Sandbox release: new signin and register
316 views
Skip to first unread message
Pedro Costa
Sep 25, 2020, 4:49:16 PM9/25/20
to ORCID API Users
We at ORCID have been working on the migration of our front-end to Angular. Some components like the home page and the password reset page have been migrated in the last few months.
We have now completed testing the migration of the signin and register components, as well as support for OAuth, institutional signin, and social signin. A release including these changes was pushed to the Sandbox environment (https://sandbox.orcid.org) moments ago. If you come across any issues while testing on Sandbox, please let us know.
The plan is to move the release to Production next week.
Vincent
Sep 27, 2020, 7:23:40 AM9/27/20
to Pedro Costa, ORCID API Users
Hi Pedro,
When trying to signing on sandbox.orcid.org, I just get the loading throbber without signing in ever completing. Looking at my developer console, I just see repeated logs of "Error: gtag call timed-out". Without being familiar with your code (so it might be something else), it looks like you're assuming presence of Google Tag Manager at some critical path, which gets blocked either by Firefox's tracking protection or my adblocker. Thus, it might be good to test it with those enabled as well, if not done already.
Best,
Vincent
--
You received this message because you are subscribed to the Google Groups "ORCID API Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orcid-api-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/orcid-api-users/76c63edc-12ec-487b-bb69-6a5459e5bee7o%40googlegroups.com.
Pedro Costa
Sep 28, 2020, 6:57:33 AM9/28/20
to ORCID API Users
Hi Vincent,
Thanks for reporting this! Could you please let us know which adblocker are you using on Firefox?
Kind regards,
Vincent
Sep 28, 2020, 7:03:53 AM9/28/20
to Pedro Costa, ORCID API Users
Hi Pedro,
Of course. I am using uBlock Origin, and I have enabled the built-in filters, the EasyList filters, the EasyPrivacy filters, the Online Malicious URL Blocklist, and Peter Lowe's Ad and tracking server list.
Cheers,
Vincent
To view this discussion on the web visit https://groups.google.com/d/msgid/orcid-api-users/a788cc78-e8e2-45af-9803-b544d00469fdn%40googlegroups.com.
Pedro Costa
Sep 28, 2020, 8:18:58 AM9/28/20
to ORCID API Users
Hi Vincent,
Thanks again. I was able to replicate the issue and we're looking into it!
Angel Montenegro
Sep 28, 2020, 4:36:40 PM9/28/20
to ORCID API Users
Hi Vincent,
We just released a fix to sandbox, could you please try again and let us know?
Thanks again for reporting us this problem!
Regards,
Angel Montenegro
Tech lead, registry
Vincent
Sep 29, 2020, 3:23:09 AM9/29/20
to Angel Montenegro, ORCID API Users
Hi Angel,
Thanks, signing in directly at https://sandbox.orcid.org/signin now works. However, unfortunately OAuth sign-in still does not work correctly in the browser with tracking protection and an ad blocker. That might be a different issue though; I do see that I'm getting redirected back to my app with a `code` query parameter.
Cheers,
Vincent
To view this discussion on the web visit https://groups.google.com/d/msgid/orcid-api-users/61ab5e6d-07c6-496d-9d31-91197d24d539n%40googlegroups.com.
Pedro Costa
Sep 29, 2020, 10:28:40 AM9/29/20
to ORCID API Users
Hi Vincent,
It sounds like you were redirected to your app's redirect_uri with a new authorization code appended to the URL. This happens when you visit an authorization URL for a client which you have already authorized (and the client has a valid access token for your record). You won't see the authorize screen in this scenario.
I tried signing in during OAuth with the "adblocker ultimate" extension in Firefox and was able to sign in and see the authorize screen. I was able to replicate the initial issue you had reported with this browser extension (before Angel's fix) but I'm unable to replicate the second issue being reported now.
Could you please either:
- try again but this time with this authorization URL (for my sandbox testing client): https://sandbox.orcid.org/oauth/authorize?client_id=APP-JXT716YEMYK0KFFY&response_type=code&scope=/activities/update%20/read-limited&redirect_uri=https://developers.google.com/oauthplayground
- or if you prefer to try again with the same authorization URL as before, please let us know the authorization code you see when you're sent back to your app.
Vincent
Sep 29, 2020, 10:38:17 AM9/29/20
to Pedro Costa, ORCID API Users
Hi Pedro,
I'm not sure exactly what to do in your sandbox testing client, but after I signed in there and got redirected back (code nw1Fa2), and then clicked "Exchange authorization code for tokens", I got this:
POST /token HTTP/1.1 Host: oauth2.googleapis.com Content-length: 192 content-type: application/x-www-form-urlencoded user-agent: google-oauth-playgroundcode=nw1Fa2&redirect_uri=https%3A%2F%2Fdevelopers.google.com%2Foauthplayground&client_id=407408718192.apps.googleusercontent.com&client_secret=************&scope=&grant_type=authorization_code---
HTTP/1.1 400 Bad Request Content-length: 77 X-xss-protection: 0 X-content-type-options: nosniff Transfer-encoding: chunked Vary: Origin, X-Origin, Referer Server: scaffolding on HTTPServer2 -content-encoding: gzip Cache-control: private Date: Tue, 29 Sep 2020 14:34:36 GMT X-frame-options: SAMEORIGIN Alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-type: application/json; charset=utf-8{
"error_description": "Malformed auth code.",
"error": "invalid_grant"
}
If that's normal, otherwise I did end up back at the OAuth 2.0 Playground, so the issue might be on my side.
To view this discussion on the web visit https://groups.google.com/d/msgid/orcid-api-users/14a7c6a1-c048-4733-92f9-06c1065f8c75n%40googlegroups.com.
Pedro Costa
Sep 29, 2020, 11:18:16 AM9/29/20
to ORCID API Users
Hi Vincent,
I should have been more clear on my previous post, sorry. You don't need to do anything with the authorization URL I provided apart from visiting it on your browser. Because this authorization URL is for a client you've never authorized before, you should see the authorize screen, after signing in, where you can either deny or authorize access for the app.
So my understanding is that you were able to sign in during the OAuth session -- could you please confirm that is indeed the case?
Reply all
Reply to author
Forward
0 new messages