Added ORCID Oauth route

README.md

@@ -21,3 +21,34 @@ ORCID middleware to enable our researchers to designate GW as a trusted partner
  `export ORCIDFLASK_SETTINGS=/path/to/config.py`
 6. `flask run --host=0.0.0.0` (to listen on all public IP addresses) \
 To specify a port: `flask run --host=0.0.0.0 --port=8080`
+   - Alternately, to test with SSO, you'll need to list on port 443. To use gunicorn and nginx, do the following:
+      1. Create SSL key and cert (either self-signed or using a certificate authority)
+      2. Install gunicorn: `pip install gunicorn`
+      3. Install nginx: `sudo apt-get install nginx`
+      4. Remove the defaul SSL configuration: 
+         ```cd /etc/nginx/sites-enabled`
+            sudo rm default
+            ```
+      5. Create a new nginx configuration to proxy to the Flask as follows:
+         ```
+            server {
+                listen 80;
+                listen [::]:80;
+                server_name gworcid-dev.wrlc.org;
+                return 302 https://$server_name$request_uri;
+            }
+            server {
+                listen 443 ssl;
+                listen [::]:443 ssl;
+                ssl_certificate /etc/ssl/certs/server.crt;
+                ssl_certificate_key /etc/ssl/private/server.key;
+                location / {
+                    proxy_set_header X-Real-IP $remote_addr;
+                    proxy_set_header HOST $http_host;
+                    proxy_pass http://127.0.0.1:8080;
+                    proxy_redirect off;
+                 }
+            }
+        ```
+        6. From the command line, run `gunicorn -b 127.0.0.1:8080 orcidflask:app`
+

orcid_utils.py

@@ -1,5 +1,5 @@
-from flask import current_app
-
+from flask import current_app, url_for
+    
 def prepare_token_payload(code: str):
     '''
     :param code: the code returned from ORCID after the user authorizes our application.

orcidflask/templates/orcid_success.html

@@ -0,0 +1,8 @@
+<html>
+    <body>
+        <p>User ID: {{ saml_id }}</p>
+        {% for key, value in orcid_auth.items() %}
+            <p> {{key}}: {{value}}</p>
+        {% endfor %}
+    </body>
+</html>

orcidflask/views.py

@@ -1,6 +1,7 @@
 from flask import request, url_for, redirect, session, render_template
 from orcidflask import app
 from saml_utils import *
+from orcid_utils import *
 from onelogin.saml2.utils import OneLogin_Saml2_Utils
 import requests
 from requests.exceptions import HTTPError
@@ -20,7 +21,8 @@ def index():
 
     # Initiating the SSO process
     if 'sso' in request.args:
-        return redirect(auth.login())
+        # Redirect to ORCID login upon successful SSO
+        return redirect(auth.login(return_to=url_for('orcid_login')))
     # Initiating the SLO process
     elif 'slo' in request.args:
         metadata = get_metadata_from_session(session)
@@ -133,8 +135,7 @@ def orcid_redirect():
         # TO DO: handle HTTP errors
         raise
     orcid_auth = response.json()
-    print(orcid_auth)
-    # TO DO: Retrieve SAML identifier from session object
+    # Get the user's ID from the SSO process
+    saml_id = session.get('samlNameId')
     # TO DO: Save to data store
-    # TO DO: return success template
-    return "Successfully authorized!"
+    return render_template('orcid_success.html', saml_id=saml_id, orcid_auth=orcid_auth)