Simon Carroll (May 13 2024 at 09:00): Simon Carroll (May 13 2024 at 09:00):Good morning! I am playing with orcid as a auth system (on behalkf on the BSC) with a dataverse but I am getting the following error "Remote system did not return an authorization code.". In the server log I see
"[#|2024-05-13T08:51:00.765+0000|INFO|Payara 6.2023.8|edu.harvard.iq.dataverse.authorization.providers.oauth2.OAuth2LoginBackingBean|_ThreadID=104;_ThreadName=http-thread-pool::jk-connector(3);_TimeMillis=1715590260765;_LevelValue=800;|
OAuth2Exception getting code parameter. HTTP return code: -1. Message: Remote system did not return an authorization code. Message body: |#]
"
I wrote a script (below). to check my credentials and it create an access token
[rocky@dataverse-test ~]$ python3 authTest.py
Credentials are valid. Access token received successfully.
Access Token: bfd9ff28-07f9-4640-a7f6-e3f4e3f68e99
Any idea what could be the issue? Am I missing something fundamental ?
[rocky@dataverse-test ~]$ cat authTest.py
import requests
def check_orcid_credentials(client_id, client_secret, redirect_uri):
# ORCID API endpoint for obtaining OAuth token
token_url = 'https://orcid.org/oauth/token'
# Parameters for the POST request
data = {
'client_id': client_id,
'client_secret': client_secret,
'grant_type': 'client_credentials',
'scope': '/read-public',
'redirect_uri': redirect_uri
}
# Make the HTTP POST request to get the access token
response = requests.post(token_url, data=data)
# Check if the request was successful
if response.status_code == 200:
print("Credentials are valid. Access token received successfully.")
print("Access Token:", response.json().get('access_token'))
else:
print("Failed to validate credentials.")
print("Error:", response.text)
# Replace these variables with your actual client ID, secret, and redirect URI
client_id = 'APP-EXAMPLE'
client_secret = 'SECRET'
redirect_uri = 'https://dataverse-test.bsc.es'
# Call the function with your credentials
check_orcid_credentials(client_id, client_secret, redirect_uri)
Thanks a lot!
Simon Carroll (May 13 2024 at 09:10):I add the output of my authenticationProviders endpoint in case it helps
curl -X GET "localhost:8080/api/admin/authenticationProviders" -H "X-Dataverse-key:***** -***** -***** -***** -***** "
{"status":"OK","data":[{"id":"builtin","factoryAlias":"BuiltinAuthenticationProvider","title":"Dataverse Local","subtitle":"Datavers' Internal Authentication provider","factoryData":"","enabled":true},{"id":"orcid-production","factoryAlias":"oauth2","title":"ORCID","subtitle":"Log in via ORCID","factoryData":"type: orcid | userEndpoint: https://api.orcid.org/v2.0/{ORCID}/person | clientId: APP-***** | clientSecret: ***** -***** -***** -***** -***** | scope: /authenticate","enabled":true}]}
@Johannes D do you have any suggestions?
Philip Durbin ๐ (May 13 2024 at 14:44):@Simon Carroll we have two JSON files to start from for ORCID: https://guides.dataverse.org/en/6.2/installation/oauth2.html.
It seems like you are starting from orcid-member.json. Is your institution an ORCID member? If not, can you try starting from orcid-public.json?
Philip Durbin ๐ (May 13 2024 at 14:44):(I was just reminding myself of the difference by looking at https://github.com/IQSS/dataverse/pull/7025 where the "public" version was added.)
Simon Carroll (May 14 2024 at 08:51):Great thank! That was the issue.
Simon Carroll (May 14 2024 at 08:55):Another question if I may. Is it possible to change the Title of "Orcid Sandbox" here ?
image.png. In this scenario it would be a production dataverse connectiong to the public orcid system (not sandbox). However, it seems maybe with the ansible script this is populated.
Simon Carroll (May 14 2024 at 08:56):curl -X GET "localhost:8080/api/admin/authenticationProviders" -H "X-Dataverse-key:----***"
I am suprised not to see it explictly here:
{"status":"OK","data":[{"id":"builtin","factoryAlias":"BuiltinAuthenticationProvider","title":"Dataverse Local","subtitle":"Datavers' Internal Authentication provider","factoryData":"","enabled":true},{"id":"orcid-production","factoryAlias":"oauth2","title":"ORCID Public","subtitle":"Log in via ORCID","factoryData":"type: orcid | userEndpoint: https://pub.orcid.org/v3.0/{ORCID}/person | clientId: APP-WSQC51RN6SVZ7MWE | clientSecret: ffd70b1b-56e9-4d8c-b342-c4f6d5761317 | scope: /authenticate","enabled":true}]}
Instead of "id":"orcid-production" can you please try "id":"orcid". It has to match exactly: https://github.com/IQSS/dataverse/blob/v6.2/src/main/java/edu/harvard/iq/dataverse/authorization/providers/oauth2/impl/OrcidOAuth2AP.java#L236
Simon Carroll (May 14 2024 at 11:58):opps! Thanks then all solved. Cheers
Simon Carroll (May 14 2024 at 12:15):[#|2024-05-14T12:13:38.617+0000|SEVERE|Payara 6.2023.8|edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.OrcidOAuth2AP|_ThreadID=103;_ThreadName=http-thread-pool::jk-connector(2);_TimeMillis=1715688818617;_LevelValue=1000;|
XML error parsing response body from ORCiD: Attribute name "data-critters-container" associated with an element type "html" must be followed by the ' = ' character.
org.xml.sax.SAXParseException; lineNumber: 2; columnNumber: 50; Attribute name "data-critters-container" associated with an element type "html" must be followed by the ' = ' character.
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
at edu.harvard.iq.dataverse.authorization.providers.oauth2.impl.OrcidOAuth2AP.parseUserResponse(OrcidOAuth2AP.java:117)
everything seems to go well with the (sandbox) auth
Simon Carroll (May 14 2024 at 12:18):
Philip Durbin ๐ (May 14 2024 at 12:49):Sorry, I'm not following. New problem?
Simon Carroll (May 14 2024 at 13:00):yes sorry! the previous two resolved. I have 2 enviroments. One in which dataverse works perfectly with the orcid public api and another with the sandbox API in which I receive the above error after logging in.
Simon Carroll (May 14 2024 at 13:03):The second (failing) enviroment is using dataverse 6.1. It previously worked with the public API and is just failing with the sandbox. I wonder if some remnant of using the previous auth system is the cause. The error seems at quite a low level.
Simon Carroll (May 14 2024 at 13:04): Simon Carroll (May 14 2024 at 13:04):I add a much larger strack trace
Philip Durbin ๐ (May 14 2024 at 15:45):XML error parsing response body from ORCiD: Attribute name "data-critters-container" associated with an element type "html" must be followed by the ' = ' character
Philip Durbin ๐ (May 14 2024 at 15:45):I'm not sure. You might need to ask ORCID about this. :thinking:
Last updated: Oct 30 2025 at 06:21 UTC