ORCID iD not retrieved

gnardin · July 14, 2017, 8:13am

Dear,
I have enabled the ORCID plugin in the OJS 3.0.2 and I configured it using the Client ID and Client Secret provided by ORCID. The “Create or Connect your ORCID iD” button appears and I am asked to authorize the connection to ORCID, but the “ORCID iD” field at OJS is filled with “http://orcid.org/”. OJS cannot retrieve the ORCID ID.

I guess the problem is the ORCID Redirect URI I have registered at the ORCID. Are any of the URIs below correct?

http://www.jsime.org/index.php/jsimeng/orcidapi/orcidAuthorize
http://www.jsime.org/orcidAuth
http://www.jsime.org

Thank you,
Gustavo

asmecher · July 17, 2017, 6:01pm

Hi @gnardin,

The ORCID API endpoint we contact to get user information seems to have disappeared. I’ve contacted ORCID and will see what they say.

Regards,
Alec Smecher
Public Knowledge Project Team

gnardin · July 18, 2017, 12:14pm

Hi @asmecher,

I will wait for your reply.

Thank you for your update,
Gustavo

ctgraham · July 18, 2017, 1:17pm

I think the endpoint “orcid-profile” was actually a 1.2 endpoint, mistakenly applied by us to 2.0.

https://pub.sandbox.orcid.org/v2.0/#/Public_API_v2.0

ctgraham · July 18, 2017, 2:31pm

Would you be able to test this fix?
https://github.com/pkp/orcidProfile/pull/20

gnardin · July 18, 2017, 3:38pm

Hi @ctgraham,
Yes, I can test this fix. I am new to OJS, I just need guidance of how to apply it on my system.

I am using the standard 3.0.2 version released on the PKP website.

Thank you,
Gustavo

ctgraham · July 18, 2017, 3:52pm

If you are familiar with software patching or with PHP code, you can use the changeset attached to that Pull Request (https://github.com/pkp/orcidProfile/commit/574c760d4834c75c49c3b99bf7ab37834e8818a6.diff) to make the modifications. If you are not familiar with software patching or with PHP code, I would recommend waiting until the pull request is tested by others and ultimately packaged into a new version of the orcidProfile plugin.

gnardin · July 20, 2017, 7:50am

Hi @ctgraham,
I installed the patch and tested. The ORCID ID is still not being filled in the user profile field.
Best,
Gustavo

ctgraham · July 20, 2017, 12:05pm

Are you looking at the user profile after logging in, or are you looking at the user profile at registration?

Can you describe your specific steps to test?

gnardin · July 20, 2017, 12:29pm

Hi @ctgraham,

The steps I followed to test are:

Login into the OJS with an administrator account
Select View Profile (option on the top-right corner)
Open Public Tab
Click on the “Create or Connect our ORCID” button
Fill in the ORCID username and password
Click on the Authorize button
I see only “http://orcid.org/” in the ORCID ID field

I also tried to using Register, but it did not obtain any information from the ORCID.

Thank you,
Gustavo

ctgraham · July 20, 2017, 12:53pm

Oddly, I don’t even get the “Create or Connect your ORCID” button on the Public tab of the User Profile.

It sounds, though, like something is failing in the connect to the ORCID API. What API endpoint have you selected in the plugin settings?

gnardin · July 20, 2017, 1:08pm

The ORCID API endpoint I used is “Public”.

The button appeared as soon as I set up the ORCID Plugin. I faced no problem about it.

Gustavo

ctgraham · July 20, 2017, 1:20pm

I just tested this successfully against branch ojs-stable-3_0_2 (latest released fixes) and against tag ojs-3_0_2-0 (packaged version), using the Public API. Both populated my ORCID ID.

Do you see any javascript error messages or messages in your PHP error log which might be helpful?

gnardin · July 20, 2017, 1:36pm

Hi @ctgraham,
Unfortunately I do not see any JavaScript message or PHP error.

Did you apply the patch or it did work without applying it? I will try to install the ojs-stable-3_0_2 version from the GitHub. The version I installed I downloaded from the Download link in the website (February 2017) and it may not be up-to-date.

I will test it and I let you know the result.

Thank you,
Gustavo

ctgraham · July 20, 2017, 1:59pm

I used the ojs-stable-3_0_2 branch from GitHub - pkp/ojs: Open Journal Systems, with the master version from GitHub - pkp/orcidProfile: A plugin to pull ORCID information into a PKP user profile for my testing. My PR was merged into master this morning.

gnardin · July 21, 2017, 7:07pm

@ctgraham,
I did not use the ojs-stable-3_0_2 branch, but I updated the orcidProfile plugin with the latest version I found today in the morning in the GitHub, but it still does not work.

I suspect that I may be using the wrong Redirect URI in the ORCID website. Is the Redirect URI below valid?

http://jsime.org/index.php/jsimeng/orcidapi/orcidAuthorize

Thank you,
Gustavo

ctgraham · July 24, 2017, 1:43pm

That URI seems reasonable.

I tried using the ORCID function on your Registration page. There is almost certainly a javascript error you are not seeing. Try removing the window.close() statement to be able to get a look at the javascript error console in your web inspector.

github.com

pkp/orcidProfile/blob/574c760d4834c75c49c3b99bf7ab37834e8818a6/pages/OrcidHandler.inc.php#L83


		$orcid_uri = 'http://orcid.org/' . $response['orcid'];

		switch (Request::getUserVar('targetOp')) {
			case 'register':
				echo '<html><body><script type="text/javascript">
					opener.document.getElementById("firstName").value = ' . json_encode($json['name']['given-names']['value']) . ';
					opener.document.getElementById("lastName").value = ' . json_encode($json['name']['family-name']['value']) . ';
					opener.document.getElementById("email").value = ' . json_encode($json['email']['value']) . ';
					opener.document.getElementById("orcid").value = ' . json_encode($orcid_uri). ';
					opener.document.getElementById("connect-orcid-button").style.display = "none";
					window.close();
				</script></body></html>';
				break;
			case 'profile':
				// Set the ORCiD in the user profile from the response
				echo '<html><body><script type="text/javascript">
					opener.document.getElementsByName("orcid")[0].value = ' . json_encode($orcid_uri). ';
					opener.document.getElementById("connect-orcid-button").style.display = "none";
					window.close();
				</script></body></html>';
				break;

gnardin · August 2, 2017, 12:01pm

Hi @ctgraham,

Sorry for the late reply. I was out of the office this last week.

I commented the window.close() commands and the window that pops up remains blank and the only message that shows at the Console JS log is

The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol.

The messages that show under the Console Security in the main window are

Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.[Learn More] register
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.woff2?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.woff?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.ttf?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Do these messages help? I am not able to identify the problem only looking at these messages, if any.

Thank you,
Gustavo

ctgraham · August 2, 2017, 12:44pm

Hmmm… a first guess would be that the new ORCID API 2.0 endpoints require HTTPS on both sides.

Might this be the blocker?

gnardin · August 4, 2017, 7:39am

Hi @ctgraham,
I changed the OJS configuration to support HTTPS and I also updated the URI Redirect. However, the problem remains with the exception of the message

Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.[Learn More] register

that is not shown anymore. The Console is not showing any other error message other than the ones related to the font

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.woff2?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.woff?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jsime.org/lib/pkp/fonts/fontawesome/fontawesome-webfont.ttf?v=4.3.0. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)

Do you have any other idea why ORCID plugin is not working?

Thank you,
Gustavo