User story
Is your feature request related to a problem? Please describe.
As an implementer of Decidim when I need to configure a new installation I can't configure HERE.com maps anymore, as they've changed the way the handle authentication:
App code credentials will continue to be supported for a few products and current Developer Portal accounts where App code credentials have already been generated for an App. New accounts will only be able to use App Code credentials for some legacy products. App code credentials are the least secure of the authentication credential types and we recommend the use of the API Key or OAuth 2.0 Token credentials instead for improved security.
Source
Describe the solution you'd like
To have the possibility to use API Key Credentials AND App Code Credentials.
Legacy apps are still working with the old ways of logging in and on Decidim we literally have As HERE is not allowing new apps to easily configure themselves with the old credentials, as there are lots of installations of Decidim already working with this. On these cases, we should show an DEPRECATION warning to let the implementer know that this is going to change on the future if HERE.com decides to close this authentication mechanism.
Describe alternatives you've considered
To have alternatives to HERE.com itself, as we're pretty tightly coupled to their platform and we shouldn't be, as there are others Open Street Maps tiling providers (a Decidim implementer could even decide to roll out their own OSM tiling server), but this is going to be a bigger task and we're not tackling this (yet), although this could change on the future.
Additional context
Documentation
The files needed to be changed are:
- decidim-core/app/assets/javascripts/decidim/map.js.es6
- decidim-core/app/helpers/decidim/map_helper.rb
- decidim-core/app/services/decidim/static_map_generator.rb
- decidim-core/lib/decidim/core/engine.rb
- decidim-core/vendor/assets/javascripts/leaflet-tilelayer-here.js
- decidim-dev/lib/decidim/dev/test/rspec_support/geocoder.rb
- decidim-generators/lib/decidim/generators/app_templates/initializer.rb
- decidim-generators/lib/decidim/generators/app_templates/secrets.yml.erb
It's important to notice that the Leaflet library that we're using has not yet supported this new mechanism, so we should also change this. As it seems that it's not being actively maintained we could start with a fork of their library, but when we have it working we should make a Merge/Pull Request upstream.
Does this issue could impact on users private data?
No
Acceptance criteria
User story
Is your feature request related to a problem? Please describe.
As an implementer of Decidim when I need to configure a new installation I can't configure HERE.com maps anymore, as they've changed the way the handle authentication:
Source
Describe the solution you'd like
To have the possibility to use API Key Credentials AND App Code Credentials.
Legacy apps are still working with the old ways of logging in and on Decidim we literally have As HERE is not allowing new apps to easily configure themselves with the old credentials, as there are lots of installations of Decidim already working with this. On these cases, we should show an DEPRECATION warning to let the implementer know that this is going to change on the future if HERE.com decides to close this authentication mechanism.
Describe alternatives you've considered
To have alternatives to HERE.com itself, as we're pretty tightly coupled to their platform and we shouldn't be, as there are others Open Street Maps tiling providers (a Decidim implementer could even decide to roll out their own OSM tiling server), but this is going to be a bigger task and we're not tackling this (yet), although this could change on the future.
Additional context
Documentation
The files needed to be changed are:
It's important to notice that the Leaflet library that we're using has not yet supported this new mechanism, so we should also change this. As it seems that it's not being actively maintained we could start with a fork of their library, but when we have it working we should make a Merge/Pull Request upstream.
Does this issue could impact on users private data?
No
Acceptance criteria