OAuth authorization via proxy
The idea was: to upload photos from a mobile app, I need to seamlessly login to Panoramax. But I already have an OpenStreetMap OAuth2 token, and I don't want to make a user to go through authentication (via OSM auth) again.
So I take the access_token
I have, feed it to Panoramax, and it logs me in, discarding the token.
Here is a proof of concept endpoint, and a test code that shows it working.
I doubt this is secure (but it's an access token, what the worst that could happen), and there might be side effects (e.g. token expiring), but generally it works.
What do you think?
Okay to close this, the ticket can serve as an example.