oauth2_proxy/providers/linkedin.go

package providers

import (
	"errors"
	"fmt"
	"net/http"
	"net/url"

	"github.com/pusher/oauth2_proxy/api"
	"github.com/pusher/oauth2_proxy/pkg/apis/sessions"
)

// LinkedInProvider represents an LinkedIn based Identity Provider
type LinkedInProvider struct {
	*ProviderData
}

// NewLinkedInProvider initiates a new LinkedInProvider
func NewLinkedInProvider(p *ProviderData) *LinkedInProvider {
	p.ProviderName = "LinkedIn"
	if p.LoginURL.String() == "" {
		p.LoginURL = &url.URL{Scheme: "https",
			Host: "www.linkedin.com",
			Path: "/uas/oauth2/authorization"}
	}
	if p.RedeemURL.String() == "" {
		p.RedeemURL = &url.URL{Scheme: "https",
			Host: "www.linkedin.com",
			Path: "/uas/oauth2/accessToken"}
	}
	if p.ProfileURL.String() == "" {
		p.ProfileURL = &url.URL{Scheme: "https",
			Host: "www.linkedin.com",
			Path: "/v1/people/~/email-address"}
	}
	if p.ValidateURL.String() == "" {
		p.ValidateURL = p.ProfileURL
	}
	if p.Scope == "" {
		p.Scope = "r_emailaddress r_basicprofile"
	}
	return &LinkedInProvider{ProviderData: p}
}

func getLinkedInHeader(accessToken string) http.Header {
	header := make(http.Header)
	header.Set("Accept", "application/json")
	header.Set("x-li-format", "json")
	header.Set("Authorization", fmt.Sprintf("Bearer %s", accessToken))
	return header
}

// GetEmailAddress returns the Account email address
func (p *LinkedInProvider) GetEmailAddress(s *sessions.SessionState) (string, error) {
	if s.AccessToken == "" {
		return "", errors.New("missing access token")
	}
	req, err := http.NewRequest("GET", p.ProfileURL.String()+"?format=json", nil)
	if err != nil {
		return "", err
	}
	req.Header = getLinkedInHeader(s.AccessToken)

	json, err := api.Request(req)
	if err != nil {
		return "", err
	}

	email, err := json.String()
	if err != nil {
		return "", err
	}
	return email, nil
}

// ValidateSessionState validates the AccessToken
func (p *LinkedInProvider) ValidateSessionState(s *sessions.SessionState) bool {
	return validateToken(p, s.AccessToken, getLinkedInHeader(s.AccessToken))
}
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`package providers`

			`import (`
			`"errors"`
			`"fmt"`
			`"net/http"`
			`"net/url"`

Move imports from bitly to pusher 2018-11-27 11:45:05 +00:00			`"github.com/pusher/oauth2_proxy/api"`
Move SessionState to its own package 2019-05-05 12:33:13 +00:00			`"github.com/pusher/oauth2_proxy/pkg/apis/sessions"`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`)`

Add comments to exported methods for providers package 2018-12-20 10:37:59 +00:00			`// LinkedInProvider represents an LinkedIn based Identity Provider`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`type LinkedInProvider struct {`
			`*ProviderData`
			`}`

Add comments to exported methods for providers package 2018-12-20 10:37:59 +00:00			`// NewLinkedInProvider initiates a new LinkedInProvider`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`func NewLinkedInProvider(p ProviderData) LinkedInProvider {`
			`p.ProviderName = "LinkedIn"`
*: rename Url to URL everywhere Go coding style says that acronyms should be all lower or all upper. Fix Url to URL. 2015-11-08 23:47:44 +00:00			`if p.LoginURL.String() == "" {`
			`p.LoginURL = &url.URL{Scheme: "https",`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`Host: "www.linkedin.com",`
			`Path: "/uas/oauth2/authorization"}`
			`}`
*: rename Url to URL everywhere Go coding style says that acronyms should be all lower or all upper. Fix Url to URL. 2015-11-08 23:47:44 +00:00			`if p.RedeemURL.String() == "" {`
			`p.RedeemURL = &url.URL{Scheme: "https",`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`Host: "www.linkedin.com",`
			`Path: "/uas/oauth2/accessToken"}`
			`}`
*: rename Url to URL everywhere Go coding style says that acronyms should be all lower or all upper. Fix Url to URL. 2015-11-08 23:47:44 +00:00			`if p.ProfileURL.String() == "" {`
			`p.ProfileURL = &url.URL{Scheme: "https",`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`Host: "www.linkedin.com",`
			`Path: "/v1/people/~/email-address"}`
			`}`
*: rename Url to URL everywhere Go coding style says that acronyms should be all lower or all upper. Fix Url to URL. 2015-11-08 23:47:44 +00:00			`if p.ValidateURL.String() == "" {`
			`p.ValidateURL = p.ProfileURL`
Move ValidateToken() to Provider 2015-05-13 01:48:13 +00:00			`}`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`if p.Scope == "" {`
			`p.Scope = "r_emailaddress r_basicprofile"`
			`}`
			`return &LinkedInProvider{ProviderData: p}`
			`}`

Lint for non-comment linter errors 2018-11-29 14:26:41 +00:00			`func getLinkedInHeader(accessToken string) http.Header {`
Move ValidateToken() to Provider 2015-05-13 01:48:13 +00:00			`header := make(http.Header)`
			`header.Set("Accept", "application/json")`
			`header.Set("x-li-format", "json")`
Lint for non-comment linter errors 2018-11-29 14:26:41 +00:00			`header.Set("Authorization", fmt.Sprintf("Bearer %s", accessToken))`
Move ValidateToken() to Provider 2015-05-13 01:48:13 +00:00			`return header`
			`}`

Add comments to exported methods for providers package 2018-12-20 10:37:59 +00:00			`// GetEmailAddress returns the Account email address`
Move SessionState to its own package 2019-05-05 12:33:13 +00:00			`func (p LinkedInProvider) GetEmailAddress(s sessions.SessionState) (string, error) {`
SessionState refactoring; improve token renewal and cookie refresh * New SessionState to consolidate email, access token and refresh token * split ServeHttp into individual methods * log on session renewal * log on access token refresh * refactor cookie encription/decription and session state serialization 2015-06-23 11:23:39 +00:00			`if s.AccessToken == "" {`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`return "", errors.New("missing access token")`
			`}`
*: rename Url to URL everywhere Go coding style says that acronyms should be all lower or all upper. Fix Url to URL. 2015-11-08 23:47:44 +00:00			`req, err := http.NewRequest("GET", p.ProfileURL.String()+"?format=json", nil)`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00			`if err != nil {`
			`return "", err`
			`}`
SessionState refactoring; improve token renewal and cookie refresh * New SessionState to consolidate email, access token and refresh token * split ServeHttp into individual methods * log on session renewal * log on access token refresh * refactor cookie encription/decription and session state serialization 2015-06-23 11:23:39 +00:00			`req.Header = getLinkedInHeader(s.AccessToken)`
LinkedIn OAuth support. 2015-04-17 22:33:17 +00:00
			`json, err := api.Request(req)`
			`if err != nil {`
			`return "", err`
			`}`

			`email, err := json.String()`
			`if err != nil {`
			`return "", err`
			`}`
			`return email, nil`
			`}`
Move ValidateToken() to Provider 2015-05-13 01:48:13 +00:00
Add comments to exported methods for providers package 2018-12-20 10:37:59 +00:00			`// ValidateSessionState validates the AccessToken`
Move SessionState to its own package 2019-05-05 12:33:13 +00:00			`func (p LinkedInProvider) ValidateSessionState(s sessions.SessionState) bool {`
SessionState refactoring; improve token renewal and cookie refresh * New SessionState to consolidate email, access token and refresh token * split ServeHttp into individual methods * log on session renewal * log on access token refresh * refactor cookie encription/decription and session state serialization 2015-06-23 11:23:39 +00:00			`return validateToken(p, s.AccessToken, getLinkedInHeader(s.AccessToken))`
Move ValidateToken() to Provider 2015-05-13 01:48:13 +00:00			`}`