pkp/orcidProfile#214 Allow valid orcid ids into database, refactor API Errors

OrcidProfilePlugin.inc.php

@@ -1467,5 +1467,6 @@ public function handleEditorAction($hookName, $args)
 
 		}
 	}
+
 }
 

locale/en_US/locale.po

@@ -38,6 +38,9 @@ msgstr "Please configure the ORCID API access for use in pulling ORCID profile i
 msgid "plugins.generic.orcidProfile.manager.settings.description.globallyconfigured"
 msgstr "The ORCID API was configured globally by the host. The following credentials have been saved."
 
+msgid "plugins.generic.orcidProfile.manager.settings.pluginDisabled"
+msgstr "Due to validation errors, plugin was disabled."
+
 msgid "plugins.generic.orcidProfile.manager.settings.orcidProfileAPIPath"
 msgstr "ORCID API"
 
@@ -65,6 +68,9 @@ msgstr "Profile Access Scope"
 msgid "plugins.generic.orcidProfile.manager.settings.mailSectionTitle"
 msgstr "E-Mail Settings"
 
+msgid "plugins.generic.orcidProfile.manager.settings.saved"
+msgstr "Settings saved"
+
 msgid "plugins.generic.orcidProfile.manager.settings.sendMailToAuthorsOnPublication"
 msgstr "Send e-mail to request ORCID authorization from authors when an article is accepted ie. sent to copy editing"
 
@@ -137,6 +143,9 @@ msgstr "You denied access to your ORCID record."
 msgid "plugins.generic.orcidProfile.authFailure"
 msgstr "The ORCID authorization link has already been used or is invalid."
 
+msgid "plugins.generic.orcidProfile.invalidClient"
+msgstr "Invalid client credentials"
+
 msgid "plugins.generic.orcidProfile.failure.contact"
 msgstr "Please contact the journal manager with your name, ORCID iD, and details of your submission."
 

pages/OrcidHandler.inc.php

@@ -16,13 +16,15 @@
 
 import('classes.handler.Handler');
 
-class OrcidHandler extends Handler {
+class OrcidHandler extends Handler
+{
 	const TEMPLATE = 'orcidVerify.tpl';
 
 	/**
 	 * @copydoc PKPHandler::authorize()
 	 */
-	function authorize($request, &$args, $roleAssignments) {
+	function authorize($request, &$args, $roleAssignments)
+	{
 		// Authorize all requets
 		import('lib.pkp.classes.security.authorization.PKPSiteAccessPolicy');
 		$this->addPolicy(new PKPSiteAccessPolicy(
@@ -51,7 +53,8 @@ function authorize($request, &$args, $roleAssignments) {
 	 * @param $args array
 	 * @param $request Request
 	 */
-	function orcidAuthorize($args, $request) {
+	function orcidAuthorize($args, $request)
+	{
 		$context = $request->getContext();
 		$op = $request->getRequestedOp();
 		$plugin = PluginRegistry::getPlugin('generic', 'orcidprofileplugin');
@@ -112,7 +115,7 @@ function orcidAuthorize($args, $request) {
 					]
 				);
 				if ($response->getStatusCode() != 200) {
-					error_log('ORCID employments URL error: ' . $response->getStatusCode() . ' (' . __FILE__ . ' line ' . __LINE__ . ', URL ' . $url . ')');
+					error_log('ORCID deployment URL error: ' . $response->getStatusCode() . ' (' . __FILE__ . ' line ' . __LINE__ . ', URL ' . $url . ')');
 					$employmentJson = null;
 				} else $employmentJson = json_decode($response->getBody(), true);
 
@@ -150,7 +153,8 @@ function orcidAuthorize($args, $request) {
 		}
 	}
 
-	function _setOrcidData($userOrAuthor, $orcidUri, $orcidResponse) {
+	function _setOrcidData($userOrAuthor, $orcidUri, $orcidResponse)
+	{
 		// Save the access token
 		$orcidAccessExpiresOn = Carbon\Carbon::now();
 		// expires_in field from the response contains the lifetime in seconds of the token
@@ -170,7 +174,8 @@ function _setOrcidData($userOrAuthor, $orcidUri, $orcidResponse) {
 	 * @param $args array
 	 * @param $request PKPRequest
 	 */
-	function orcidVerify($args, $request) {
+	function orcidVerify($args, $request)
+	{
 		$templateMgr = TemplateManager::getManager($request);
 		$context = $request->getContext();
 		$contextId = ($context == null) ? CONTEXT_ID_NONE : $context->getId();
@@ -249,71 +254,70 @@ function orcidVerify($args, $request) {
 		$plugin->logInfo('POST ' . $url);
 		$plugin->logInfo('Request header: ' . var_export($header, true));
 		$plugin->logInfo('Request body: ' . http_build_query($postData));
+		$responseJson = [];
+		try {
+			$response = $httpClient->request(
+				'POST',
+				$url,
+				[
+					'headers' => $header,
+					'form_params' => $postData,
+				]
+			);
 
-		$response = $httpClient->request(
-			'POST',
-			$url,
-			[
-				'headers' => $header,
-				'form_params' => $postData,
-			]
-		);
-		if ($response->getStatusCode() != 200) {
-			$plugin->logError('OrcidHandler::orcidverify - unexpected response: ' . $response->getStatusCode());
-			$templateMgr->assign('authFailure', true);
+			$responseJson = json_decode($response->getBody(), true);
+
+			$plugin->logInfo('Response body: ' . print_r($responseJson, true));
+
+
+		} catch (GuzzleHttp\Exception\RequestException  $exception) {
+
+			$plugin->logInfo("Publication fail:  " . $exception->getMessage());
+			$templateMgr->assign('orcidAPIError', $exception->getMessage());
 			$templateMgr->display($templatePath);
-			return;
 		}
-		$response = json_decode($response->getBody(), true);
 
-		$plugin->logInfo('Response body: ' . print_r($response, true));
-		if (isset($response['error']) && $response['error'] === 'invalid_grant') {
-			$plugin->logError("Authorization code invalid, maybe already used");
-			$templateMgr->assign('authFailure', true);
-			$templateMgr->display($templatePath);
-			return;
-		} elseif (isset($response['error'])) {
-			$plugin->logError("Invalid ORCID response: " . $response['error']);
+		// Set the orcid id using the full https uri
+		$orcidUri = ($isSandBox ? ORCID_URL_SANDBOX : ORCID_URL) . $responseJson['orcid'];
+
+		if ($response->getStatusCode() == 200 && strlen($responseJson['orcid'] > 0)) {
+			$authorToVerify->setOrcid($orcidUri);
+			if ($isSandBox) $authorToVerify->setData('orcidSandbox', true);
+			$templateMgr->assign('orcid', $orcidUri);
+			// remove the email token
+			$authorToVerify->setData('orcidEmailToken', null);
+			$this->_setOrcidData($authorToVerify, $orcidUri, $responseJson);
+			$authorDao->updateObject($authorToVerify);
+			if ($plugin->isMemberApiEnabled($contextId)) {
+				if ($publication->getData('status') == STATUS_PUBLISHED) {
+					$templateMgr->assign('sendSubmission', true);
+					$sendResult = $plugin->sendSubmissionToOrcid($publication, $request);
+					if ($sendResult === true || (is_array($sendResult) && $sendResult[$responseJson['orcid']])) {
+						$templateMgr->assign('sendSubmissionSuccess', true);
+					}
+				} else {
+					$templateMgr->assign('submissionNotPublished', true);
+				}
+			}
+
+			$templateMgr->assign(array(
+				'verifySuccess' => true,
+				'orcidIcon' => $plugin->getIcon()
+			));
+		} else {
+			$plugin->logError('OrcidHandler::orcidverify - unexpected response: ' . $response->getStatusCode());
 			$templateMgr->assign('authFailure', true);
+			$templateMgr->assign('orcidAPIError', $response->getReasonPhrase());
 			$templateMgr->display($templatePath);
 		}
-		// Set the orcid id using the full https uri
-		$orcidUri = ($isSandBox ? ORCID_URL_SANDBOX : ORCID_URL) . $response['orcid'];
+
+
 		if (!empty($authorToVerify->getOrcid()) && $orcidUri != $authorToVerify->getOrcid()) {
 			// another ORCID id is stored for the author
 			$templateMgr->assign('duplicateOrcid', true);
 			$templateMgr->display($templatePath);
 			return;
 		}
-		$authorToVerify->setOrcid($orcidUri);
-		if ($isSandBox) {
-			// Set a flag to mark that the stored orcid id and access token came form the sandbox api
-			$authorToVerify->setData('orcidSandbox', true);
-			$templateMgr->assign('orcid', ORCID_URL_SANDBOX . $response['orcid']);
-		} else {
-			$templateMgr->assign('orcid', $orcidUri);
-		}
-
-		// remove the email token
-		$authorToVerify->setData('orcidEmailToken', null);
-		$this->_setOrcidData($authorToVerify, $orcidUri, $response);
-		$authorDao->updateObject($authorToVerify);
-		if ($plugin->isMemberApiEnabled($contextId)) {
-			if ($publication->getData('status') == STATUS_PUBLISHED) {
-				$templateMgr->assign('sendSubmission', true);
-				$sendResult = $plugin->sendSubmissionToOrcid($publication, $request);
-				if ($sendResult === true || (is_array($sendResult) && $sendResult[$response['orcid']])) {
-					$templateMgr->assign('sendSubmissionSuccess', true);
-				}
-			} else {
-				$templateMgr->assign('submissionNotPublished', true);
-			}
-		}
-
-		$templateMgr->assign(array(
-			'verifySuccess' => true,
-			'orcidIcon' => $plugin->getIcon()
-		));
 
 		$templateMgr->display($templatePath);
 	}
@@ -323,7 +327,8 @@ function orcidVerify($args, $request) {
 	 * @param $args array
 	 * @param $request PKPRequest
 	 */
-	function about($args, $request) {
+	function about($args, $request)
+	{
 		$context = $request->getContext();
 		$contextId = ($context == null) ? CONTEXT_ID_NONE : $context->getId();
 		$templateMgr = TemplateManager::getManager($request);

templates/orcidVerify.tpl

@@ -38,15 +38,20 @@
 		{/if}
 	{else}
 		<div class="orcid-failure">
-		{if $denied}
-			{translate key="plugins.generic.orcidProfile.authDenied"}
-		{elseif $authFailure}
-			{translate key="plugins.generic.orcidProfile.authFailure"}
-		{elseif $duplicateOrcid}
-			{translate key="plugins.generic.orcidProfile.verify.duplicateOrcid"}
-		{else}
-			{translate key="plugins.generic.orcidProfile.verify.failure"}
-		{/if}
+            {if $orcidAPIError}
+				{$orcidAPIError}
+			{/if}
+            {if $invalidClient}
+                {translate key="plugins.generic.orcidProfile.invalidClient"}
+            {elseif $duplicateOrcid}
+                {translate key="plugins.generic.orcidProfile.verify.duplicateOrcid"}
+            {elseif $denied}
+                {translate key="plugins.generic.orcidProfile.authDenied"}
+            {elseif $authFailure}
+                {translate key="plugins.generic.orcidProfile.authFailure"}
+            {else}
+                {translate key="plugins.generic.orcidProfile.verify.failure"}
+            {/if}
 		</div>
 		{translate key="plugins.generic.orcidProfile.failure.contact"}
 	{/if}