From e0e2c18c23647c36e54241bc78b3f8dd7fe4c953 Mon Sep 17 00:00:00 2001
From: matkaczmarek <mat_kaczmarek@outlook.com>
Date: Tue, 14 Jan 2025 12:59:11 +0100
Subject: [PATCH] Cast `ORCID_LOGIN_ENABLED` env variable to bool and enhance
 error logging for ORCID.

[T-CAIREM 1243]
---
 physionet-django/physionet/settings/base.py | 2 +-
 physionet-django/user/validators.py         | 2 +-
 physionet-django/user/views.py              | 3 ++-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/physionet-django/physionet/settings/base.py b/physionet-django/physionet/settings/base.py
index 17d2e9666..76d6f872f 100644
--- a/physionet-django/physionet/settings/base.py
+++ b/physionet-django/physionet/settings/base.py
@@ -44,7 +44,7 @@
 ORCID_CLIENT_ID = config('ORCID_CLIENT_ID', default=False)
 ORCID_CLIENT_SECRET = config('ORCID_CLIENT_SECRET', default=False)
 ORCID_SCOPE = config('ORCID_SCOPE', default=False)
-ORCID_LOGIN_ENABLED = config('ORCID_LOGIN_ENABLED', default=False)
+ORCID_LOGIN_ENABLED = config('ORCID_LOGIN_ENABLED', default=False, cast=bool)
 ORCID_OPEN_ID_JWKS_URL = config('ORCID_OPEN_ID_JWKS_URL', default="https://sandbox.orcid.org/oauth/jwks")
 ORCID_LOGIN_BUTTON_TEXT = config('ORCID_LOGIN_BUTTON_TEXT', default="Log in using ORCID iD")
 
diff --git a/physionet-django/user/validators.py b/physionet-django/user/validators.py
index edc19c2a4..a09b9d864 100644
--- a/physionet-django/user/validators.py
+++ b/physionet-django/user/validators.py
@@ -238,7 +238,7 @@ def validate_orcid_id_token(token):
 
     rsa_key = public_keys[headers['kid']]
     if rsa_key is None:
-        raise ValidationError('ORCID id_token is invalid.')
+        raise ValidationError('ORCID public RSA key is None.')
 
     try:
         jwt.decode(
diff --git a/physionet-django/user/views.py b/physionet-django/user/views.py
index bdcc09b3f..0cd757e74 100644
--- a/physionet-django/user/views.py
+++ b/physionet-django/user/views.py
@@ -566,7 +566,8 @@ def _fetch_and_validate_token(request, code, oauth_session):
                 validators.validate_orcid_id_token(token['id_token'])
 
             return True, token
-        except ValidationError:
+        except ValidationError as e:
+            logger.error(f'Validation Error: ORCID token validation failed. Error message: {e.message}')
             messages.error(request, 'Validation Error: ORCID token validation failed.')
     except InvalidGrantError:
         messages.error(