UBO-289 Surround 'MCRORCIDSessionUtils.getCurrentUser()' with try/cat…

…ch (#341)

* UBO-289 Surround 'MCRORCIDSessionUtils.getCurrentUser()' with try/catch

* UBO-289 Only allow ORCID authentication when user is not a transient user

* UBO-289 Added info text for transient users

* UBO-289 Added xml:lang attribute to <article/>

ubo-common/src/main/java/org/mycore/ubo/orcid/DozBibORCIDUserServlet.java

@@ -1,9 +1,5 @@
 package org.mycore.ubo.orcid;
 
-import java.io.IOException;
-import java.util.Set;
-import java.util.SortedSet;
-
 import jakarta.servlet.http.HttpServletResponse;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
@@ -19,6 +15,10 @@
 import org.mycore.user2.MCRUserAttribute;
 import org.mycore.user2.MCRUserManager;
 
+import java.io.IOException;
+import java.util.Set;
+import java.util.SortedSet;
+
 /**
  * Servlet removes all orcid access tokens of the current user. If you want to remove a single access token for
  * a given orcid please see {@link org.mycore.orcid2.rest.resources.MCRORCIDResource#revoke(String)} )}
@@ -41,9 +41,16 @@ protected void doGetPost(MCRServletJob job) throws Exception {
             return;
         }
 
-        MCRORCIDUser orcidUser = MCRORCIDSessionUtils.getCurrentUser();
-        Set<String> orcidIdentifiers = orcidUser.getORCIDs();
+        MCRORCIDUser orcidUser;
+        try {
+            orcidUser = MCRORCIDSessionUtils.getCurrentUser();
+        }catch(Exception e){
+            LOGGER.error("Could not get orcid user for user {}", MCRUserManager.getCurrentUser(), e);
+            redirectToProfile(job);
+            return;
+        }
 
+        Set<String> orcidIdentifiers = orcidUser.getORCIDs();
         if (orcidIdentifiers.isEmpty()) {
             redirectToProfile(job);
             return;

ubo-common/src/main/java/org/mycore/ubo/orcid/DozBibORCIDUtils.java

@@ -1,11 +1,8 @@
 package org.mycore.ubo.orcid;
 
-import java.util.Map;
-import java.util.Set;
-import java.util.concurrent.atomic.AtomicInteger;
-
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.mycore.common.MCRSessionMgr;
 import org.mycore.common.xml.MCRXMLFunctions;
 import org.mycore.orcid2.client.MCRORCIDCredential;
 import org.mycore.orcid2.client.MCRORCIDUserClient;
@@ -14,8 +11,14 @@
 import org.mycore.orcid2.user.MCRORCIDUser;
 import org.mycore.orcid2.v3.client.MCRORCIDClientHelper;
 import org.mycore.orcid2.v3.client.MCRORCIDSectionImpl;
+import org.mycore.user2.MCRTransientUser;
+import org.mycore.user2.MCRUserManager;
 import org.orcid.jaxb.model.v3.release.record.summary.Works;
 
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.atomic.AtomicInteger;
+
 public class DozBibORCIDUtils {
 
     protected static final Logger LOGGER = LogManager.getLogger(DozBibORCIDUtils.class);
@@ -26,7 +29,15 @@ public class DozBibORCIDUtils {
      * @return the total number of publications
      * */
     public static int getNumWorks() {
-        MCRORCIDUser orcidUser = MCRORCIDSessionUtils.getCurrentUser();
+        MCRORCIDUser orcidUser;
+        try {
+            orcidUser = MCRORCIDSessionUtils.getCurrentUser();
+        } catch (Exception ex) {
+            LOGGER.error("Could not get numWorks for user {}",
+                MCRSessionMgr.getCurrentSession().getUserInformation().getUserID(), ex);
+            return 0;
+        }
+
         Set<String> orcidIdentifiers = orcidUser.getORCIDs();
 
         AtomicInteger numWorks = new AtomicInteger(0);
@@ -57,7 +68,15 @@ public static int getNumWorks() {
      * @return the number of publications for the given orcid
      * */
     public static int getNumWorks(String orcid) {
-        MCRORCIDUser orcidUser = MCRORCIDSessionUtils.getCurrentUser();
+        MCRORCIDUser orcidUser;
+        try {
+            orcidUser = MCRORCIDSessionUtils.getCurrentUser();
+        } catch (Exception ex) {
+            LOGGER.error("Could not get numWorks for orcid {} of user {}", orcid,
+                MCRSessionMgr.getCurrentSession().getUserInformation().getUserID(), ex);
+            return 0;
+        }
+
         MCRORCIDCredential credentialByORCID = orcidUser.getCredentialByORCID(orcid);
 
         MCRORCIDUserClient client = MCRORCIDClientHelper.getClientFactory().createUserClient(orcid, credentialByORCID);
@@ -74,22 +93,38 @@ public static int getNumWorks(String orcid) {
     }
 
     public static String getFirstOrcidByCurrentUser() {
-        MCRORCIDUser orcidUser = MCRORCIDSessionUtils.getCurrentUser();
+        MCRORCIDUser orcidUser;
+        try {
+            orcidUser = MCRORCIDSessionUtils.getCurrentUser();
+        } catch (Exception ex) {
+            String uid = MCRSessionMgr.getCurrentSession().getUserInformation().getUserID();
+            LOGGER.error("Could not get first orcid for user {}", uid, ex);
+            return "";
+        }
         return orcidUser.getORCIDs().isEmpty() ? "" : orcidUser.getORCIDs().iterator().next();
     }
 
     public static boolean weAreTrustedParty() {
-        if (MCRXMLFunctions.isCurrentUserGuestUser()) {
+        if (MCRXMLFunctions.isCurrentUserGuestUser() || DozBibORCIDUtils.isCurrentUserTransient()) {
+            return false;
+        }
+        Map<String, MCRORCIDCredential> credentials;
+        try {
+            MCRORCIDUser orcidUser = MCRORCIDSessionUtils.getCurrentUser();
+            credentials = orcidUser.getCredentials();
+        } catch (Exception e) {
+            LOGGER.error("Could not determine if ubo instance is a trusted party", e);
             return false;
         }
-
-        MCRORCIDUser orcidUser = MCRORCIDSessionUtils.getCurrentUser();
-        Map<String, MCRORCIDCredential> credentials = orcidUser.getCredentials();
 
         return !credentials.isEmpty();
     }
 
     public static boolean isConnected(String orcid) {
         return MCRORCIDSessionUtils.getCurrentUser().getCredentialByORCID(orcid) != null;
     }
+
+    public static boolean isCurrentUserTransient() {
+        return MCRUserManager.getCurrentUser() instanceof MCRTransientUser;
+    }
 }

ubo-common/src/main/resources/config/ubo-common/messages_de.properties

@@ -1068,6 +1068,7 @@ ubo.newest                                      = Neueste Publikationen
 ubo.note                                        = Notiz
 ubo.numPublicationsTotal                        = Derzeit sind {0} Publikationen verzeichnet.
 ubo.oa                                          = Open Access?
+ubo.orcid.require.publication                   = Wenn Sie Ihren Nutzeraccount mit ORCID\u00AE verkn\u00FCpfen m\u00F6chten, hinterlegen Sie bitte mindestens eine Publikation und verkn\u00FCpfen Sie diese mit Ihrem Nutzeraccount \u00FCber die Personenauswahl.
 ubo.pages                                       = Seiten
 ubo.pages.abbreviated.multiple                  = S.
 ubo.pages.abbreviated.single                    = S.