kelockhart
commented
6 years ago Notes:
- could not replicate with our own ORCID IDs, so user provided their account for testing
- able to replicate locally with the user's login
- ORCID microservice returned a 400 error (duplicate code)
- ORCID logs (on their side) show that the token exchange request is being sent twice, once with a 200 response, once with a 400 (since the one-time use code was being sent a second time)
Solution:
- the main problem is memory usage. The affected user (and other users who reported similar problems) has a large ORCID profile. The microservice, in addition to the request to the ORCID API, also queried and wrote data to postgres. These reads/writes weren't as memory optimized as they could be
- short term solution: increase the RAM for the ORCID microservice and ADSWS. The user's login is now working (note: after the exchange, the user's login was failing on loading either the user preferences or the ORCID library. Increasing the RAM more fixed this subsequent issue as well)
- long term solution: the new ORCID API passes smaller, summary-type profiles, so this problem will be alleviated after switching to the new API. Also, the ORCID microservice needs to be optimized for memory usage
User successfully logs into ORCID, but when being returned to ADS, gets the error "Error getting OAuth code to access ORCID". This holds true no matter the browser being used, or if using private browsing or not.