From f1fb73409936dd288e0e05f4810e108864e39562 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 10 Apr 2019 15:13:33 -0700 Subject: re-enable ORCiD login --- python/fatcat_web/__init__.py | 8 ++++---- python/fatcat_web/templates/auth_login.html | 10 +++------- 2 files changed, 7 insertions(+), 11 deletions(-) (limited to 'python/fatcat_web') diff --git a/python/fatcat_web/__init__.py b/python/fatcat_web/__init__.py index 6e285ddb..ba789609 100644 --- a/python/fatcat_web/__init__.py +++ b/python/fatcat_web/__init__.py @@ -8,7 +8,7 @@ from flask_wtf.csrf import CSRFProtect from flask_misaka import Misaka from flask_mwoauth import MWOAuth from authlib.flask.client import OAuth -from loginpass import create_flask_blueprint, Gitlab, GitHub +from loginpass import create_flask_blueprint, Gitlab, GitHub, ORCiD from raven.contrib.flask import Sentry import fatcat_client @@ -74,9 +74,9 @@ app.register_blueprint(mwoauth.bp, url_prefix='/auth/wikipedia') from fatcat_web import routes, editing_routes, auth, cors, forms # TODO: blocking on ORCID support in loginpass -#if Config.ORCID_CLIENT_ID: -# orcid_bp = create_flask_blueprint(ORCID, oauth, auth.handle_oauth) -# app.register_blueprint(orcid_bp, url_prefix='/auth/orcid') +if Config.ORCID_CLIENT_ID: + orcid_bp = create_flask_blueprint(ORCiD, oauth, auth.handle_oauth) + app.register_blueprint(orcid_bp, url_prefix='/auth/orcid') if Config.GITLAB_CLIENT_ID: gitlab_bp = create_flask_blueprint(Gitlab, oauth, auth.handle_oauth) diff --git a/python/fatcat_web/templates/auth_login.html b/python/fatcat_web/templates/auth_login.html index 6e9b1f15..85e33d79 100644 --- a/python/fatcat_web/templates/auth_login.html +++ b/python/fatcat_web/templates/auth_login.html @@ -37,21 +37,17 @@ Note that currently editor accounts are locked 1-to-1 with external identities. {% endif %} -{# not implemented in login pass yet #} {% if config.ORCID_CLIENT_ID %} -{# #} +

- {# #} - +
ORCiD - {#
via OpenID Connect
#} -
not implemented yet
+
via OpenID Connect

-{# #} {% endif %} {% if config.WIKIPEDIA_CLIENT_ID %} -- cgit v1.2.3 From f87c5482386c0df4e59f033c98db672ec6d0e370 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 10 Apr 2019 16:15:01 -0700 Subject: bugfix and special case for orcid logins --- python/fatcat_web/auth.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'python/fatcat_web') diff --git a/python/fatcat_web/auth.py b/python/fatcat_web/auth.py index 44a03f5f..06c8475b 100644 --- a/python/fatcat_web/auth.py +++ b/python/fatcat_web/auth.py @@ -54,10 +54,15 @@ def handle_oauth(remote, token, user_info): # not sure all loginpass backends will set it if user_info.get('preferred_username'): preferred_username = user_info['preferred_username'] + elif 'orcid.org' in iss: + # as a special case, prefix ORCiD identifier so it can be used as a + # username. If we instead used the human name, we could have + # collisions. Not a great user experience either way. + preferred_username = 'i' + user_info['sub'].replace('-', '') else: preferred_username = user_info['sub'] - params = fatcat_client.AuthOidc(remote.name, user_info['sub'], iss, user_info['preferred_username']) + params = fatcat_client.AuthOidc(remote.name, user_info['sub'], iss, preferred_username) # this call requires admin privs (resp, http_status, http_headers) = priv_api.auth_oidc_with_http_info(params) editor = resp.editor -- cgit v1.2.3