You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
168 lines
3.5 KiB
168 lines
3.5 KiB
<?php |
|
/** |
|
* @link http://www.yiiframework.com/ |
|
* @copyright Copyright (c) 2008 Yii Software LLC |
|
* @license http://www.yiiframework.com/license/ |
|
*/ |
|
|
|
namespace yii\authclient\clients; |
|
|
|
use yii\authclient\OAuth2; |
|
use yii\web\HttpException; |
|
use Yii; |
|
|
|
/** |
|
* LinkedIn allows authentication via LinkedIn OAuth. |
|
* |
|
* In order to use linkedIn OAuth you must register your application at <https://www.linkedin.com/secure/developer>. |
|
* |
|
* Example application configuration: |
|
* |
|
* ~~~ |
|
* 'components' => [ |
|
* 'authClientCollection' => [ |
|
* 'class' => 'yii\authclient\Collection', |
|
* 'clients' => [ |
|
* 'linkedin' => [ |
|
* 'class' => 'yii\authclient\clients\LinkedIn', |
|
* 'clientId' => 'linkedin_client_id', |
|
* 'clientSecret' => 'linkedin_client_secret', |
|
* ], |
|
* ], |
|
* ] |
|
* ... |
|
* ] |
|
* ~~~ |
|
* |
|
* @see http://developer.linkedin.com/documents/authentication |
|
* @see https://www.linkedin.com/secure/developer |
|
* @see http://developer.linkedin.com/apis |
|
* |
|
* @author Paul Klimov <klimov.paul@gmail.com> |
|
* @since 2.0 |
|
*/ |
|
class LinkedIn extends OAuth2 |
|
{ |
|
/** |
|
* @inheritdoc |
|
*/ |
|
public $authUrl = 'https://www.linkedin.com/uas/oauth2/authorization'; |
|
/** |
|
* @inheritdoc |
|
*/ |
|
public $tokenUrl = 'https://www.linkedin.com/uas/oauth2/accessToken'; |
|
/** |
|
* @inheritdoc |
|
*/ |
|
public $apiBaseUrl = 'https://api.linkedin.com/v1'; |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
public function init() |
|
{ |
|
parent::init(); |
|
if ($this->scope === null) { |
|
$this->scope = implode(' ', [ |
|
'r_basicprofile', |
|
'r_emailaddress', |
|
]); |
|
} |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
protected function defaultNormalizeUserAttributeMap() |
|
{ |
|
return [ |
|
'email' => 'email-address', |
|
'first_name' => 'first-name', |
|
'last_name' => 'last-name', |
|
]; |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
protected function initUserAttributes() |
|
{ |
|
$attributeNames = [ |
|
'id', |
|
'email-address', |
|
'first-name', |
|
'last-name', |
|
'public-profile-url', |
|
]; |
|
return $this->api('people/~:(' . implode(',', $attributeNames) . ')', 'GET'); |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
public function buildAuthUrl(array $params = []) |
|
{ |
|
$authState = $this->generateAuthState(); |
|
$this->setState('authState', $authState); |
|
$params['state'] = $authState; |
|
return parent::buildAuthUrl($params); |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
public function fetchAccessToken($authCode, array $params = []) |
|
{ |
|
$authState = $this->getState('authState'); |
|
if (!isset($_REQUEST['state']) || empty($authState) || strcmp($_REQUEST['state'], $authState) !== 0) { |
|
throw new HttpException(400, 'Invalid auth state parameter.'); |
|
} else { |
|
$this->removeState('authState'); |
|
} |
|
return parent::fetchAccessToken($authCode, $params); |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
protected function apiInternal($accessToken, $url, $method, array $params) |
|
{ |
|
$params['oauth2_access_token'] = $accessToken->getToken(); |
|
return $this->sendRequest($method, $url, $params); |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
protected function defaultReturnUrl() |
|
{ |
|
$params = $_GET; |
|
unset($params['code']); |
|
unset($params['state']); |
|
return Yii::$app->getUrlManager()->createAbsoluteUrl(Yii::$app->controller->getRoute(), $params); |
|
} |
|
|
|
/** |
|
* Generates the auth state value. |
|
* @return string auth state value. |
|
*/ |
|
protected function generateAuthState() { |
|
return sha1(uniqid(get_class($this), true)); |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
protected function defaultName() |
|
{ |
|
return 'linkedin'; |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
protected function defaultTitle() |
|
{ |
|
return 'LinkedIn'; |
|
} |
|
} |