Upgrade gem to work with LinkedIn API v2 (r_liteprofile)

README.md

@@ -4,7 +4,7 @@
 
 A LinkedIn OAuth2 strategy for OmniAuth.
 
-For more details, read the LinkedIn documentation: https://developer.linkedin.com/documents/authentication
+For more details, read the LinkedIn documentation: https://developer.linkedin.com/docs/oauth2
 
 ## Installation
 
@@ -22,6 +22,8 @@ Or install it yourself as:
 
 ## Upgrading
 
+This version is a major upgrade to the LinkedIn API version 2. As such, it switches from the soon to be no longer available `r_basicprofile` to `r_liteprofile`. This results in a much limited set of data that we can get from LinkedIn.
+
 Previous versions of this gem used the provider name `:linkedin_oauth2`. In order to provide a cleaner upgrade path for users who were previously using the OAuth 1.0 omniauth adapter for LinkedIn [https://github.com/skorks/omniauth-linkedin], this has been renamed to just `:linkedin`.
 
 Users who are upgrading from previous versions of this gem may need to update their Omniauth and/or Devise configurations to use the shorter provider name.
@@ -43,42 +45,38 @@ You can now access the OmniAuth LinkedIn OAuth2 URL: `/auth/linkedin`.
 ## Granting Member Permissions to Your Application
 
 With the LinkedIn API, you have the ability to specify which permissions you want users to grant your application.
-For more details, read the LinkedIn documentation: https://developer.linkedin.com/documents/authentication
+For more details, read the LinkedIn documentation: https://developer.linkedin.com/docs/oauth2
 
 By default, omniauth-linkedin-oauth2 requests the following permissions:
 
-    'r_basicprofile r_emailaddress'
+    'r_liteprofile r_emailaddress'
 
 You can configure the scope option:
 
 ```ruby
-provider :linkedin, ENV['LINKEDIN_KEY'], ENV['LINKEDIN_SECRET'], :scope => 'r_fullprofile r_emailaddress r_network'
+provider :linkedin, ENV['LINKEDIN_KEY'], ENV['LINKEDIN_SECRET'], :scope => 'r_literofile'
 ```
 
 ## Profile Fields
 
 When specifying which permissions you want to users to grant to your application, you will probably want to specify the array of fields that you want returned in the omniauth hash. The list of default fields is as follows:
 
 ```ruby
-['id', 'email-address', 'first-name', 'last-name', 'headline', 'location', 'industry', 'picture-url', 'public-profile-url']
+['id', 'first-name', 'last-name', 'picture-url', 'email-address']
 ```
 
-Here's an example of a possible configuration where the fields returned from the API are: id, email-address, first-name and last-name.
+Here's an example of a possible configuration where the fields returned from the API are: id, first-name and last-name.
 
 ```ruby
-provider :linkedin, ENV['LINKEDIN_KEY'], ENV['LINKEDIN_SECRET'], :fields => ['id', 'email-address', 'first-name', 'last-name']
+provider :linkedin, ENV['LINKEDIN_KEY'], ENV['LINKEDIN_SECRET'], :fields => ['id', 'first-name', 'last-name']
 ```
 
-To see a complete list of available fields, consult the LinkedIn documentation at: https://developer.linkedin.com/documents/profile-fields
-
-## Other Options
-
-* `secure_image_url` - Set to `true` to use https for the profile picture url. Default is `false`.
+To see a complete list of available fields, consult the LinkedIn documentation at: https://developer.linkedin.com/docs/fields
 
 ## Contributing
 
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
+1.  Fork it
+2.  Create your feature branch (`git checkout -b my-new-feature`)
+3.  Commit your changes (`git commit -am 'Add some feature'`)
+4.  Push to the branch (`git push origin my-new-feature`)
+5.  Create new Pull Request

lib/omniauth-linkedin-oauth2/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module LinkedInOAuth2
-    VERSION = "0.2.5"
+    VERSION = '1.0.0'
   end
 end

lib/omniauth/strategies/linkedin.rb

@@ -3,45 +3,34 @@
 module OmniAuth
   module Strategies
     class LinkedIn < OmniAuth::Strategies::OAuth2
-      # Give your strategy a name.
       option :name, 'linkedin'
 
-      # This is where you pass the options you would pass when
-      # initializing your consumer from the OAuth gem.
       option :client_options, {
         :site => 'https://api.linkedin.com',
         :authorize_url => 'https://www.linkedin.com/oauth/v2/authorization?response_type=code',
         :token_url => 'https://www.linkedin.com/oauth/v2/accessToken'
       }
 
-      option :scope, 'r_basicprofile r_emailaddress'
-      option :fields, ['id', 'email-address', 'first-name', 'last-name', 'headline', 'location', 'industry', 'picture-url', 'public-profile-url']
+      option :scope, 'r_liteprofile r_emailaddress'
+      option :fields, ['id', 'first-name', 'last-name', 'picture-url', 'email-address']
 
-      # These are called after authentication has succeeded. If
-      # possible, you should try to set the UID without making
-      # additional calls (if the user id is returned with the token
-      # or as a URI parameter). This may not be possible with all
-      # providers.
-      uid { raw_info['id'] }
+      uid do
+        raw_info['id']
+      end
 
       info do
         {
-          :name => user_name,
-          :email => raw_info['emailAddress'],
-          :nickname => user_name,
-          :first_name => raw_info['firstName'],
-          :last_name => raw_info['lastName'],
-          :location => raw_info['location'],
-          :description => raw_info['headline'],
-          :image => raw_info['pictureUrl'],
-          :urls => {
-            'public_profile' => raw_info['publicProfileUrl']
-          }
+          :email => email_address,
+          :first_name => localized_field('firstName'),
+          :last_name => localized_field('lastName'),
+          :picture_url => picture_url
         }
       end
 
       extra do
-        { 'raw_info' => raw_info }
+        {
+          'raw_info' => raw_info
+        }
       end
 
       def callback_url
@@ -52,28 +41,93 @@ def callback_url
 
       def access_token
         ::OAuth2::AccessToken.new(client, oauth2_access_token.token, {
-          :mode => :query,
-          :param_name => 'oauth2_access_token',
           :expires_in => oauth2_access_token.expires_in,
           :expires_at => oauth2_access_token.expires_at
         })
       end
 
       def raw_info
-        @raw_info ||= access_token.get("/v1/people/~:(#{option_fields.join(',')})?format=json").parsed
+        @raw_info ||= access_token.get(profile_endpoint).parsed
       end
 
       private
 
-      def option_fields
-        fields = options.fields
-        fields.map! { |f| f == "picture-url" ? "picture-url;secure=true" : f } if !!options[:secure_image_url]
-        fields
+      def email_address
+        if options.fields.include? 'email-address'
+          fetch_email_address
+          parse_email_address
+        end
+      end
+
+      def fetch_email_address
+        @email_address_response ||= access_token.get(email_address_endpoint).parsed
+      end
+
+      def parse_email_address
+        return unless email_address_available?
+
+        @email_address_response['elements'].first['handle~']['emailAddress']
+      end
+
+      def email_address_available?
+        @email_address_response['elements'] &&
+          @email_address_response['elements'].is_a?(Array) &&
+          @email_address_response['elements'].first &&
+          @email_address_response['elements'].first['handle~']
+      end
+
+      def fields_mapping
+        {
+          'id' => 'id',
+          'first-name' => 'firstName',
+          'last-name' => 'lastName',
+          'picture-url' => 'profilePicture(displayImage~:playableStreams)'
+        }
+      end
+
+      def fields
+        options.fields.each.with_object([]) do |field, result|
+          result << fields_mapping[field] if fields_mapping.has_key? field
+        end
+      end
+
+      def localized_field field_name
+        return unless localized_field_available? field_name
+
+        raw_info[field_name]['localized'][field_locale(field_name)]
+      end
+
+      def field_locale field_name
+        "#{ raw_info[field_name]['preferredLocale']['language'] }_" \
+          "#{ raw_info[field_name]['preferredLocale']['country'] }"
+      end
+
+      def localized_field_available? field_name
+        raw_info[field_name] && raw_info[field_name]['localized']
+      end
+
+      def picture_url
+        return unless picture_available?
+
+        picture_references.last['identifiers'].first['identifier']
+      end
+
+      def picture_available?
+        raw_info['profilePicture'] &&
+          raw_info['profilePicture']['displayImage~'] &&
+          picture_references
+      end
+
+      def picture_references
+        raw_info['profilePicture']['displayImage~']['elements']
+      end
+
+      def email_address_endpoint
+        '/v2/emailAddress?q=members&projection=(elements*(handle~))'
       end
 
-      def user_name
-        name = "#{raw_info['firstName']} #{raw_info['lastName']}".strip
-        name.empty? ? nil : name
+      def profile_endpoint
+        "/v2/me?projection=(#{ fields.join(',') })"
       end
     end
   end

omniauth-linkedin-oauth2.gemspec

@@ -18,12 +18,11 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ["lib"]
 
-  gem.add_runtime_dependency 'omniauth', '~> 1.0'
   gem.add_runtime_dependency 'omniauth-oauth2'
 
-  gem.add_development_dependency 'bundler', '~> 1.3'
+  gem.add_development_dependency 'bundler'
   gem.add_development_dependency 'rake'
 
-  gem.add_development_dependency 'rspec', '~> 3.0'
+  gem.add_development_dependency 'rspec'
   gem.add_development_dependency 'simplecov'
 end