From 553e048cdf31bf0a02b00730126eb651a20ec1af Mon Sep 17 00:00:00 2001
From: Ding <c_ding@foxmail.com>
Date: Fri, 24 May 2024 22:34:48 +0800
Subject: [PATCH] Add ORCID OAuth provider

---
 example/Main.hs                |  2 ++
 src/Yesod/Auth/OAuth2/ORCID.hs | 50 ++++++++++++++++++++++++++++++++++
 yesod-auth-oauth2.cabal        |  3 +-
 3 files changed, 54 insertions(+), 1 deletion(-)
 create mode 100644 src/Yesod/Auth/OAuth2/ORCID.hs

diff --git a/example/Main.hs b/example/Main.hs
index 9c8d836..562bf31 100644
--- a/example/Main.hs
+++ b/example/Main.hs
@@ -40,6 +40,7 @@ import Yesod.Auth.OAuth2.Spotify
 import Yesod.Auth.OAuth2.Twitch
 import Yesod.Auth.OAuth2.Upcase
 import Yesod.Auth.OAuth2.WordPressDotCom
+import Yesod.Auth.OAuth2.ORCID
 
 data App = App
   { appHttpManager :: Manager
@@ -149,6 +150,7 @@ mkFoundation = do
       , loadPlugin (oauth2Spotify []) "SPOTIFY"
       , loadPlugin oauth2Twitch "TWITCH"
       , loadPlugin oauth2WordPressDotCom "WORDPRESS_DOT_COM"
+      , loadPlugin oauth2ORCID "ORCID"
       , loadPlugin oauth2Upcase "UPCASE"
       ]
 
diff --git a/src/Yesod/Auth/OAuth2/ORCID.hs b/src/Yesod/Auth/OAuth2/ORCID.hs
new file mode 100644
index 0000000..a60f394
--- /dev/null
+++ b/src/Yesod/Auth/OAuth2/ORCID.hs
@@ -0,0 +1,50 @@
+{-# LANGUAGE OverloadedStrings #-}
+
+module Yesod.Auth.OAuth2.ORCID
+  ( oauth2ORCID
+  ) where
+
+import qualified Data.Text as T
+import Yesod.Auth.OAuth2.Prelude
+
+pluginName :: Text
+pluginName = "orcid"
+
+newtype User = User Text
+
+instance FromJSON User where
+  parseJSON = withObject "User" $ \o -> User <$> o .: "sub"
+
+oauth2ORCID
+  :: YesodAuth m
+  => Text
+  -- ^ Client Id
+  -> Text
+  -- ^ Client Secret
+  -> AuthPlugin m
+oauth2ORCID clientId clientSecret =
+  authOAuth2 pluginName oauth2 $ \manager token -> do
+    (User userId, userResponse) <-
+      authGetProfile
+        pluginName
+        manager
+        token
+        "https://orcid.org/oauth/userinfo"
+
+    pure
+      Creds
+        { credsPlugin = pluginName
+        , credsIdent = T.pack $ show userId
+        , credsExtra = setExtra token userResponse
+        }
+ where
+  oauth2 =
+    OAuth2
+      { oauth2ClientId = clientId
+      , oauth2ClientSecret = Just clientSecret
+      , oauth2AuthorizeEndpoint =
+          "https://orcid.org/oauth/authorize"
+            `withQuery` [scopeParam " " ["openid"]]
+      , oauth2TokenEndpoint = "https://orcid.org/oauth/token"
+      , oauth2RedirectUri = Nothing
+      }
diff --git a/yesod-auth-oauth2.cabal b/yesod-auth-oauth2.cabal
index d5c0145..e290011 100644
--- a/yesod-auth-oauth2.cabal
+++ b/yesod-auth-oauth2.cabal
@@ -4,7 +4,7 @@ cabal-version: 1.18
 --
 -- see: https://github.com/sol/hpack
 --
--- hash: a9bf86bc3dabd56dd108a6550bbd114607294b7add72c38d081f7f58085af3e9
+-- hash: e92a1426ba46aee8b456d3b2454bcee06ae044afd5e1bb7b0d50641568b576ac
 
 name:           yesod-auth-oauth2
 version:        0.7.2.0
@@ -54,6 +54,7 @@ library
       Yesod.Auth.OAuth2.GitLab
       Yesod.Auth.OAuth2.Google
       Yesod.Auth.OAuth2.Nylas
+      Yesod.Auth.OAuth2.ORCID
       Yesod.Auth.OAuth2.Prelude
       Yesod.Auth.OAuth2.Random
       Yesod.Auth.OAuth2.Salesforce