Merge branch 'Development' of gitlab.eudat.eu:dmp/OpenAIRE-EUDAT-DMP-service-pilot into Development

dmp-backend/web/src/main/java/eu/eudat/controllers/Login.java

@@ -10,6 +10,9 @@ import eu.eudat.logic.security.validators.b2access.helpers.B2AccessResponseToken
 import eu.eudat.logic.security.validators.linkedin.LinkedInTokenValidator;
 import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInRequest;
 import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInResponseToken;
+import eu.eudat.logic.security.validators.openaire.OpenAIRETokenValidator;
+import eu.eudat.logic.security.validators.openaire.helpers.OpenAIRERequest;
+import eu.eudat.logic.security.validators.openaire.helpers.OpenAIREResponseToken;
 import eu.eudat.logic.security.validators.orcid.ORCIDTokenValidator;
 import eu.eudat.logic.security.validators.orcid.helpers.ORCIDRequest;
 import eu.eudat.logic.security.validators.orcid.helpers.ORCIDResponseToken;
@@ -41,6 +44,7 @@ public class Login {
     private B2AccessTokenValidator b2AccessTokenValidator;
     private ORCIDTokenValidator orcidTokenValidator;
     private LinkedInTokenValidator linkedInTokenValidator;
+    private OpenAIRETokenValidator openAIRETokenValidator;
 
     private Logger logger;
 
@@ -48,13 +52,14 @@ public class Login {
     @Autowired
     public Login(CustomAuthenticationProvider customAuthenticationProvider, AuthenticationService nonVerifiedUserAuthenticationService,
                  TwitterTokenValidator twitterTokenValidator, LinkedInTokenValidator linkedInTokenValidator, B2AccessTokenValidator b2AccessTokenValidator,
-                 ORCIDTokenValidator orcidTokenValidator, UserManager userManager, Logger logger) {
+                 ORCIDTokenValidator orcidTokenValidator, OpenAIRETokenValidator openAIRETokenValidator, UserManager userManager, Logger logger) {
         this.customAuthenticationProvider = customAuthenticationProvider;
         this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
         this.twitterTokenValidator = twitterTokenValidator;
         this.linkedInTokenValidator = linkedInTokenValidator;
         this.b2AccessTokenValidator = b2AccessTokenValidator;
         this.orcidTokenValidator = orcidTokenValidator;
+        this.openAIRETokenValidator = openAIRETokenValidator;
         this.logger = logger;
         this.userManager = userManager;
     }
@@ -99,6 +104,12 @@ public class Login {
         return ResponseEntity.status(HttpStatus.OK).body(new ResponseItem<ORCIDResponseToken>().payload(this.orcidTokenValidator.getAccessToken(orcidRequest)).status(ApiMessageCode.NO_MESSAGE));
     }
 
+    @RequestMapping(method = RequestMethod.POST, value = {"/openAireRequestToken"}, produces = "application/json", consumes = "application/json")
+    public @ResponseBody
+    ResponseEntity<ResponseItem<OpenAIREResponseToken>> openAIRERequestToken(@RequestBody OpenAIRERequest openAIRERequest) {
+        return ResponseEntity.status(HttpStatus.OK).body(new ResponseItem<OpenAIREResponseToken>().payload(this.openAIRETokenValidator.getAccessToken(openAIRERequest)).status(ApiMessageCode.NO_MESSAGE));
+    }
+
     @RequestMapping(method = RequestMethod.POST, value = {"/me"}, consumes = "application/json", produces = "application/json")
     public @ResponseBody
     ResponseEntity<ResponseItem<Principal>> authMe(Principal principal) throws NullEmailException {

dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/OpenAIRE/OpenAIRECustomProvider.java

@@ -0,0 +1,10 @@
+package eu.eudat.logic.security.customproviders.OpenAIRE;
+
+import eu.eudat.logic.security.validators.openaire.helpers.OpenAIREResponseToken;
+
+public interface OpenAIRECustomProvider {
+
+	OpenAIREResponseToken getAccessToken(String code, String redirectUri, String clientId, String clientSecret);
+
+	OpenAIREUser getUser(String accessToken);
+}

dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/OpenAIRE/OpenAIRECustomProviderImpl.java

@@ -0,0 +1,63 @@
+package eu.eudat.logic.security.customproviders.OpenAIRE;
+
+import eu.eudat.logic.security.validators.openaire.helpers.OpenAIREResponseToken;
+import eu.eudat.logic.services.operations.authentication.AuthenticationService;
+import org.springframework.core.env.Environment;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.client.RestTemplate;
+
+import java.util.Map;
+
+@Component("openAIRECustomProvider")
+public class OpenAIRECustomProviderImpl implements OpenAIRECustomProvider {
+
+	private Environment environment;
+
+	public OpenAIRECustomProviderImpl(Environment environment) {
+		this.environment = environment;
+	}
+
+	public OpenAIREUser getUser(String accessToken) {
+		RestTemplate restTemplate = new RestTemplate();
+		HttpHeaders headers = this.createBearerAuthHeaders(accessToken);
+		HttpEntity<String> entity = new HttpEntity<>(headers);
+
+		Map<String, Object> values = restTemplate.exchange(this.environment.getProperty("openaire.login.userinfo_endpoint"), HttpMethod.GET, entity, Map.class).getBody();
+		return new OpenAIREUser().getOpenAIREUser(values);
+	}
+
+	public OpenAIREResponseToken getAccessToken(String code, String redirectUri, String clientId, String clientSecret) {
+		RestTemplate template = new RestTemplate();
+		HttpHeaders headers = new HttpHeaders();
+		headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+
+		MultiValueMap<String, String> map = new LinkedMultiValueMap<String, String>();
+
+		map.add("grant_type", "authorization_code");
+		map.add("code", code);
+		map.add("redirect_uri", redirectUri);
+		map.add("client_id", clientId);
+		map.add("client_secret", clientSecret);
+		HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<MultiValueMap<String, String>>(map, headers);
+
+		Map<String, Object> values = template.postForObject(this.environment.getProperty("openaire.login.access_token_url"), request, Map.class);
+		OpenAIREResponseToken openAIREResponseToken = new OpenAIREResponseToken();
+		openAIREResponseToken.setAccessToken((String) values.get("access_token"));
+		openAIREResponseToken.setExpiresIn((Integer) values.get("expires_in"));
+
+		return openAIREResponseToken;
+	}
+
+	private HttpHeaders createBearerAuthHeaders(String accessToken) {
+		return new HttpHeaders() {{
+			String authHeader = "Bearer " + new String(accessToken);
+			set("Authorization", authHeader);
+		}};
+	}
+}

dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/OpenAIRE/OpenAIREUser.java

@@ -0,0 +1,37 @@
+package eu.eudat.logic.security.customproviders.OpenAIRE;
+
+import java.util.Map;
+
+public class OpenAIREUser {
+	private String id;
+	private String name;
+	private String email;
+
+	public String getId() {
+		return id;
+	}
+	public void setId(String id) {
+		this.id = id;
+	}
+
+	public String getName() {
+		return name;
+	}
+	public void setName(String name) {
+		this.name = name;
+	}
+
+	public String getEmail() {
+		return email;
+	}
+	public void setEmail(String email) {
+		this.email = email;
+	}
+
+	public OpenAIREUser getOpenAIREUser(Object data) {
+		this.id = (String) ((Map) data).get("sub");
+		this.name = (String) ((Map) data).get("name");
+		this.email = (String) ((Map) data).get("email");
+		return this;
+	}
+}

dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/TokenValidatorFactoryImpl.java

@@ -2,12 +2,13 @@ package eu.eudat.logic.security.validators;
 
 import eu.eudat.logic.security.customproviders.B2Access.B2AccessCustomProvider;
 import eu.eudat.logic.security.customproviders.LinkedIn.LinkedInCustomProvider;
-import eu.eudat.logic.security.customproviders.LinkedIn.LinkedInCustomProviderImpl;
 import eu.eudat.logic.security.customproviders.ORCID.ORCIDCustomProvider;
+import eu.eudat.logic.security.customproviders.OpenAIRE.OpenAIRECustomProvider;
 import eu.eudat.logic.security.validators.b2access.B2AccessTokenValidator;
 import eu.eudat.logic.security.validators.facebook.FacebookTokenValidator;
 import eu.eudat.logic.security.validators.google.GoogleTokenValidator;
 import eu.eudat.logic.security.validators.linkedin.LinkedInTokenValidator;
+import eu.eudat.logic.security.validators.openaire.OpenAIRETokenValidator;
 import eu.eudat.logic.security.validators.orcid.ORCIDTokenValidator;
 import eu.eudat.logic.security.validators.twitter.TwitterTokenValidator;
 import eu.eudat.logic.services.ApiContext;
@@ -20,7 +21,7 @@ import org.springframework.stereotype.Service;
 @Service("tokenValidatorFactory")
 public class TokenValidatorFactoryImpl implements TokenValidatorFactory {
     public enum LoginProvider {
-        GOOGLE(1), FACEBOOK(2), TWITTER(3), LINKEDIN(4), NATIVELOGIN(5), B2_ACCESS(6), ORCID(7);
+        GOOGLE(1), FACEBOOK(2), TWITTER(3), LINKEDIN(4), NATIVELOGIN(5), B2_ACCESS(6), ORCID(7), OPENAIRE(8);
 
         private int value;
 
@@ -48,6 +49,8 @@ public class TokenValidatorFactoryImpl implements TokenValidatorFactory {
                     return B2_ACCESS;
                 case 7:
                     return ORCID;
+                case 8:
+                    return OPENAIRE;
                 default:
                     throw new RuntimeException("Unsupported LoginProvider");
             }
@@ -60,18 +63,20 @@ public class TokenValidatorFactoryImpl implements TokenValidatorFactory {
     private B2AccessCustomProvider b2AccessCustomProvider;
     private ORCIDCustomProvider orcidCustomProvider;
     private LinkedInCustomProvider linkedInCustomProvider;
+    private OpenAIRECustomProvider openAIRECustomProvider;
 
     @Autowired
     public TokenValidatorFactoryImpl(
             ApiContext apiContext, Environment environment,
             AuthenticationService nonVerifiedUserAuthenticationService, B2AccessCustomProvider b2AccessCustomProvider,
-            ORCIDCustomProvider orcidCustomProvider, LinkedInCustomProvider linkedInCustomProvider) {
+            ORCIDCustomProvider orcidCustomProvider, LinkedInCustomProvider linkedInCustomProvider, OpenAIRECustomProvider openAIRECustomProvider) {
         this.apiContext = apiContext;
         this.environment = environment;
         this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
         this.b2AccessCustomProvider = b2AccessCustomProvider;
         this.orcidCustomProvider = orcidCustomProvider;
         this.linkedInCustomProvider = linkedInCustomProvider;
+        this.openAIRECustomProvider = openAIRECustomProvider;
     }
 
     public TokenValidator getProvider(LoginProvider provider) {
@@ -88,6 +93,8 @@ public class TokenValidatorFactoryImpl implements TokenValidatorFactory {
                 return new B2AccessTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, this.b2AccessCustomProvider);
             case ORCID:
                 return new ORCIDTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, this.orcidCustomProvider);
+            case OPENAIRE:
+                return new OpenAIRETokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, this.openAIRECustomProvider);
             default:
                 throw new RuntimeException("Login Provider Not Implemented");
         }

dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/openaire/OpenAIRETokenValidator.java

@@ -0,0 +1,52 @@
+package eu.eudat.logic.security.validators.openaire;
+
+import eu.eudat.exceptions.security.NonValidTokenException;
+import eu.eudat.exceptions.security.NullEmailException;
+import eu.eudat.logic.security.customproviders.OpenAIRE.OpenAIRECustomProvider;
+import eu.eudat.logic.security.customproviders.OpenAIRE.OpenAIREUser;
+import eu.eudat.logic.security.validators.TokenValidator;
+import eu.eudat.logic.security.validators.openaire.helpers.OpenAIRERequest;
+import eu.eudat.logic.security.validators.openaire.helpers.OpenAIREResponseToken;
+import eu.eudat.logic.services.operations.authentication.AuthenticationService;
+import eu.eudat.models.data.login.LoginInfo;
+import eu.eudat.models.data.loginprovider.LoginProviderUser;
+import eu.eudat.models.data.security.Principal;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+
+@Component("openAIRETokenValidator")
+public class OpenAIRETokenValidator implements TokenValidator {
+
+	private Environment environment;
+	private AuthenticationService nonVerifiedUserAuthenticationService;
+	private OpenAIRECustomProvider openAIRECustomProvider;
+
+	public OpenAIRETokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService, OpenAIRECustomProvider openAIRECustomProvider) {
+		this.environment = environment;
+		this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
+		this.openAIRECustomProvider = openAIRECustomProvider;
+	}
+
+	public OpenAIREResponseToken getAccessToken(OpenAIRERequest openAIRERequest) {
+		return this.openAIRECustomProvider.getAccessToken(
+				openAIRERequest.getCode(), this.environment.getProperty("openaire.login.redirect_uri"),
+				this.environment.getProperty("openaire.login.client_id"), this.environment.getProperty("openaire.login.client_secret")
+		);
+	}
+
+	@Override
+	public Principal validateToken(LoginInfo credentials) throws NonValidTokenException, IOException, GeneralSecurityException, NullEmailException {
+		OpenAIREUser openAIREUser = this.openAIRECustomProvider.getUser(credentials.getTicket());
+		LoginProviderUser user = new LoginProviderUser();
+		user.setId(openAIREUser.getId());
+		user.setEmail(openAIREUser.getEmail());
+		user.setName(openAIREUser.getName());
+		user.setProvider(credentials.getProvider());
+		user.setSecret(credentials.getTicket());
+
+		return this.nonVerifiedUserAuthenticationService.Touch(user);
+	}
+}

dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/openaire/helpers/OpenAIRERequest.java

@@ -0,0 +1,12 @@
+package eu.eudat.logic.security.validators.openaire.helpers;
+
+public class OpenAIRERequest {
+	private String code;
+
+	public String getCode() {
+		return code;
+	}
+	public void setCode(String code) {
+		this.code = code;
+	}
+}

dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/openaire/helpers/OpenAIREResponseToken.java

@@ -0,0 +1,20 @@
+package eu.eudat.logic.security.validators.openaire.helpers;
+
+public class OpenAIREResponseToken {
+	private String accessToken;
+	private Integer expiresIn;
+
+	public String getAccessToken() {
+		return accessToken;
+	}
+	public void setAccessToken(String accessToken) {
+		this.accessToken = accessToken;
+	}
+
+	public Integer getExpiresIn() {
+		return expiresIn;
+	}
+	public void setExpiresIn(Integer expiresIn) {
+		this.expiresIn = expiresIn;
+	}
+}

dmp-backend/web/src/main/resources/application-devel.properties

@@ -52,6 +52,13 @@ orcid.login.client_secret=f6ddc717-f49e-4bce-b302-2e479b226a24
 orcid.login.access_token_url=https://orcid.org/oauth/token
 orcid.login.redirect_uri=http://localhost:4200/login/external/orcid
 
+#############OPENAIRE CONFIGURATIONS#########
+openaire.login.client_id=
+openaire.login.client_secret=
+openaire.login.access_token_url=
+openaire.login.redirect_uri=
+openaire.login.userinfo_endpoint=
+
 #############CONFIRMATION EMAIL CONFIGURATIONS#########
 conf_email.expiration_time_seconds=14400
 conf_email.subject=OpenDMP email confirmation

dmp-backend/web/src/main/resources/application-production.properties

@@ -68,6 +68,13 @@ orcid.login.client_secret=
 orcid.login.access_token_url=https://orcid.org/oauth/token
 orcid.login.redirect_uri=https://opendmp.eu/login/external/orcid
 
+#############OPENAIRE CONFIGURATIONS#########
+openaire.login.client_id=
+openaire.login.client_secret=
+openaire.login.access_token_url=
+openaire.login.redirect_uri=
+openaire.login.userinfo_endpoint=
+
 #############SPRING DATASOURCE CONFIGURATIONS#########
 spring.datasource.maxIdle: 10
 spring.datasource.max-active: 70

dmp-backend/web/src/main/resources/application-staging.properties

@@ -74,6 +74,13 @@ orcid.login.client_secret=
 orcid.login.access_token_url=https://orcid.org/oauth/token
 orcid.login.redirect_uri=https://opendmp.eu/login/external/orcid
 
+#############OPENAIRE CONFIGURATIONS#########
+openaire.login.client_id=
+openaire.login.client_secret=
+openaire.login.access_token_url=
+openaire.login.redirect_uri=
+openaire.login.userinfo_endpoint=
+
 #############ZENODO CONFIGURATIONS#########
 zenodo.url=https://sandbox.zenodo.org/api/
 zenodo.access_token=

dmp-frontend/src/app/core/common/enum/auth-provider.ts

@@ -5,5 +5,6 @@ export enum AuthProvider {
 	LinkedIn = 4,
 	//NativeLogin=5,
 	B2Access = 6,
-	ORCID = 7
+	ORCID = 7,
+	OpenAire = 8
 }

dmp-frontend/src/app/ui/auth/login/login.component.html

@@ -28,6 +28,10 @@
 						<span class="orcidIconMedium"></span>
 						<!-- <span></span> -->
 					</button>
+					<button *ngIf="hasOpenAireOauth()" class="openaire-button" mat-icon-button (click)="openaireLogin()" class="login-social-button">
+						<span class="openaireIcon"></span>
+						<!-- <span></span> -->
+					</button>
 				</div>
 			</div>
 		</div>

dmp-frontend/src/app/ui/auth/login/login.component.scss

@@ -191,6 +191,16 @@ span.orcidIconMedium {
   margin-right: 2em;
 }
 
+span.openaireIcon {
+  background: url(img/openaire_small.png) no-repeat;
+  background-position: center;
+  float: right;
+  width: 100px;
+  height: 56px;
+  margin-left: 2em;
+  margin-right: 2em;
+}
+
 .b2access-button {
   margin-top: 10px;
   width: fit-content;
@@ -201,6 +211,11 @@ span.orcidIconMedium {
   width: fit-content;
 }
 
+.openaire-button {
+  margin-top: 10px;
+  width: fit-content;
+}
+
 .login-logo {
   background: url(img/open-dmp.png) no-repeat;
   width: 273px;

dmp-frontend/src/app/ui/auth/login/login.component.ts

@@ -58,6 +58,10 @@ export class LoginComponent extends BaseComponent implements OnInit, AfterViewIn
 		this.router.navigate(['/login/external/orcid']);
 	}
 
+	public openaireLogin() {
+		this.router.navigate(['/login/openaire']);
+	}
+
 	public hasFacebookOauth(): boolean {
 		return this.hasProvider(AuthProvider.Facebook);
 	}
@@ -82,6 +86,10 @@ export class LoginComponent extends BaseComponent implements OnInit, AfterViewIn
 		return this.hasProvider(AuthProvider.ORCID);
 	}
 
+	public hasOpenAireOauth(): boolean {
+		return this.hasProvider(AuthProvider.OpenAire);
+	}
+
 	public initProviders() {
 		if (this.hasProvider(AuthProvider.Google)) { this.initializeGoogleOauth(); }
 		if (this.hasProvider(AuthProvider.Facebook)) { this.initializeFacebookOauth(); }
@@ -102,6 +110,7 @@ export class LoginComponent extends BaseComponent implements OnInit, AfterViewIn
 			case AuthProvider.Twitter: return this.hasAllRequiredFieldsConfigured(environment.loginProviders.twitterConfiguration);
 			case AuthProvider.B2Access: return this.hasAllRequiredFieldsConfigured(environment.loginProviders.b2accessConfiguration);
 			case AuthProvider.ORCID: return this.hasAllRequiredFieldsConfigured(environment.loginProviders.orcidConfiguration);
+			case AuthProvider.OpenAire: return this.hasAllRequiredFieldsConfigured(environment.loginProviders.openAireConfiguration);
 			default: throw new Error('Unsupported Provider Type');
 		}
 	}

dmp-frontend/src/app/ui/auth/login/login.module.ts

@@ -9,6 +9,7 @@ import { LoginService } from './utilities/login.service';
 import { B2AccessLoginComponent } from './b2access/b2access-login.component';
 import { OrcidLoginComponent } from './orcid-login/orcid-login.component';
 import { EmailConfirmation } from './email-confirmation/email-confirmation.component';
+import { OpenAireLoginComponent } from "./openaire-login/openaire-login.component";
 
 @NgModule({
 	imports: [
@@ -22,7 +23,8 @@ import { EmailConfirmation } from './email-confirmation/email-confirmation.compo
 		TwitterLoginComponent,
 		B2AccessLoginComponent,
 		OrcidLoginComponent,
-		EmailConfirmation
+		EmailConfirmation,
+		OpenAireLoginComponent
 	],
 	providers: [LoginService]
 })

dmp-frontend/src/app/ui/auth/login/login.routing.ts

@@ -6,6 +6,7 @@ import { LinkedInLoginComponent } from './linkedin-login/linkedin-login.componen
 import { LoginComponent } from './login.component';
 import { OrcidLoginComponent } from './orcid-login/orcid-login.component';
 import { TwitterLoginComponent } from './twitter-login/twitter-login.component';
+import { OpenAireLoginComponent } from "./openaire-login/openaire-login.component";
 
 const routes: Routes = [
 	{ path: '', component: LoginComponent },
@@ -14,7 +15,8 @@ const routes: Routes = [
 	{ path: 'external/orcid', component: OrcidLoginComponent },
 	{ path: 'external/b2access', component: B2AccessLoginComponent },
 	{ path: 'confirmation/:token', component: EmailConfirmation },
-	{ path: 'confirmation', component: EmailConfirmation }
+	{ path: 'confirmation', component: EmailConfirmation },
+	{ path: 'openaire', component: OpenAireLoginComponent}
 ];
 
 @NgModule({

dmp-frontend/src/app/ui/auth/login/openaire-login/openaire-login.component.ts

@@ -0,0 +1,61 @@
+import { Component, OnInit } from "@angular/core";
+import { BaseComponent } from "../../../../core/common/base/base.component";
+import { ActivatedRoute, Router, Params } from "@angular/router";
+import { LoginService } from "../utilities/login.service";
+import { AuthService } from "../../../../core/services/auth/auth.service";
+import { HttpClient } from "@angular/common/http";
+import { takeUntil } from "rxjs/operators";
+import { environment } from "../../../../../environments/environment";
+import { AuthProvider } from "../../../../core/common/enum/auth-provider";
+
+@Component({
+	selector: 'app-openaire-login',
+	templateUrl: './openaire-login.component.html',
+})
+export class OpenAireLoginComponent extends BaseComponent implements OnInit {
+	private returnUrl: string;
+
+	constructor(
+		private route: ActivatedRoute,
+		private loginService: LoginService,
+		private authService: AuthService,
+		private router: Router,
+		private httpClient: HttpClient
+	) {
+		super();
+	}
+
+	ngOnInit(): void {
+		this.route.queryParams
+			.pipe(takeUntil(this._destroyed))
+			.subscribe((params: Params) => {
+				const returnUrlFromParams = params['returnUrl'];
+				if (returnUrlFromParams) { this.returnUrl = returnUrlFromParams; }
+				if (!params['code']) { this.openaireAuthorize(); } else { this.openaireLoginUser(params['code'], params['state']) }
+			})
+	}
+
+	public openaireAuthorize() {
+		window.location.href = environment.loginProviders.openAireConfiguration.oauthUrl
+			+ '?response_type=code&client_id=' + environment.loginProviders.openAireConfiguration.clientId
+			+ '&redirect_uri=' + environment.loginProviders.openAireConfiguration.redirectUri
+			+ '&state=' + environment.loginProviders.openAireConfiguration.state
+			+ '&scope=openid profile email';
+	}
+
+	public openaireLoginUser(code: string, state: string) {
+		if (state !== environment.loginProviders.openAireConfiguration.state) {
+			this.router.navigate(['/login'])
+		}
+		this.httpClient.post(environment.Server + 'auth/openAireRequestToken', { code: code, provider: AuthProvider.OpenAire })
+			.pipe(takeUntil(this._destroyed))
+			.subscribe((data: any) => {
+				this.authService.login({ ticket: data.payload.accessToken, provider: AuthProvider.OpenAire, data: null })
+					.pipe(takeUntil(this._destroyed))
+					.subscribe(
+						res => this.loginService.onLogInSuccess(res, this.returnUrl),
+						error => this.loginService.onLogInError(error)
+					);
+			});
+	}
+}

dmp-frontend/src/environments/environment.ts

@@ -8,7 +8,7 @@ export const environment = {
 	},
 	defaultCulture: 'en-US',
 	loginProviders: {
-		enabled: [1, 2, 3, 4, 5, 6, 7],
+		enabled: [1, 2, 3, 4, 5, 6, 7, 8],
 		facebookConfiguration: { clientId: '' },
 		googleConfiguration: { clientId: '' },
 		linkedInConfiguration: {
@@ -31,6 +31,12 @@ export const environment = {
 			clientId: 'APP-766DI5LP8T75FC4R',
 			oauthUrl: 'https://orcid.org/oauth/authorize',
 			redirectUri: 'http://localhost:4200/login/external/orcid'
+		},
+		openAireConfiguration: {
+			clientId: '',
+			oauthUrl: '',
+			redirectUri: '',
+			state: '987654321'
 		}
 	},
 	logging: {