support login via Linkedin

README.md

@@ -94,6 +94,7 @@ Earlier writing about Kohana auth:
 + Twitter (OAuth v1.0)
 + Google (OpenID)
 + Yahoo (OpenID)
++ Linkedin (OAuth v1.0)
 
 ### MODULES USED ###
 

classes/kohana/oauth/provider/linkedin.php

@@ -0,0 +1,53 @@
+<?php defined('SYSPATH') or die('No direct script access.');
+/**
+ * OAuth Linkedin Provider
+ *
+ * Documents for implementing Linkedin OAuth can be found at
+ * <https://developer.linkedin.com/documents/quick-start-guide>.
+ *
+ * [!!] This class does not implement the Linkedin API. It is only an
+ * implementation of standard OAuth with Linkedin as the service provider.
+ *
+ * @package    Kohana/OAuth
+ * @category   Provider
+ * @author     Kohana Team
+ * @copyright  (c) 2010 Kohana Team
+ * @license    http://kohanaframework.org/license
+ * @since      3.0.7
+ */
+class Kohana_OAuth_Provider_Linkedin extends OAuth_Provider {
+
+	public $name = 'linkedin';
+
+	protected $signature = 'HMAC-SHA1';
+
+	public function url_request_token()
+	{
+		return 'https://api.linkedin.com/uas/oauth/requestToken';
+	}
+
+	public function url_authorize()
+	{
+		return 'https://api.linkedin.com/uas/oauth/authorize';
+	}
+
+	public function url_access_token()
+	{
+		return 'https://api.linkedin.com/uas/oauth/accessToken';
+	}
+
+	public function request_token(OAuth_Consumer $consumer, array $params = NULL)
+	{
+		if (empty($params))
+		{
+			$params = array();
+		}
+		$config = Kohana::$config->load('oauth.' . $this->name);
+		if ($scope = Arr::get($config, 'scope'))
+		{
+			$params['scope'] = $scope;
+		}
+		return parent::request_token($consumer, $params);
+	}
+
+} // End Kohana_OAuth_Provider_Linkedin

classes/oauth/provider/linkedin.php

@@ -0,0 +1,3 @@
+<?php defined('SYSPATH') or die('No direct script access.');
+
+class OAuth_Provider_Linkedin extends Kohana_OAuth_Provider_Linkedin {  }

classes/provider/linkedin.php

@@ -0,0 +1,3 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class Provider_Linkedin extends Useradmin_Provider_Linkedin { }

classes/useradmin/provider/linkedin.php

@@ -0,0 +1,103 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+class Useradmin_Provider_Linkedin extends Provider_OAuth {
+
+	/**
+	 * Data storage
+	 * @var int
+	 */
+	private $uid = null;
+
+	private $data = null;
+
+	public function __construct()
+	{
+		parent::__construct('linkedin');
+	}
+
+	/**
+	 * Verify the login result and do whatever is needed to access the user data from this provider.
+	 * @return bool
+	 */
+	public function verify()
+	{
+		// create token
+		$request_token = OAuth_Token::factory('request', array(
+			'token' => Session::instance()->get('oauth_token'), 
+			'secret' => Session::instance()->get('oauth_token_secret'),
+		));
+
+		// Store the verifier in the token
+		$verifier = Arr::get($_REQUEST, 'oauth_verifier');
+		if (empty($verifier))
+		{
+			return false;
+		}
+		$request_token->verifier($verifier);
+		// Exchange the request token for an access token
+		$access_token = $this->provider->access_token($this->consumer, $request_token);
+		if ($access_token and $access_token->name === 'access')
+		{
+			$request = OAuth_Request::factory('resource', 'GET', 'https://api.linkedin.com/v1/people/~:(id,first-name,last-name,headline,email-address)?format=json', array(
+				'oauth_consumer_key' => $this->consumer->key, 
+				'oauth_signature_method' => "HMAC-SHA1",
+				'oauth_token' => $access_token->token,
+			));
+
+			// Sign the request using only the consumer, no token is available yet
+			$request->sign(new OAuth_Signature_HMAC_SHA1(), $this->consumer, $access_token);
+			// decode and store data
+			$data = json_decode($request->execute(), true);
+			$this->uid = $data['id'];
+			$this->data = $data;
+			return true;
+		}
+		else
+		{
+			return false;
+		}
+	}
+
+	/**
+	 * Attempt to get the provider user ID.
+	 * @return mixed
+	 */
+	public function user_id()
+	{
+		return $this->uid;
+	}
+
+	/**
+	 * Attempt to get the email from the provider (e.g. for finding an existing account to associate with).
+	 * @return string
+	 */
+	public function email()
+	{
+		if (isset($this->data['emailAddress']))
+		{
+			return $this->data['emailAddress'];
+		}
+		return '';
+	}
+
+	/**
+	 * Get the full name (firstname surname) from the provider.
+	 * @return string
+	 */
+	public function name()
+	{
+		if (isset($this->data['firstName']) && isset($this->data['lastName']))
+		{
+			return $this->data['firstName'] . ' ' . $this->data['lastName'];
+		}
+		else if (isset($this->data['firstName']))
+		{
+			return $this->data['firstName'];
+		}
+		else if (isset($this->data['lastName']))
+		{
+			return $this->data['lastName'];
+		}
+		return '';
+	}
+}

config/useradmin.php

@@ -76,6 +76,17 @@
         * - You must have LightOpenID in /vendors/lightopenid/openid.php (bundled in the repo)
         */
        'yahoo' => true,
+
+       /**
+        * Toggle Linkedin support: if set, users can log in using their Linkedin account.
+        *
+        * Setup:
+        * - You need the extra table from schema.sql for storing 3rd party identifiers
+        * - You must enable the Kohana Core oauth module
+        * - You must register your app with Linkedin and add the information in /config/oauth.php (Kohana-Oauth's config)
+        * - You may want to specify scope in oauth config, available by key 'linkedin.scope'
+        */
+       'linkedin' => true,
     ),
 
     /**