forked from pkp/pkp-lib
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
pkp#10318 Revoke ORCID tokens when deleting authenticated ORCIDs
- Loading branch information
1 parent
8af045a
commit 952507f
Showing
7 changed files
with
167 additions
and
60 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
<?php | ||
|
||
/** | ||
* @file jobs/orcid/RevokeOrcidToken.php | ||
* | ||
* Copyright (c) 2014-2024 Simon Fraser University | ||
* Copyright (c) 2000-2024 John Willinsky | ||
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING. | ||
* | ||
* @class DepositOrcidSubmission | ||
* | ||
* @ingroup jobs | ||
* | ||
* @brief Job to revoke a user's ORCID access token for the application. | ||
*/ | ||
|
||
namespace pkp\jobs\orcid; | ||
|
||
use APP\core\Application; | ||
use GuzzleHttp\Exception\ClientException; | ||
use PKP\context\Context; | ||
use PKP\identity\Identity; | ||
use PKP\jobs\BaseJob; | ||
use PKP\orcid\OrcidManager; | ||
use PKP\user\User; | ||
|
||
class RevokeOrcidToken extends BaseJob | ||
{ | ||
public function __construct( | ||
private readonly Context $context, | ||
private readonly Identity $identity | ||
) { | ||
parent::__construct(); | ||
} | ||
|
||
/** | ||
* @inheritDoc | ||
*/ | ||
public function handle() | ||
{ | ||
$token = $this->identity->getData('orcidAccessToken'); | ||
$httpClient = Application::get()->getHttpClient(); | ||
$headers = ['Accept' => 'application/json']; | ||
|
||
$postData = [ | ||
'token' => $token, | ||
'client_id' => OrcidManager::getClientId($this->context), | ||
'client_secret' => OrcidManager::getClientSecret($this->context) | ||
]; | ||
|
||
try { | ||
$httpClient->request( | ||
'POST', | ||
OrcidManager::getTokenRevocationUrl(), | ||
[ | ||
'headers' => $headers, | ||
'form_params' => $postData, | ||
], | ||
); | ||
|
||
$identityTypeName = $this->identity instanceof User ? 'User' : 'Author'; | ||
OrcidManager::logInfo("Token revoked for {$identityTypeName}, with ID: " . $this->identity->getId()); | ||
} catch (ClientException $exception) { | ||
$this->fail($exception); | ||
$httpStatus = $exception->getCode(); | ||
$error = json_decode($exception->getResponse()->getBody(), true); | ||
OrcidManager::logError("ORCID token revocation failed with status {$httpStatus}. Error: " . $error['error_description']); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters