From 5ecac7ecf6a7ea53f26695b5d8ea1faf70ad8382 Mon Sep 17 00:00:00 2001
From: Alexis <isalexis.design@gmail.com>
Date: Fri, 15 May 2026 12:23:36 +0200
Subject: [PATCH] feat: implement ORCID API client and update gitignore to
 exclude environment files

---
 .gitignore                           |  7 +++++
 backend/app/services/orcid_client.py | 46 ++++++++++++++++------------
 2 files changed, 33 insertions(+), 20 deletions(-)

diff --git a/.gitignore b/.gitignore
index fe9544d..b101697 100644
--- a/.gitignore
+++ b/.gitignore
@@ -44,6 +44,13 @@ docker-data/
 postgres_data/
 redis_data/
 
+# --- ENVIRONMENT VARIABLES ---
+# Secret files shouldn't be committed
+.env
+.env.*
+!.env.example
+!.env.template
+
 # --- OS / EDITOR ---
 .DS_Store
 Thumbs.db
diff --git a/backend/app/services/orcid_client.py b/backend/app/services/orcid_client.py
index c143aeb..e98f176 100644
--- a/backend/app/services/orcid_client.py
+++ b/backend/app/services/orcid_client.py
@@ -1,18 +1,28 @@
-import os
 import urllib.parse
-from pathlib import Path
 from typing import Any, Optional
 
-from dotenv import load_dotenv
 import httpx
 
-TOKEN_URL_SANDBOX = "https://sandbox.orcid.org/oauth/token"
-AUTHORIZATION_URL_SANDBOX = "https://sandbox.orcid.org/oauth/authorize"
-BASE_URL_SANDBOX = "https://pub.sandbox.orcid.org/v3.0"
+from app.core.config import settings
+
+ORCID_ENDPOINTS = {
+    "sandbox": {
+        "token_url": "https://sandbox.orcid.org/oauth/token",
+        "authorization_url": "https://sandbox.orcid.org/oauth/authorize",
+        "api_base_url": "https://pub.sandbox.orcid.org/v3.0",
+    },
+    "production": {
+        "token_url": "https://orcid.org/oauth/token",
+        "authorization_url": "https://orcid.org/oauth/authorize",
+        "api_base_url": "https://pub.orcid.org/v3.0",
+    },
+}
+
+
+def _orcid_endpoints() -> dict[str, str]:
+    key = "production" if settings.is_production else "sandbox"
+    return ORCID_ENDPOINTS[key]
 
-# Si en algún momento pasas a producción, cambiarías a:
-# TOKEN_URL_PROD = "https://orcid.org/oauth/token"
-# BASE_URL_PROD = "https://pub.orcid.org/v3.0"
 
 # ---------------------------------------------------------
 # Clase de cliente de ORCID
@@ -23,17 +33,13 @@ class ORCIDClient:
     # Función auxiliar: inicializar el cliente de ORCID
     # ---------------------------------------------------------
     def __init__(self):
-        # Asegura que al ejecutar `uvicorn` local también se carga `backend/.env`.
-        # (En docker `ORCID_REDIRECT_URI` y secretos llegan por env_file, así que esto no molesta.)
-        _env_path = Path(__file__).resolve().parents[2] / ".env"
-        load_dotenv(dotenv_path=_env_path, override=False)
-
-        self.client_id = os.getenv("ORCID_CLIENT_ID")
-        self.client_secret = os.getenv("ORCID_CLIENT_SECRET")
+        endpoints = _orcid_endpoints()
+        self.client_id = settings.ORCID_CLIENT_ID
+        self.client_secret = settings.ORCID_CLIENT_SECRET
         self._token_cache: Optional[str] = None
-        self.token_url = TOKEN_URL_SANDBOX
-        self.authorization_url = AUTHORIZATION_URL_SANDBOX
-        self.base_url = BASE_URL_SANDBOX
+        self.token_url = endpoints["token_url"]
+        self.authorization_url = endpoints["authorization_url"]
+        self.base_url = endpoints["api_base_url"]
 
     # ---------------------------------------------------------
     # 1. Obtener token público
@@ -204,4 +210,4 @@ def get_display_name(orcid_id: str) -> str | None:
         record = get_record(orcid_id)
     except Exception:
         return None
-    return extract_display_name(record)
+    return extract_display_name(record)
\ No newline at end of file