Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow different post-ORCID login behaviors #1130

Merged
merged 7 commits into from
Feb 8, 2024
Merged

Allow different post-ORCID login behaviors #1130

merged 7 commits into from
Feb 8, 2024

Conversation

pkalita-lbl
Copy link
Collaborator

These changes add a behavior query parameter to the existing /login and /token endpoints in order to change the behavior of what happens to the token after authenticating with ORCID. The default, web, retains the current behavior: store the token in a session cookie and redirect to the home page. The new ones are:

  • jwt which just returns a plain string response of the token
  • app which redirects to the app's token collection page (the hostname is configurable with a new variable here) with the token in a query parameter

At Shreyas's suggestion I did look to see if we could avoid re-encoding the token after the authorize_access_token function automatically decodes it, but nothing really jumped out to me. As far as I can tell the re-encoding isn't hurting anything so I'm inclined to just let it be.

@pkalita-lbl pkalita-lbl mentioned this pull request Feb 8, 2024
Merged
naglepuff
naglepuff reviewed Feb 8, 2024
View reviewed changes
Copy link
Collaborator

@naglepuff naglepuff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No major issues here, but I did have one concern about a change to get_token.

@pkalita-lbl pkalita-lbl merged commit c0b7b03 into main Feb 8, 2024
2 checks passed
@pkalita-lbl pkalita-lbl deleted the jwt-token-bearer-auth branch February 8, 2024 22:02
@pkalita-lbl pkalita-lbl linked an issue Feb 9, 2024 that may be closed by this pull request
Enable ORCID token based authentication to Submission Portal API #1104
Closed
@pkalita-lbl pkalita-lbl mentioned this pull request Mar 27, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@naglepuff naglepuff naglepuff left review comments

@shreddd shreddd Awaiting requested review from shreddd

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Enable ORCID token based authentication to Submission Portal API
3 participants
@pkalita-lbl @naglepuff @eecavanna