New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update strategy to work with new "Sign in with Linkedin" feature #63
Conversation
This only allows "r_liteprofile" scope when authenticating, in the official documentation you linked you can see that you can still ask the r_basicprofile permission when authenticating. Also I think that the repository is unmanaged, you may wish to Fork it instead of doing pull request |
Hi @YuriScarbaci, If I am not mistaken From docs
Lastly, please note that this PR comes from a forked repo. |
in the same docs you shared you have another link pointing to the 0Auth2 flow , if you further crawl such page by clicking on the link
Permissions and from there you go to Member Authorization you will find yourself in a page stating suchs:
which in itself implies multiples
in the given example of the parameter description you can see Furthermore, the quote you sent me states:
but r_liteprofile in this case is just "the minimum scope" to achieve the "minimum" fields, I'm currently investigating this because I need to migrate from 0Auth1 to 0Auth2 and still be able to take some fields not included in By any means if you find something else that I missed out that states that sign-in with linkedin won't allow |
@YuriScarbaci that was my initial understanding too. Then we had a call with Linkedin and we were informed that most of the scopes will be deprecated. Afterwards, an email from the Linkedin dev platform followed stating:
Lastly, please have a look at:
|
I totally missed out that document, tought the migration was between 0Auth1 and 0Auth2, with 0Auth2 having 2 possible versions, both valid (v1 and v2)... I see, so from now on "sign in with linkedin" can only be used to get those lite profile fields... Since this repository is long abandoned it would be (in my opinion) a good idea to create a new package based on your last fork, to add to the npm registry, to allow installation of your code via If you choose to release an official npm package with your PR I will without doubt be one of your user/contribuitor. Thanks a lot for your effort and time! |
In particular I think the "refreshToken" mechanics needs to be overhauled since passport actually expect a refreshToken but linkedIn only emits refresh token for special partners, that's why having an official npm package would be neat... |
@YuriScarbaci My plan is to release an NPM package next week unless Auth0 is willing to merge the changes in this one. |
Perfect, Once again thanks for your effort and time! |
Last question, do you plan to support requesting the additional |
Hmmm, I will try to add that too. |
@@ -7,141 +7,109 @@ function Strategy(options, verify) { | |||
options = options || {}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should we move it in arguments as options={}, verify=false
?
return memo; | ||
}, []); | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
var profilePicture = _.defaults(json.profilePicture, {'displayImage~': { elements:[]});
if (profilePicture.elements.length> 0){
profilePicture.elements.reduce(...)
}
Any news on this? |
looks like Linkedin is trying to force us upgrade to v2 api by raise error randomly. Our user random got "failed to fetch user profile" error. like this one #65 |
@SokratisVidros did you manage to release that NPM package? under which license will that be, MIT? |
I will try to have it ready by tomorrow. I apologise for the delay, but the past week was hectic. |
@SokratisVidros that would be awesome! Thank you. |
@SokratisVidros Thank you a lot :) |
389c0f4
to
9e1da8d
Compare
9e1da8d
to
21c7afd
Compare
Squashed commit of the following: commit 397c0c0 Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Wed Jan 23 01:03:46 2019 +0200 2.0.2 commit f52d878 Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Wed Jan 23 01:03:35 2019 +0200 Fix typo in README.md commit 4edb71f Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Wed Jan 23 01:03:10 2019 +0200 Align latest profile.photos structure with previous versions commit e0ff695 Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Wed Jan 16 12:11:30 2019 +0200 2.0.1 commit 3e6e6fb Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Wed Jan 16 12:11:22 2019 +0200 Update README.md commit ee6c9eb Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Wed Jan 16 12:10:50 2019 +0200 Fix typo regarding scopes in unit tests commit 21c7afd Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Thu Dec 27 13:39:28 2018 +0200 2.0.0 commit 9beb887 Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Wed Jan 16 11:25:19 2019 +0200 Update package name and description commit b65d03c Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Thu Dec 27 13:31:52 2018 +0200 Update README.md commit e4c2aee Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Thu Dec 27 13:29:25 2018 +0200 Bump dev dependencies and update package.json contributors commit f2853dd Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Thu Dec 27 13:27:26 2018 +0200 Update library to work with new Sign in with Linkedin More info at https://docs.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin?context=linkedin/consumer/context?trk=eml_mktg_gco_dev_api_comms commit 190bcd5 Author: Sokratis Vidros <sokratis.vidros@gmail.com> Date: Thu Dec 27 11:40:25 2018 +0200 Teach example server to read Linkedin client credentials from env
@klouvas when are you planning to merge and release this? The LinkedIn deadline is approaching... |
@satyavh The package is already published separately https://www.npmjs.com/package/@sokratis/passport-linkedin-oauth2 |
} | ||
|
||
profile._profileRaw = body; | ||
profile._profileJson = json; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
was wondering: why this breaking change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In order to conform with the Linkedin OAuth API, two separate requests need to be executed in order to retrieve the user profile and then the email.
Having code consistency in mind as well as taking into account the JS convention that says that keys starting with _
are considered private, I kept both API raw and JSON responses under the following structure:
profile._profileRaw = body;
profile._profileJson = json;
profile._emailRaw = body;
profile._emailJson = json;
Hope that helps.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but passport already saved those under profile._raw
and profile._json
As I'm using profile._json
to get more data I had a bug when switching to your fork. That's how and why I'm calling it breaking. But it's fine as long as it is documented :)
When a client has requested the `r_emailaddress` scope from LinkedIn, then we do one more request. Instead of firing the requests sequentially we should make both of them at the same time and merge them upon their responses. These requests take aprox. 1 minute when run sequentially, so half a minute when they're run in parallel
Parallelize profile requests
@SokratisVidros Thanks for doing this! We're upgrading to your library now. Do you plan on continuing to maintain it over time? @YuriScarbaci You said:
If this repository is abandoned, it is not clear in the README at all. Out of curiosity, how do you know it's abandoned? It doesn't look like you're a committer / contributor. If it is truly abandoned, who would be the right person to update the README to indicate what the official recommendation is for people who are currently relying on the repository? If it is not, then are there any plans to merge in this PR at some point? Thanks! |
@javidjamae yes |
I don't think this issue has been fixed yet? Using the main package - passport-linkedin-oauth2 , I get an error - "failed to fetch user profile", referenced above. Using this package - https://www.npmjs.com/package/@sokratis/passport-linkedin-oauth2 , with the fix, it seems to work? |
ULP-502: LinkedIn API v2 (based on #63)
Just an educated guess due to the library not being updated in the last 7 month even when major changes in the consumed linkedin api were about to break the whole library itself... |
First of all, apologies for the delay in answering.
|
Any news ? |
@siacomuzzi |
@RusinovAnton I just tried with the example app provided in the repository and everything works as expected. Please make sure you have added the following products in your Linkedin app: |
@MathRobin, latest version ( |
I did switch my production succesfully to this version and everything works as expected the only thing that would be nice to clarify at this point is if we should use @SokratisVidros version or @siacomuzzi (both are working) based on if @siacomuzzi plans on keeping mantaining this package... or maybe merge both packages and make sokratis a project mantainer too? it's getting confusing to keep track of this module and most tutorial on internet points to this npm package too... |
I do have those added, moreover, I have my acc connected to a company page. I just missed that set of permissions do not allow me to get "r_basicprofile", so thats error on my side. Requests for available permissions works just fine. |
I'd be happy to merge both implementations into the original library. |
@sebadoom @glena could you please answer these questions? I'm not the maintainer anymore. |
There are no plans to merge any forks into this repository. If the fork provides any functionality that is not provided by this repository, users are encouraged to use those forks, or, alternatively, provide a PR with the missing functionality with passing tests and based on master. Closing, LinkedIn API v2 supported by latest release. |
@sebadoom I appreciate that you guys updated this package to support LinkedIn API v2. Seeing that you guys were only able to make this update many months after the v1 was no longer supported suggests that you don't have much time to do timely updates to this library. Can you at least consider making @SokratisVidros a committer as it seems that he's interested and has the time / knowledge to make timely updates? I think it would be greatly appreciated by the many consumers of this library. |
Following recent updates regarding new "Sign in with Linkedin" feature, I've updated the corresponding passport-linkedin-oauth2 library.
For more information please refer to the official documentation