ORCID iD not retrieved


#1

Dear,
I have enabled the ORCID plugin in the OJS 3.0.2 and I configured it using the Client ID and Client Secret provided by ORCID. The “Create or Connect your ORCID iD” button appears and I am asked to authorize the connection to ORCID, but the “ORCID iD” field at OJS is filled with “http://orcid.org/”. OJS cannot retrieve the ORCID ID.

I guess the problem is the ORCID Redirect URI I have registered at the ORCID. Are any of the URIs below correct?

http://www.jsime.org/index.php/jsimeng/orcidapi/orcidAuthorize
http://www.jsime.org/orcidAuth
http://www.jsime.org

Thank you,
Gustavo


#2

Hi @gnardin,

The ORCID API endpoint we contact to get user information seems to have disappeared. I’ve contacted ORCID and will see what they say.

Regards,
Alec Smecher
Public Knowledge Project Team


#3

Hi @asmecher,

I will wait for your reply.

Thank you for your update,
Gustavo


#4

I think the endpoint “orcid-profile” was actually a 1.2 endpoint, mistakenly applied by us to 2.0.

https://pub.sandbox.orcid.org/v2.0/#/Public_API_v2.0


#5

Would you be able to test this fix?


#6

Hi @ctgraham,
Yes, I can test this fix. I am new to OJS, I just need guidance of how to apply it on my system.

I am using the standard 3.0.2 version released on the PKP website.

Thank you,
Gustavo


#7

If you are familiar with software patching or with PHP code, you can use the changeset attached to that Pull Request (https://github.com/pkp/orcidProfile/commit/574c760d4834c75c49c3b99bf7ab37834e8818a6.diff) to make the modifications. If you are not familiar with software patching or with PHP code, I would recommend waiting until the pull request is tested by others and ultimately packaged into a new version of the orcidProfile plugin.


#8

Hi @ctgraham,
I installed the patch and tested. The ORCID ID is still not being filled in the user profile field.
Best,
Gustavo


#9

Are you looking at the user profile after logging in, or are you looking at the user profile at registration?

Can you describe your specific steps to test?


#10

Hi @ctgraham,

The steps I followed to test are:

  1. Login into the OJS with an administrator account
  2. Select View Profile (option on the top-right corner)
  3. Open Public Tab
  4. Click on the “Create or Connect our ORCID” button
  5. Fill in the ORCID username and password
  6. Click on the Authorize button
  7. I see only “http://orcid.org/” in the ORCID ID field

I also tried to using Register, but it did not obtain any information from the ORCID.

Thank you,
Gustavo


#11

Oddly, I don’t even get the “Create or Connect your ORCID” button on the Public tab of the User Profile.

It sounds, though, like something is failing in the connect to the ORCID API. What API endpoint have you selected in the plugin settings?


#12

The ORCID API endpoint I used is “Public”.

The button appeared as soon as I set up the ORCID Plugin. I faced no problem about it.

Gustavo


#13

I just tested this successfully against branch ojs-stable-3_0_2 (latest released fixes) and against tag ojs-3_0_2-0 (packaged version), using the Public API. Both populated my ORCID ID.

Do you see any javascript error messages or messages in your PHP error log which might be helpful?


#14

Hi @ctgraham,
Unfortunately I do not see any JavaScript message or PHP error.

Did you apply the patch or it did work without applying it? I will try to install the ojs-stable-3_0_2 version from the GitHub. The version I installed I downloaded from the Download link in the website (February 2017) and it may not be up-to-date.

I will test it and I let you know the result.

Thank you,
Gustavo


#15

I used the ojs-stable-3_0_2 branch from https://github.com/pkp/ojs/, with the master version from https://github.com/pkp/orcidProfile/ for my testing. My PR was merged into master this morning.


#16

@ctgraham,
I did not use the ojs-stable-3_0_2 branch, but I updated the orcidProfile plugin with the latest version I found today in the morning in the GitHub, but it still does not work.

I suspect that I may be using the wrong Redirect URI in the ORCID website. Is the Redirect URI below valid?

http://jsime.org/index.php/jsimeng/orcidapi/orcidAuthorize

Thank you,
Gustavo


#17

That URI seems reasonable.

I tried using the ORCID function on your Registration page. There is almost certainly a javascript error you are not seeing. Try removing the window.close() statement to be able to get a look at the javascript error console in your web inspector.


#18

Hi @ctgraham,

Sorry for the late reply. I was out of the office this last week.

I commented the window.close() commands and the window that pops up remains blank and the only message that shows at the Console JS log is

The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol.

The messages that show under the Console Security in the main window are

Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.[Learn More] register
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.woff2?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.woff?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.ttf?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Do these messages help? I am not able to identify the problem only looking at these messages, if any.

Thank you,
Gustavo


#19

Hmmm… a first guess would be that the new ORCID API 2.0 endpoints require HTTPS on both sides.

https://members.orcid.org/api/news/xsd-20-update#51

Might this be the blocker?


#20

Hi @ctgraham,
I changed the OJS configuration to support HTTPS and I also updated the URI Redirect. However, the problem remains with the exception of the message

Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.[Learn More] register

that is not shown anymore. The Console is not showing any other error message other than the ones related to the font

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.woff2?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.woff?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.ttf?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)

Do you have any other idea why ORCID plugin is not working?

Thank you,
Gustavo