diff --git a/.env.example b/.env.example index ff68c2b89..dc64a9e7a 100755 --- a/.env.example +++ b/.env.example @@ -82,4 +82,8 @@ DISCORD_NOTIFICATIONS_WEBHOOK_URL= # for sending nodes cover cid to media servers # must match value in nodes-media/.env -MEDIA_SECRET_KEY=supersecret \ No newline at end of file +MEDIA_SECRET_KEY=supersecret + +ORCID_API_DOMAIN=https://api.sandbox.orcid.org +ORCID_CLIENT_ID= +ORCID_CLIENT_SECRET= \ No newline at end of file diff --git a/.github/workflows/build-server.yaml b/.github/workflows/build-server.yaml index 3684c076e..52ccfec22 100644 --- a/.github/workflows/build-server.yaml +++ b/.github/workflows/build-server.yaml @@ -195,6 +195,7 @@ jobs: - name: Verify EKS Deployment (DEV) if: github.ref == 'refs/heads/develop' run: | + kubectl apply -f desci-server/kubernetes/deployment_dev.yaml kubectl rollout status deployment/desci-server-dev - name: Verify EKS Deployment (DEMO) @@ -205,4 +206,5 @@ jobs: - name: Verify EKS Deployment (PROD) if: github.ref == 'refs/heads/main' run: | + kubectl apply -f desci-server/kubernetes/deployment.yaml kubectl rollout status deployment/desci-server diff --git a/desci-server/kubernetes/deployment.yaml b/desci-server/kubernetes/deployment.yaml index c8281bb37..df8fd12d0 100755 --- a/desci-server/kubernetes/deployment.yaml +++ b/desci-server/kubernetes/deployment.yaml @@ -5,8 +5,8 @@ metadata: labels: App: DesciServer spec: - replicas: 16 - revisionHistoryLimit: 2 + replicas: 12 + revisionHistoryLimit: 8 selector: matchLabels: App: DesciServer @@ -39,6 +39,7 @@ spec: export JWT_SECRET={{ .Data.JWT_SECRET }} export JWT_EXPIRATION=15m export SESSION_KEY={{ .Data.SESSION_KEY }} + export ORCID_API_DOMAIN={{ .Data.ORCID_API_DOMAIN }} export ORCID_CLIENT_ID={{ .Data.ORCID_CLIENT_ID }} export ORCID_CLIENT_SECRET={{ .Data.ORCID_CLIENT_SECRET }} export ARWEAVE_ENABLED=0 diff --git a/desci-server/kubernetes/deployment_dev.yaml b/desci-server/kubernetes/deployment_dev.yaml index 1108167ec..8d87ff790 100644 --- a/desci-server/kubernetes/deployment_dev.yaml +++ b/desci-server/kubernetes/deployment_dev.yaml @@ -6,7 +6,7 @@ metadata: App: DesciServerDev spec: replicas: 6 - revisionHistoryLimit: 2 + revisionHistoryLimit: 8 selector: matchLabels: App: DesciServerDev @@ -39,6 +39,7 @@ spec: export JWT_SECRET={{ .Data.JWT_SECRET }} export JWT_EXPIRATION=15m export SESSION_KEY={{ .Data.SESSION_KEY }} + export ORCID_API_DOMAIN={{ .Data.ORCID_API_DOMAIN }} export ORCID_CLIENT_ID={{ .Data.ORCID_CLIENT_ID }} export ORCID_CLIENT_SECRET={{ .Data.ORCID_CLIENT_SECRET }} export ARWEAVE_ENABLED=0 diff --git a/desci-server/src/controllers/auth/orcid.ts b/desci-server/src/controllers/auth/orcid.ts index 834b935be..686c893c5 100755 --- a/desci-server/src/controllers/auth/orcid.ts +++ b/desci-server/src/controllers/auth/orcid.ts @@ -29,7 +29,7 @@ export const orcidAuthClose = async (req: Request, res: Response) => { export const validateOrcid = async (req: Request, res: Response) => { // console.log('TOK', req.query.token); try { - const url = `https://pub.sandbox.orcid.org/v3.0/${req.query.orcid}/record`; + const url = `https://api.${process.env.ORCID_API_DOMAIN}/v3.0/${req.query.orcid}/record`; const { data } = await axios.get(url, { headers: { Authorization: `Bearer ${req.query.token}`, 'Content-Type': 'application/json', Accept: '*/*' }, }); @@ -57,9 +57,12 @@ export interface OrcIdRecordData { }; } export const getOrcidRecord = async (orcid: string, accessToken: string): Promise => { + /** + * this will fail if the orcid doesn't match the accessToken + */ const config: AxiosRequestConfig = { method: 'get', - url: `https://pub.sandbox.orcid.org/v3.0/${orcid}/record`, + url: `https://api.${process.env.ORCID_API_DOMAIN}/v3.0/${orcid}/record`, headers: { 'Content-Type': 'application/json', Accept: 'application/json', @@ -88,7 +91,7 @@ const getAllOrcData = async ({ queryCode, redirectUri }: { queryCode: string; re access_token: string; refresh_token: string; expires_in: number; - }>('https://sandbox.orcid.org/oauth/token', data, { + }>(`https://${process.env.ORCID_API_DOMAIN}/oauth/token`, data, { headers: { 'Content-Type': 'application/x-www-form-urlencoded', },