<?php /** * @link http://www.yiiframework.com/ * @copyright Copyright (c) 2008 Yii Software LLC * @license http://www.yiiframework.com/license/ */ namespace yii\authclient\clients; use yii\authclient\OAuth2; use yii\web\HttpException; use Yii; /** * LinkedIn allows authentication via LinkedIn OAuth. * * In order to use linkedIn OAuth you must register your application at <https://www.linkedin.com/secure/developer>. * * Example application configuration: * * ~~~ * 'components' => [ * 'authClientCollection' => [ * 'class' => 'yii\authclient\Collection', * 'clients' => [ * 'linkedin' => [ * 'class' => 'yii\authclient\clients\LinkedIn', * 'clientId' => 'linkedin_client_id', * 'clientSecret' => 'linkedin_client_secret', * ], * ], * ] * ... * ] * ~~~ * * @see http://developer.linkedin.com/documents/authentication * @see https://www.linkedin.com/secure/developer * @see http://developer.linkedin.com/apis * * @author Paul Klimov <klimov.paul@gmail.com> * @since 2.0 */ class LinkedIn extends OAuth2 { /** * @inheritdoc */ public $authUrl = 'https://www.linkedin.com/uas/oauth2/authorization'; /** * @inheritdoc */ public $tokenUrl = 'https://www.linkedin.com/uas/oauth2/accessToken'; /** * @inheritdoc */ public $apiBaseUrl = 'https://api.linkedin.com/v1'; /** * @inheritdoc */ public function init() { parent::init(); if ($this->scope === null) { $this->scope = implode(' ', [ 'r_basicprofile', 'r_emailaddress', ]); } } /** * @inheritdoc */ protected function defaultNormalizeUserAttributeMap() { return [ 'email' => 'email-address', 'first_name' => 'first-name', 'last_name' => 'last-name', ]; } /** * @inheritdoc */ protected function initUserAttributes() { $attributeNames = [ 'id', 'email-address', 'first-name', 'last-name', 'public-profile-url', ]; return $this->api('people/~:(' . implode(',', $attributeNames) . ')', 'GET'); } /** * @inheritdoc */ public function buildAuthUrl(array $params = []) { $authState = $this->generateAuthState(); $this->setState('authState', $authState); $params['state'] = $authState; return parent::buildAuthUrl($params); } /** * @inheritdoc */ public function fetchAccessToken($authCode, array $params = []) { $authState = $this->getState('authState'); if (!isset($_REQUEST['state']) || empty($authState) || strcmp($_REQUEST['state'], $authState) !== 0) { throw new HttpException(400, 'Invalid auth state parameter.'); } else { $this->removeState('authState'); } return parent::fetchAccessToken($authCode, $params); } /** * @inheritdoc */ protected function apiInternal($accessToken, $url, $method, array $params, array $headers) { $params['oauth2_access_token'] = $accessToken->getToken(); return $this->sendRequest($method, $url, $params, $headers); } /** * @inheritdoc */ protected function defaultReturnUrl() { $params = $_GET; unset($params['code']); unset($params['state']); $params[0] = Yii::$app->controller->getRoute(); return Yii::$app->getUrlManager()->createAbsoluteUrl($params); } /** * Generates the auth state value. * @return string auth state value. */ protected function generateAuthState() { return sha1(uniqid(get_class($this), true)); } /** * @inheritdoc */ protected function defaultName() { return 'linkedin'; } /** * @inheritdoc */ protected function defaultTitle() { return 'LinkedIn'; } }