Drop support for OAuth 1

config/initializers/oauth.rb

@@ -1,90 +0,0 @@
-require "oauth/controllers/provider_controller"
-require "oauth/helper"
-require "oauth/rack/oauth_filter"
-
-Rails.configuration.middleware.use OAuth::Rack::OAuthFilter
-
-module OAuth
-  module Helper
-    def escape(value)
-      value.to_s.gsub(OAuth::RESERVED_CHARACTERS) do |c|
-        c.bytes.map do |b|
-          format("%%%02X", b)
-        end.join
-      end.force_encoding(Encoding::US_ASCII)
-    end
-
-    def unescape(value)
-      value.to_s.gsub(/%\h{2}/) do |c|
-        c[1..].to_i(16).chr
-      end.force_encoding(Encoding::UTF_8)
-    end
-  end
-
-  module RequestProxy
-    class RackRequest
-      def method
-        request.request_method
-      end
-    end
-  end
-end
-
-module OpenStreetMap
-  module ProviderController
-    def self.prepended(mod)
-      super
-      mod.singleton_class.prepend(OpenStreetMap::ProviderController::ClassMethods)
-    end
-
-    def render(options = {})
-      text = options.delete(:text)
-      if text
-        super(options.merge(:plain => text))
-      elsif options.delete(:nothing)
-        status = options.delete(:status) || :ok
-        head status, options
-      else
-        super
-      end
-    end
-
-    module ClassMethods
-      def included(controller)
-        controller.class_eval do
-          def self.before_filter(...)
-            before_action(...)
-          end
-
-          def self.skip_before_filter(...)
-            skip_before_action(...)
-          end
-        end
-
-        super
-      end
-    end
-  end
-
-  module OAuthFilter
-    def oauth1_verify(request, options = {}, &block)
-      signature = OAuth::Signature.build(request, options, &block)
-      return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
-
-      value = signature.verify
-      if request.ssl? && !value
-        http_request = request.dup
-        http_request.define_singleton_method(:scheme) { "http" }
-        http_request.define_singleton_method(:port) { 80 }
-        signature = OAuth::Signature.build(http_request, options, &block)
-        value = signature.verify
-      end
-      value
-    rescue OAuth::Signature::UnknownSignatureMethod
-      false
-    end
-  end
-end
-
-OAuth::Controllers::ProviderController.prepend(OpenStreetMap::ProviderController)
-OAuth::Rack::OAuthFilter.prepend(OpenStreetMap::OAuthFilter)

config/locales/en.yml

@@ -2598,7 +2598,6 @@ en:
       need_to_see_terms: "Your access to the API is temporarily suspended. Please log-in to the web interface to view the Contributor Terms. You do not need to agree, but you must view them."
     settings_menu:
       account_settings: Account Settings
-      oauth1_settings: OAuth 1 settings
       oauth2_applications: OAuth 2 applications
       oauth2_authorizations: OAuth 2 authorizations
       muted_users: Muted Users
@@ -2624,28 +2623,6 @@ en:
         title: Log in with Wikipedia
         alt: Wikipedia logo
   oauth:
-    authorize:
-      title: "Authorize access to your account"
-      request_access_html: "The application %{app_name} is requesting access to your account, %{user}. Please check whether you would like the application to have the following capabilities. You may choose as many or as few as you like."
-      allow_to: "Allow the client application to:"
-      allow_read_prefs:  "read your user preferences."
-      allow_write_prefs: "modify your user preferences."
-      allow_write_diary: "create diary entries, comments and make friends."
-      allow_write_api:   "modify the map."
-      allow_read_gpx:    "read your private GPS traces."
-      allow_write_gpx:   "upload GPS traces."
-      allow_write_notes: "modify notes."
-      grant_access: "Grant Access"
-    authorize_success:
-      title: "Authorization request allowed"
-      allowed_html: "You have granted application %{app_name} access to your account."
-      verification: "The verification code is %{code}."
-    authorize_failure:
-      title: "Authorization request failed"
-      denied: "You have denied application %{app_name} access to your account."
-      invalid: "The authorization token is not valid."
-    revoke:
-      flash: "You've revoked the token for %{application}"
     permissions:
       missing: "You have not permitted the application access to this facility"
     scopes:
@@ -2664,46 +2641,6 @@ en:
       skip_authorization: Auto approve application
     for_roles:
       moderator: This permission is for actions available only to moderators
-  oauth_clients:
-    new:
-      title: "Register a new application"
-      disabled: "Registration of OAuth 1 applications has been disabled"
-    edit:
-      title: "Edit your application"
-    show:
-      title: "OAuth details for %{app_name}"
-      key: "Consumer Key:"
-      secret: "Consumer Secret:"
-      url: "Request Token URL:"
-      access_url: "Access Token URL:"
-      authorize_url: "Authorise URL:"
-      support_notice: "We support HMAC-SHA1 (recommended) and RSA-SHA1 signatures."
-      edit: "Edit Details"
-      delete: "Delete Client"
-      confirm: "Are you sure?"
-      requests: "Requesting the following permissions from the user:"
-    index:
-      title: "My OAuth Details"
-      my_tokens: "My Authorised Applications"
-      list_tokens: "The following tokens have been issued to applications in your name:"
-      application: "Application Name"
-      issued_at: "Issued At"
-      revoke: "Revoke!"
-      my_apps: "My Client Applications"
-      no_apps_html: "Do you have an application you would like to register for use with us using the %{oauth} standard? You must register your web application before it can make OAuth requests to this service."
-      oauth: OAuth
-      registered_apps: "You have the following client applications registered:"
-      register_new: "Register your application"
-    form:
-      requests: "Request the following permissions from the user:"
-    not_found:
-      sorry: "Sorry, that %{type} could not be found."
-    create:
-      flash: "Registered the information successfully"
-    update:
-      flash: "Updated the client information successfully"
-    destroy:
-      flash: "Destroyed the client application registration"
   oauth2_applications:
     index:
       title: "My Client Applications"

config/routes.rb

@@ -323,17 +323,6 @@ OpenStreetMap::Application.routes.draw do
   end
   resources :user_mutes, :only => [:index]
 
-  # oauth admin pages (i.e: for setting up new clients, etc...)
-  scope "/user/:display_name" do
-    resources :oauth_clients
-  end
-  match "/oauth/revoke" => "oauth#revoke", :via => [:get, :post]
-  match "/oauth/authorize" => "oauth#authorize", :via => [:get, :post], :as => :authorize
-  get "/oauth/token" => "oauth#token", :as => :token
-  match "/oauth/request_token" => "oauth#request_token", :via => [:get, :post], :as => :request_token
-  match "/oauth/access_token" => "oauth#access_token", :via => [:get, :post], :as => :access_token
-  get "/oauth/test_request" => "oauth#test_request", :as => :test_request
-
   # roles and banning pages
   post "/user/:display_name/role/:role/grant" => "user_roles#grant", :as => "grant_role"
   post "/user/:display_name/role/:role/revoke" => "user_roles#revoke", :as => "revoke_role"

config/settings.yml

@@ -108,12 +108,6 @@ attachments_dir: ":rails_root/public/attachments"
 #memcache_servers: []
 # Enable HTTP basic authentication support
 basic_auth_support: true
-# Enable OAuth 1.0/1.0a registration
-oauth_10_registration: true
-# Enable legacy OAuth 1.0 support
-oauth_10_support: true
-# Enable OAuth 1.0a support
-oauth_10a_support: true
 # URL of Nominatim instance to use for geocoding
 nominatim_url: "https://nominatim.openstreetmap.org/"
 # Default editor