https://github.com/auth0/passport-linkedin-oauth2
Passport Strategy for LinkedIn OAuth 2.0
https://github.com/auth0/passport-linkedin-oauth2
Last synced: about 1 year ago
JSON representation
Passport Strategy for LinkedIn OAuth 2.0
- Host: GitHub
- URL: https://github.com/auth0/passport-linkedin-oauth2
- Owner: auth0
- License: mit
- Created: 2013-03-28T22:17:51.000Z (about 13 years ago)
- Default Branch: master
- Last Pushed: 2024-07-19T07:43:05.000Z (almost 2 years ago)
- Last Synced: 2025-03-21T17:56:26.714Z (over 1 year ago)
- Language: JavaScript
- Homepage:
- Size: 73.2 KB
- Stars: 121
- Watchers: 16
- Forks: 109
- Open Issues: 46
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
A simple [Passport](http://passportjs.org/) strategy for LinkedIn OAuth2 that works with lite profile.
## Install
npm install passport-linkedin-oauth2
## Usage
Register the strategy
```javascript
var LinkedInStrategy = require('passport-linkedin-oauth2').Strategy;
passport.use(
new LinkedInStrategy(
{
clientID: LINKEDIN_KEY,
clientSecret: LINKEDIN_SECRET,
callbackURL: 'http://127.0.0.1:3000/auth/linkedin/callback',
scope: ['email', 'profile', 'openid'],
},
function (accessToken, refreshToken, profile, done) {
// asynchronous verification, for effect...
process.nextTick(function () {
// To keep the example simple, the user's LinkedIn profile is returned to
// represent the logged-in user. In a typical application, you would want
// to associate the LinkedIn account with a user record in your database,
// and return that user instead.
return done(null, profile);
});
}
)
);
```
and then authenticate as:
```javascript
app.get(
'/auth/linkedin',
passport.authenticate('linkedin', { state: 'SOME STATE' }),
function (req, res) {
// The request will be redirected to LinkedIn for authentication, so this
// function will not be called.
}
);
```
the login callback:
```javascript
app.get(
'/auth/linkedin/callback',
passport.authenticate('linkedin', {
successRedirect: '/',
failureRedirect: '/login',
})
);
```
See [this](https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin-v2) for details on LinkedIn API.
## Auto-handle `state` param
The `state` param is used to prevent CSRF attacks, and is [required by the LinkedIn API](https://developer.linkedin.com/documents/authentication). You can ask Passport to handle the sending and validating of the `state` parameter by passing `state: true` as an option to the strategy:
```javascript
var LinkedInStrategy = require('passport-linkedin-oauth2').Strategy;
passport.use(
new LinkedInStrategy(
{
clientID: LINKEDIN_KEY,
clientSecret: LINKEDIN_SECRET,
callbackURL: 'http://127.0.0.1:3000/auth/linkedin/callback',
scope: ['email', 'profile', 'openid'],
state: true,
},
function (accessToken, refreshToken, profile, done) {
// asynchronous verification, for effect...
process.nextTick(function () {
// To keep the example simple, the user's LinkedIn profile is returned to
// represent the logged-in user. In a typical application, you would want
// to associate the LinkedIn account with a user record in your database,
// and return that user instead.
return done(null, profile);
});
}
)
);
```
and then authenticate as:
```javascript
app.get(
'/auth/linkedin',
passport.authenticate('linkedin'),
function (req, res) {
// The request will be redirected to LinkedIn for authentication, so this
// function will not be called.
}
);
```
## Issue Reporting
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
## Author
[Auth0](auth0.com)
## License
This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.