search

DEKHTIARJonathan / python3-linkedin

Python3 interface to the LinkedIn API
https://dekhtiarjonathan.github.io/python3-linkedin/
MIT License
84 stars 36 forks source link

Authentication issue / not clear in the README.md #5

Closed aurelg closed 7 years ago

aurelg commented 7 years ago

I'm following the README.md to get authentication working.

I created an application on the LinkedIn Developer Console. I then exported two environment variables LINKEDIN_API_KEY LINKEDIN_API_SECRET, set to Client ID and Client Secret, respectively. When running http_api.py and opening my browser to http://localhost:8080, I was thrown away by LinkedIn with the following error : GET /code?error=invalid_scope&error_description=Your+application+has+not+been+authorized+for+the+scope+%22r_fullprofile%22. Inspired by a comment regarding another issue I managed to 'solve' the issue by changing the following in http_api.py: 

--- a/examples/http_api.py
+++ b/examples/http_api.py
@@ -24,7 +24,7 @@ class LinkedInWrapper(object):
     API_KEY = environ.get('LINKEDIN_API_KEY')
     API_SECRET = environ.get('LINKEDIN_API_SECRET')
     RETURN_URL = 'http://localhost:{0}/code'.format(globals()['PORT'])
-    authentication = LinkedInAuthentication(API_KEY, API_SECRET, RETURN_URL, PERMISSIONS
+    authentication = LinkedInAuthentication(API_KEY, API_SECRET, RETURN_URL,permissions=
     application = LinkedInApplication(authentication)

I can then access my own account with my browser, e.g. with http://localhost:8080/get_profile. So far so good. From there, 3 questions:

1/ I hope blindly changing the permission in http_api.py have no side effects?

2/ WRT OAuth 1a: I guess CONSUMER_KEY and CONSUMER_SECRET refer to LINKEDIN_API_KEY/Client ID and LINKEDIN_API_SECRET/Client secret, respectively, am I right? Then, where am I supposed to find USER_TOKEN and USER_SECRET?

3/ WRT OAuth 2: I don't need it yet, but can't help noticing another terminology - do APPLICATON_KEY/ APPLICATON_SECRET (typo, btw) also correspond to LINKEDIN_API_KEY/Client ID and LINKEDIN_API_SECRET/Client secret?

I'll be glad to help with the documentation once I get it working.

DEKHTIARJonathan commented 7 years ago

The reason is that the authorization "r_fullprofile" is only allowed under specific authorization by LinkedIn. You need to specify the authorization you want according to the ones you have granted to your application.

May I ask you where did you find this file ? I can't manage to find this ... It seems to very very old versions of the project ...

Btw. everything is working fine with the latest version of the http_server.py

Can you check that you actually use this file: https://github.com/DEKHTIARJonathan/python3-linkedin/blob/master/examples/http_api.py

Package Version: 1.0.2

I'm 90% sure you use a version of the file that was fixed in the commit 99cd0c8 on Sept 21 2017

Here is the result I obtain after getting the auth_code.

image

aurelg commented 7 years ago

My mistake, I was in the examples directory of ozgur's python-linkedin. OAuth2 is now working as expected, but the README nevertheless needs a refresh :)

DEKHTIARJonathan commented 7 years ago

@aurelg feel free to help, it's hard for me to see the lacks as I know pretty well the library. Feel free to improve it and send a PR