These are the instructions for installing an ORCID1 authentication node. We will be using the simple-orcid-auth-node2 developed by the ORCID organization.
Assumptions
- An Ubuntu 16.04 server machine but works on 14.04x with some minor changes.
- A FQDN, let’s say orcid.example.com.
- Server IP is 10.2.2.2 in our case.
- Create an orcid user:
sudo useradd -r -m -d /var/www/html/orcid orcid
. - For Ubuntu 14.04 it is better to use /var/www/orcid instead of /var/www/html/orcid.
- Also use
service servicename restart
on 14.04.x instead ofsystemctl restart service
.
Installing simple-orcid-auth-node
- Install necessary packages (as a privileged user):
$ sudo apt -y install nginx nodejs npm
NOTE: If you are using Ubuntu 14.04.x do not install the node package. This package is completely unrelated with nodejs.__3
-
Download and extract simple-orcid-auth-node (as the orcid user):
sudo su - orcid wget https://github.com/rcpeters/simple-orcid-auth-node/archive/master.tar.gz tar xvzf master.tar.gz
- Install the application:
$ cd simple-orcid-auth-node-master/ $ npm install
- Test run the application (as the orcid user):
$ nodejs client-app.js server started on 8000
Looks OK. Now point your Hit CTRL^C and move on.
NOTE: If you prefer using the legacy
node client-app.js
invocation, you need to install the nodejs-legacy package as well.
Setting ORCID as an autostart service
-
Autostart using systemd4 (Ubuntu 16.04):
- Create the /etc/systemd/system/orcid.service service definition (as the root user):
$ cat > /etc/systemd/system/orcid.service < < EOF [Service] ExecStart=/usr/bin/nodejs /var/www/html/orcid/simple-orcid-auth-node-master/client-app.js WorkingDirectory=/var/www/html/orcid/simple-orcid-auth-node-master Restart=always StandardOutput=syslog StandardError=syslog SyslogIdentifier=orcid User=orcid Group=orcid Environment=NODE_ENV=production [Install] WantedBy=multi-user.target EOF
- Reload systemd and start the service:
$ sudo systemctl daemon-reload $ sudo systemctl start orcid.service
- Verify that the service is started:
$ sudo systemctl status orcid.service ● orcid.service Loaded: loaded (/etc/systemd/system/orcid.service; disabled; vendor preset: enabled) Active: active (running) since Wed 2016-04-27 09:00:16 UTC; 37s ago Main PID: 11141 (nodejs) Tasks: 5 (limit: 512) Memory: 24.1M CPU: 268ms CGroup: /system.slice/orcid.service └─11141 /usr/bin/nodejs /var/www/html/orcid/simple-orcid-auth-node-master/client-app.js Apr 27 09:00:16 orcid systemd[1]: Started orcid.service. Apr 27 09:00:16 orcid orcid[11141]: server started on 8000
- Create the /etc/systemd/system/orcid.service service definition (as the root user):
- Autostart using sysv-init (Ubuntu 14.04.x):
- Prepare a sysv-init startup script or use mine for convinience:
$ cd /etc/init.d $ wget https://raw.githubusercontent.com/theodotos/arena/master/orcid $ chmod +x orcid $ update-rc.d orcid enable $ update-rc.d orcid defaults
Now orcid should be able to autostart after a reboot.
- Prepare a sysv-init startup script or use mine for convinience:
Setting up nginx
-
Prepare this configuration:
$ cat > /etc/nginx/sites-available/orcid < < EOF server { listen 80; listen [::]:80 ipv6only=on; server_name orcid.example.com; access_log /var/log/nginx/orcid.access.log; error_log /var/log/nginx/orcid.error.log; location / { proxy_pass http://localhost:8000/; proxy_set_header Host \$host; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; } } EOF
- Enable the orcid site:
$ cd /etc/nginx/sites-enabled/ $ sudo ln -s /etc/nginx/sites-available/orcid
- Uncomment the following line in /etc/nginx/nginx.conf5:
server_names_hash_bucket_size 64;
- Restart nginx:
$ sudo systemctl restart nginx.service
- Verify nginx with
sudo systemctl status nginx.service
Now you can visit the http://orcid.example.com site and test your setup
Going to production
The default simple-orcid-auth-node is using the sandbox ORCID service which is ideal for testing. This is how the configuration file (helpers/config.js) looks like:
module.exports = config = {
// Config for OAuth2
CLIENT_ID: 'APP-O9TUKAPVLALU1SOJ',
CLIENT_SECRET: '0eafb938-020e-45a6-a148-3c222171d9d8',
AUTHORIZE_URI: 'https://sandbox.orcid.org/oauth/authorize',
TOKEN_EXCHANGE_URI: 'https://api.sandbox.orcid.org/oauth/token',
CODE_CALLBACK_URI: 'http://localhost:8000/authorization-code-callback',
// General server config
PORT: '8000',
SERVER_IP: '127.0.0.1',
}
...
This setup will not work in production. You have to modify the CLIENT_ID and CLIENT_SECRET variables with your own credentials and change the AUTHORIZE_URI and TOKEN_EXCHANGE_URI to point to the production ORCID services:
module.exports = config = {
// Config for OAuth2
CLIENT_ID: 'APP-HSGSHJS335353GSGSG',
CLIENT_SECRET: '56d4eb21-6622-8483-3422-f53f3fs53sfs35f',
AUTHORIZE_URI: 'https://orcid.org/oauth/authorize',
TOKEN_EXCHANGE_URI: 'https://api.orcid.org/oauth/token',
CODE_CALLBACK_URI: 'http://localhost:8000/authorization-code-callback',
// General server config
PORT: '8000',
SERVER_IP: '127.0.0.1',
}
...
Restart nginx and orcid when done:
$ sudo systemctl restart nginx.service orcid.service
References
- https://en.wikipedia.org/wiki/ORCID ↩︎
- https://github.com/ORCID/simple-orcid-auth-node ↩︎
- https://github.com/ORCID/simple-orcid-auth-node/issues/3 ↩︎
- https://www.digitalocean.com/community/tutorials/how-to-deploy-node-js-applications-using-systemd-and-nginx ↩︎
- http://charles.lescampeurs.org/2008/11/14/fix-nginx-increase-server_names_hash_bucket_size</service> ↩︎