diff --git a/android/app/src/main/java/app/organicmaps/editor/OsmLoginFragment.java b/android/app/src/main/java/app/organicmaps/editor/OsmLoginFragment.java index c47671251..42bf7be6d 100644 --- a/android/app/src/main/java/app/organicmaps/editor/OsmLoginFragment.java +++ b/android/app/src/main/java/app/organicmaps/editor/OsmLoginFragment.java @@ -58,20 +58,20 @@ public class OsmLoginFragment extends BaseMwmToolbarFragment mProgress = view.findViewById(R.id.osm_login_progress); final String dataVersion = DateUtils.getShortDateFormatter().format(Framework.getDataVersion()); - if (BuildConfig.FLAVOR.equals("google")) - { - // Hide login and password inputs and Forgot password button - UiUtils.hide(view.findViewById(R.id.osm_username_container), - view.findViewById(R.id.osm_password_container), - mLostPasswordButton); + // TODO(@pastk): remove unused flow with users entering credentials into app's form + // Hide login and password inputs and Forgot password button + UiUtils.hide(view.findViewById(R.id.osm_username_container), + view.findViewById(R.id.osm_password_container), + mLostPasswordButton); - mLoginButton.setOnClickListener((v) -> loginWithBrowser()); - } + mLoginButton.setOnClickListener((v) -> loginWithBrowser()); + /* login via in-app form else { mLoginButton.setOnClickListener((v) -> login()); mLostPasswordButton.setOnClickListener((v) -> Utils.openUrl(requireActivity(), Constants.Url.OSM_RECOVER_PASSWORD)); } + */ String code = readOAuth2CodeFromArguments(); if (code != null && !code.isEmpty()) diff --git a/editor/osm_auth.cpp b/editor/osm_auth.cpp index a9c11a83b..098bb7007 100644 --- a/editor/osm_auth.cpp +++ b/editor/osm_auth.cpp @@ -289,11 +289,12 @@ string OsmOAuth::BuildOAuth2Url() const string OsmOAuth::FinishAuthorization(string const & oauth2code) const { + /// @todo(pastk): remove client_secret everywhere, its not required for auth through non-confidential apps auto params = BuildPostRequest({ {"grant_type", "authorization_code"}, {"code", oauth2code}, {"client_id", m_oauth2params.m_clientId}, - {"client_secret", m_oauth2params.m_clientSecret}, + //{"client_secret", m_oauth2params.m_clientSecret}, {"redirect_uri", m_oauth2params.m_redirectUri}, {"scope", m_oauth2params.m_scope}, }); diff --git a/private.h b/private.h index 635a3729b..8f5f35a09 100644 --- a/private.h +++ b/private.h @@ -1,7 +1,7 @@ #pragma once #define OSM_OAUTH2_CLIENT_ID "P10w0BFkJ2-IoV2tg94biU-x9grsbGnw072Ud-kMcUc" -#define OSM_OAUTH2_CLIENT_SECRET "3l3AjaFW7sJRKM4sOF0MrdBEpbm5XjCeCFDULFfu8vY" +#define OSM_OAUTH2_CLIENT_SECRET "" #define OSM_OAUTH2_REDIRECT_URI "cm://oauth2/osm/callback" #define OSM_OAUTH2_SCOPE "read_prefs write_api write_notes" #define MWM_GEOLOCATION_SERVER ""