/usr/share/pyshared/social_auth/backends/contrib/linkedin.py is in python-django-social-auth 0.7.23-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 | """
Linkedin OAuth support
No extra configurations are needed to make this work.
"""
from xml.etree import ElementTree
from xml.parsers.expat import ExpatError
from urllib import urlencode
from urllib2 import Request
from oauth2 import Token
from django.utils import simplejson
from social_auth.utils import setting, dsa_urlopen
from social_auth.backends import ConsumerBasedOAuth, OAuthBackend, BaseOAuth2
from social_auth.exceptions import AuthCanceled, AuthUnknownError
LINKEDIN_SERVER = 'linkedin.com'
LINKEDIN_REQUEST_TOKEN_URL = 'https://api.%s/uas/oauth/requestToken' % \
LINKEDIN_SERVER
LINKEDIN_ACCESS_TOKEN_URL = 'https://api.%s/uas/oauth/accessToken' % \
LINKEDIN_SERVER
LINKEDIN_AUTHORIZATION_URL = 'https://www.%s/uas/oauth/authenticate' % \
LINKEDIN_SERVER
LINKEDIN_CHECK_AUTH = 'https://api.%s/v1/people/~' % LINKEDIN_SERVER
# Check doc at http://developer.linkedin.com/docs/DOC-1014 about how to use
# fields selectors to retrieve extra user data
LINKEDIN_FIELD_SELECTORS = ['id', 'first-name', 'last-name']
class LinkedinBackend(OAuthBackend):
"""Linkedin OAuth authentication backend"""
name = 'linkedin'
EXTRA_DATA = [('id', 'id'),
('first-name', 'first_name'),
('last-name', 'last_name')]
def get_user_details(self, response):
"""Return user details from Linkedin account"""
first_name, last_name = response['first-name'], response['last-name']
email = response.get('email-address', '')
return {'username': first_name + last_name,
'fullname': first_name + ' ' + last_name,
'first_name': first_name,
'last_name': last_name,
'email': email}
class LinkedinOAuth2Backend(LinkedinBackend):
"""Linkedin OAuth2 authentication backend"""
name = 'linkedin-oauth2'
EXTRA_DATA = [('id', 'id'),
('firstName', 'first_name'),
('lastName', 'last_name')]
def get_user_details(self, response):
first_name, last_name = response['firstName'], response['lastName']
return {'username': first_name + last_name,
'fullname': first_name + ' ' + last_name,
'first_name': first_name,
'last_name': last_name,
'email': response.get('emailAddress', '')}
class LinkedinAuth(ConsumerBasedOAuth):
"""Linkedin OAuth authentication mechanism"""
AUTHORIZATION_URL = LINKEDIN_AUTHORIZATION_URL
REQUEST_TOKEN_URL = LINKEDIN_REQUEST_TOKEN_URL
ACCESS_TOKEN_URL = LINKEDIN_ACCESS_TOKEN_URL
AUTH_BACKEND = LinkedinBackend
SETTINGS_KEY_NAME = 'LINKEDIN_CONSUMER_KEY'
SETTINGS_SECRET_NAME = 'LINKEDIN_CONSUMER_SECRET'
SCOPE_VAR_NAME = 'LINKEDIN_SCOPE'
SCOPE_SEPARATOR = '+'
def user_data(self, access_token, *args, **kwargs):
"""Return user data provided"""
fields_selectors = LINKEDIN_FIELD_SELECTORS + \
setting('LINKEDIN_EXTRA_FIELD_SELECTORS', [])
# use set() over fields_selectors since LinkedIn fails when values are
# duplicated
url = LINKEDIN_CHECK_AUTH + ':(%s)' % ','.join(set(fields_selectors))
request = self.oauth_request(access_token, url)
raw_xml = self.fetch_response(request)
try:
return to_dict(ElementTree.fromstring(raw_xml))
except (ExpatError, KeyError, IndexError):
return None
def auth_complete(self, *args, **kwargs):
"""Complete auth process. Check LinkedIn error response."""
oauth_problem = self.request.GET.get('oauth_problem')
if oauth_problem:
if oauth_problem == 'user_refused':
raise AuthCanceled(self, '')
else:
raise AuthUnknownError(self, 'LinkedIn error was %s' %
oauth_problem)
return super(LinkedinAuth, self).auth_complete(*args, **kwargs)
def get_scope(self):
"""Return list with needed access scope"""
scope = []
if self.SCOPE_VAR_NAME:
scope = setting(self.SCOPE_VAR_NAME, [])
else:
scope = []
return scope
def unauthorized_token(self):
"""Makes first request to oauth. Returns an unauthorized Token."""
request_token_url = self.REQUEST_TOKEN_URL
scope = self.get_scope()
if scope:
qs = 'scope=' + self.SCOPE_SEPARATOR.join(scope)
request_token_url = request_token_url + '?' + qs
request = self.oauth_request(
token=None,
url=request_token_url,
extra_params=self.request_token_extra_arguments()
)
response = self.fetch_response(request)
return Token.from_string(response)
class LinkedinOAuth2(BaseOAuth2):
AUTH_BACKEND = LinkedinOAuth2Backend
AUTHORIZATION_URL = 'https://www.linkedin.com/uas/oauth2/authorization'
ACCESS_TOKEN_URL = 'https://www.linkedin.com/uas/oauth2/accessToken'
SETTINGS_KEY_NAME = 'LINKEDIN_CONSUMER_KEY'
SETTINGS_SECRET_NAME = 'LINKEDIN_CONSUMER_SECRET'
SCOPE_VAR_NAME = 'LINKEDIN_SCOPE'
REDIRECT_STATE = False
def user_data(self, access_token, *args, **kwargs):
"""Return user data provided"""
fields_selectors = LINKEDIN_FIELD_SELECTORS + \
setting('LINKEDIN_EXTRA_FIELD_SELECTORS', [])
url = LINKEDIN_CHECK_AUTH + ':(%s)' % ','.join(set(fields_selectors))
data = {'oauth2_access_token': access_token, 'format': 'json'}
request = Request(url + '?' + urlencode(data))
try:
return simplejson.loads(dsa_urlopen(request).read())
except (ExpatError, KeyError, IndexError):
return None
def to_dict(xml):
"""Convert XML structure to dict recursively, repeated keys entries
are returned as in list containers."""
children = xml.getchildren()
if not children:
return xml.text
else:
out = {}
for node in xml.getchildren():
if node.tag in out:
if not isinstance(out[node.tag], list):
out[node.tag] = [out[node.tag]]
out[node.tag].append(to_dict(node))
else:
out[node.tag] = to_dict(node)
return out
# Backend definition
BACKENDS = {
'linkedin': LinkedinAuth,
'linkedin-oauth2': LinkedinOAuth2,
}
|