diff --git a/orcid-core/src/main/java/org/orcid/core/togglz/Features.java b/orcid-core/src/main/java/org/orcid/core/togglz/Features.java
index dcd3089ca90..e3ba4aa60c6 100644
--- a/orcid-core/src/main/java/org/orcid/core/togglz/Features.java
+++ b/orcid-core/src/main/java/org/orcid/core/togglz/Features.java
@@ -5,6 +5,8 @@
import org.togglz.core.context.FeatureContext;
public enum Features implements Feature {
+ @Label("Redirect PUT token actions from *.pub.orcid.org to *.orcid.org")
+ REDIRECT_PUT_TOKEN_ENDPOINT,
@Label("Stop sending notification if work has not been updated")
STOP_SENDING_NOTIFICATION_WORK_NOT_UPDATED,
diff --git a/orcid-pub-web/src/main/java/org/orcid/api/filters/PutAuthTokenActionFilter.java b/orcid-pub-web/src/main/java/org/orcid/api/filters/PutAuthTokenActionFilter.java
new file mode 100644
index 00000000000..d783c93e774
--- /dev/null
+++ b/orcid-pub-web/src/main/java/org/orcid/api/filters/PutAuthTokenActionFilter.java
@@ -0,0 +1,53 @@
+package org.orcid.api.filters;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import javax.ws.rs.core.Context;
+import javax.ws.rs.ext.Provider;
+
+import org.orcid.core.togglz.Features;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import org.springframework.beans.factory.annotation.Value;
+
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import liquibase.repackaged.org.apache.commons.lang3.StringUtils;
+
+@Provider
+@Component
+public class PutAuthTokenActionFilter extends OncePerRequestFilter {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(PutAuthTokenActionFilter.class);
+
+ private static final String OAUTH_TOKEN_PATH = "/oauth/token";
+
+ @Context
+ private HttpServletRequest httpServletRequest;
+
+ @Value("${org.orcid.papi.http.redirect.code:307}")
+ private int httpRedirectCode;
+
+ @Value("${org.orcid.core.baseUri}")
+ private String rootLocation;
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+ if (Features.REDIRECT_PUT_TOKEN_ENDPOINT.isActive() && request.getRequestURI().contains(OAUTH_TOKEN_PATH)) {
+ response.setStatus(httpRedirectCode);
+ response.setHeader("Location", rootLocation);
+ LOGGER.debug("Redirecting PUT token request to root");
+ }
+ else {
+ filterChain.doFilter(request, response);
+ }
+ }
+}
diff --git a/orcid-pub-web/src/main/resources/orcid-t1-web-context.xml b/orcid-pub-web/src/main/resources/orcid-t1-web-context.xml
index b45c74d57ef..60a2db946f8 100644
--- a/orcid-pub-web/src/main/resources/orcid-t1-web-context.xml
+++ b/orcid-pub-web/src/main/resources/orcid-t1-web-context.xml
@@ -20,6 +20,8 @@
+
+
diff --git a/orcid-pub-web/src/main/webapp/WEB-INF/web.xml b/orcid-pub-web/src/main/webapp/WEB-INF/web.xml
index dfadff12aa9..1688d337a90 100644
--- a/orcid-pub-web/src/main/webapp/WEB-INF/web.xml
+++ b/orcid-pub-web/src/main/webapp/WEB-INF/web.xml
@@ -57,6 +57,16 @@
sanitizeAuthenticationFilter
*
+
+
+ putAuthTokenActionFilter
+ org.springframework.web.filter.DelegatingFilterProxy
+
+
+
+ putAuthTokenActionFilter
+ /oauth/token
+
jsonpCallbackFilter