Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

orcidToken of authors may be visible to Journal managers. #271

Open
withanage opened this issue Jul 28, 2023 · 0 comments
Open

orcidToken of authors may be visible to Journal managers. #271

withanage opened this issue Jul 28, 2023 · 0 comments

Comments

@withanage
Copy link
Member

Describe the bug
A journal manager can see the access tokens for already authenticated orcid authors in the developer window of a browser

To Reproduce
Steps to reproduce the behavior:

  1. Authenticate a co-author using orcid authentication
  2. Open the developer view of your browser.
  3. Publish the article
  4. In the publish API , you will see the orcidTokens

Expected behavior

  1. OrcidTokens should not be visible via the API
withanage added a commit to withanage/orcidProfile that referenced this issue Jul 28, 2023
@withanage
pkp#271 Remove the orcidTokens, previously rendered in publishing API
365a035
@withanage withanage mentioned this issue Jul 28, 2023
Merged
withanage added a commit that referenced this issue Jul 30, 2023
@withanage
Merge pull request #272 from withanage/stable-3_3_0
b2ba9d6 
#271 Remove the orcidToken previously rendered in publishing API
withanage added a commit to withanage/orcidProfile that referenced this issue Jul 30, 2023
@withanage
pkp#271 Remove the orcidTokens, previously rendered in publishing API
1e35435
withanage added a commit to withanage/orcidProfile that referenced this issue Jul 30, 2023
@withanage
pkp#271 Remove the orcidTokens, previously rendered in publishing API
7ea3eac
@withanage withanage mentioned this issue Jul 30, 2023
Open
withanage added a commit to withanage/orcidProfile that referenced this issue Jul 30, 2023
@withanage
pkp#271 Remove the orcidTokens, previously rendered in publishing API
b3e92c2
@withanage withanage mentioned this issue Jul 30, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@withanage