Workflow

from requests_oauthlib import OAuth1Session

client = OAuth1Session(
    client_key='abcde',
    client_secret='123456,
    resource_owner_key=access_token['oauth_token'],
    resource_owner_secret=access_token['oauth_token_secret'],
    signature_type='auth_header'
)

r = client.get('https://api.openstreetmap.org/api/0.6/user/details.json')

PHP

R

  • osmapiR (PR) OSM API v0.6 implementation for R.

Example for OAuth2 with httr2

obfuscated_secret <- httr2::obfuscate("OAuth-secret0123456789") # raw secret

client <- httr2::oauth_client(
  id = "OAuth-id0123456789"),
  token_url = "https://www.openstreetmap.org/oauth2/token",
  secret = httr2::obfuscated(obfuscated_secret), # save the obfuscated secret string in the code here instead of the raw secret above
  auth = "header"
)

token <- httr2::oauth_flow_auth_code(
  client = client,
  auth_url = "https://www.openstreetmap.org/oauth2/authorize",
  scope = paste(c("read_prefs", "write_prefs", "write_api", "read_gpx", "write_gpx", "write_notes"), collapse = " "),
  pkce = TRUE,
  redirect_uri = "http://127.0.0.1"
)