Allow cookies to be sent with HTTP replication requests

[Nakaner]

This is work in process but feedback is appreciated.

Geofabrik's download server has been requiring an authentication cookie for all OSM data which contains sensitive personal metadata (username, user IDs, changeset IDs) since Thursday. Data protection regulations require us to ensure that only authorized users access personal metadata.

To use the new cookie support of Osmosis, users have to place a file called cookie.txt in the working directory next to the configuration.txt file. configuration.txt needs to be extended by a property attachCookie = true to enable cookie support.

The server-side authentication software is open source. There is also a client to retrieve cookies automatically (it is necessary to do this every 48 hours for security reasons).

I will add an additional call to the bot API [1] of the Geofabrik Download server to make it possible for Osmosis to check the validity of the cookie instead of checking for HTTP status 301 (redirect to osm.org OAuth authorization form).

The OSM Foundation might choose to use existing software to reduce the necessary work because they have to do similar changes to planet.openstreetmap.org.

This is a follow-up of geofabrik/sendfile_osm_oauth_protector#2 raised by @pedro042

[1] unofficial name

[amandasaurus]

FYI there is a file format for storing cookie, the original Netscape "cookie jar" format. Many tools (e.g. Python's http.cookiejar library, curl, wget (There's references to RFCs, but I don't wanna read them now)). As far as I can tell, you're just storing the cookie's value in a file.

The format is quite simple. It should be easy to add, and then you're not inventing a new file format. Maybe the http library in osmosis supports this easily?

[simonpoole]

@Nakaner could you fix the checkstyle complaints (you should be using JAVA conventions for method names, that is mainly camel case)? It would be nice if we could move forward on the easy to fix privacy issues at last.