Closed khier996 closed 8 months ago
Hello @khier996, I got the same problem, meanwhile I create a Pull Request to this gem you can use my custom code which works with the new Scopes.
Remove the gem omniauth-linkedin-oauth2
for now in your Gemfile and Add omniauth-oauth2
:
# gem 'omniauth-linkedin-oauth2'
gem 'omniauth-oauth2'
gem 'omniauth-rails_csrf_protection' # Add this if need it
Create the file lib/strategies/linkedin.rb
require 'omniauth-oauth2'
module OmniAuth
module Strategies
class LinkedIn < OmniAuth::Strategies::OAuth2
option :name, 'linkedin'
option :client_options, {
:site => 'https://api.linkedin.com',
:authorize_url => 'https://www.linkedin.com/oauth/v2/authorization?response_type=code',
:token_url => 'https://www.linkedin.com/oauth/v2/accessToken'
}
option :scope, 'openid profile email'
option :fields, ['id', 'full-name', 'first-name', 'last-name', 'picture-url', 'email-address']
option :redirect_url
uid do
raw_info['sub']
end
info do
{:email => raw_info['email'],
:first_name => raw_info['given_name'],
:last_name => raw_info['family_name'],
:picture_url => raw_info['picture']}
end
extra do
{'raw_info' => raw_info}
end
def callback_url
return options.redirect_url if options.redirect_url
full_host + script_name + callback_path
end
alias :oauth2_access_token :access_token
def access_token
::OAuth2::AccessToken.new(client, oauth2_access_token.token, {
:expires_in => oauth2_access_token.expires_in,
:expires_at => oauth2_access_token.expires_at,
:refresh_token => oauth2_access_token.refresh_token
})
end
def raw_info
@raw_info ||= access_token.get(profile_endpoint).parsed
end
private
def fields_mapping
# Fields
# https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin-v2?context=linkedin%2Fconsumer%2Fcontext#api-request-to-retreive-member-details
{
'id' => 'sub',
'full-name' => 'name',
'first-name' => 'given_name',
'last-name' => 'family_name',
'picture-url' => 'picture'
}
end
def fields
options.fields.each.with_object([]) do |field, result|
result << fields_mapping[field] if fields_mapping.has_key? field
end
end
def profile_endpoint
"/v2/userinfo"
end
def token_params
super.tap do |params|
params.client_secret = options.client_secret
end
end
end
end
end
OmniAuth.config.add_camelization 'linkedin', 'LinkedIn'
Now, if you are using Devise like me:
In your config/initializers/devise.rb
import the previous file:
require "strategies/linkedin"
Devise.setup do |config|
# bla bla bla
Lastly, Add the OmniAuth provider:
config.omniauth :linkedin,
ENV.fetch('LINKEDIN_CLIENT_ID'),
ENV.fetch('LINKEDIN_CLIENT_SECRET')
Hope if helps
@antonioJASR perhaps this warrants its own gem, something called omniauth-linkedin-openid
? I'm not sure it would be possible to support both "solutions" in this gem.
Is the older sign in product supported as well or replaced by the new one?
For anyone that needs this, I put @antonioJASR's work into a PR and updated the tests and docs.
Thanks @antonioJASR !
Your code seems to work for other people, there is even a new gem with your code!
But for me it returns this error:
{"error":"invalid_request","error_description":"Duplicate values defined for \"client_secret\" parameter"}
Do you know what might be causing it?
@khier996 I think i would be best to track issues for the new gem on that tracker instead of here.
Is the older sign in product supported as well or replaced by the new one?
It seems new LinkedIn Applications cannot add the old one, so I think it has been replaced.
I think this can now be closed given that a new gem jclusso/omniauth-linkedin-openid has been created.
LinkedIn launched a new Signin product and removed the old one. The new one is called Sign In with LinkedIn using OpenID Connect
The scopes in the new product are completely different from the old ones:
These changes break this gem. Are there any plans to support new changes?