search

bytespider / jsOAuth

JavaScript implimentation of the OAuth protocol. Currently supports version 1.0 (RFC5849) of the specification. Node.js & CommonJS compatible.
http://bytespider.github.com/jsOAuth/
MIT License
556 stars 108 forks source link

jsOAuth and LinkedIn #31

Closed ghost closed 12 years ago

ghost commented 12 years ago

I am unable to get a oauth_verifier with the most current version of the jsOAuth (1.3.1) library running in a phonegap + jquerymobile app.

Both twitter and facebook integration runs fine. Is LinkedIn supported?

Sample code:

auth.get('https://api.linkedin.com/uas/oauth/requestToken', function(data) { requestParams = data.text; console.log("Log: requestParams: " + data.text); window.plugins.childBrowser.showWebPage('https://api.linkedin.com/uas/oauth/authorize?'+data.text, { showLocationBar : locbar }); }, function(data) { alert('Error : No Authorization'); console.log("Log: 2 Error " + data); } );

I am redirected to the login screen I grant access to the application I am redirected to the callback url with the oauth verifier and the oauth token.

Then I go for the accessToken

oauth.get('https://api.linkedin.com/uas/oauth/accessToken?'+verifier+"&"+requestParams, function(data) { alert("Data"+data); request2Params = data.text; console.log("Log: requestParams: " + data.text); //window.plugins.childBrowser.showWebPage('https://api.linkedin.com/uas/oauth/accessToken?'+newParams, // { showLocationBar : true }); }, function(data) { alert('Error : No Authorization'); console.log("Log: 2 Error " + data.text); } );

I get:

OAuth realm="https%3A%2F%2Fapi.linkedin.com", oauth_problem="signature_invalid", oauth_problem_advice="com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException%20while%20obtaining%20request%20token%20for%20%3APOST%26https%253A%252F%252Fapi.linkedin.com%252Fuas%252Foauth%252FaccessToken%26oauth_callback%253Dhttp%25253A%25252F%25252Ftouch.www.linkedin.com%2526oauth_callback_confirmed%253Dtrue%2526oauth_consumer_key%253Dwvu23ru1wf5m%2526oauth_expires_in%253D599%2526oauth_nonce%253D682A40664D2E2043%2526oauth_signature_method%253DHMAC-SHA1%2526oauth_timestamp%253D1328751364%2526oauth_token%253Dcb516958-8206-46e7-a7c8-dfcdab220208%2526oauth_token_secret%253D134fd45d-fab2-47b3-a777-9e1fa9d9e338%2526oauth_verifier%253D68185%2526oauth_version%253D1.0%2526xoauth_request_auth_url%253Dhttps%2525253A%2525252F%2525252Fapi.linkedin.com%2525252Fuas%2525252Foauth%2525252Fauthorize%0AOAU%3Awvu23ru1wf5m%7Ccb516958-8206-46e7-a7c8-dfcdab220208%7C%2A01%7C%2A01%3A1328751364%3A%2FJNZPy%2F9tR0Ym4314pWdGDJbV2U%3D"

bytespider commented 12 years ago

I assume you are reading the documentation provided by LinkedIn?

It looks as though you are using get, where the LinkedIn API is expecting a POST. Also its highly likely you'll need to setVerifier so that jsOAuth can include it in the hash.

ghost commented 12 years ago

Sorry about that, posted the wrong code. I am using POST.

And according to this: http://www.slideshare.net/episod/linkedin-oauth-zero-to-hero, after authorization of my app, I would be sent to my URL as specified in the oauth_callback. I should receive the oauth_token and oauth_token_secret and the oauth_verifier but I do not see this in the onLocation callback function (please see last line below)

I am not using oob so from what I understand I should not set the verifier with setVerifier

For the acessToken set how do I know all of these are set? I get most are handled by the library? oauth_consumer_key oauth_nonce oauth_signature_method oauth_timestamp oauth_token oauth_verifier oauth_version

Code

              var options = { 
                        consumerKey: 'XXXXXXXXXXXX', // REPLACE WITH YOUR CONSUMER_KEY
                        consumerSecret: 'XXXXXXXXXXXXX', // REPLACE WITH YOUR CONSUMER_SECRET
                        callbackUrl: 'http://callback-url.com' }; // YOUR URL 

                 oauth = OAuth(options);
        oauth.post('https://api.linkedin.com/uas/oauth/requestToken', null,
            function(data) {

                requestParams = data.text;
                console.log('requestParams: (request) ' + requestParams);
                authUrl = 'https://api.linkedin.com/uas/oauth/authorize?oauth_token='+returnParamValue('oauth_token', requestParams);
                console.log('authUrl: ' + authUrl);
                cb.showWebPage(authUrl); // This opens the LinkedIn authorization / sign in page     
                cb.onLocationChange = function(loc){ success(loc); }; // When the ChildBrowser URL changes we need to track that
            },
            function(data) { 
                console.log("ERROR: "+ JSON.stringify(data));
            }
        );

         function success(loc) {
    /*
    We will check to see if the childBrowser's new URL matches our callBackURL
    */
    console.log('location: ' + loc);                    
           }

Here is the output in the log

requestParams: (request) oauth_token=3064fd0e-9920-41f7-b47e-d189ba6b13ce&oauth_token_secret=d547896f-778a-4c46-81cc-930f1f4796a7&oauth_callback_confirmed=true&xoauth_request_auth_url=https%3A%2F%2Fapi.linkedin.com%2Fuas%2Foauth%2Fauthorize&oauth_expires_in=599 authUrl: https://api.linkedin.com/uas/oauth/authorize?oauth_token=3064fd0e-9920-41f7-b47e-d189ba6b13ce location: https://www.linkedin.com/uas/oauth/authorize?oauth_token=3064fd0e-9920-41f7-b47e-d189ba6b13ce location: http://callback-url.com

bytespider commented 12 years ago

You still need to setVerifier() so jsoauth knows to include it in the hashing, this is the oauth_verifier passed back to you, you also need to set accessToken the token key and secret provided in the previous response.