@adonisjs/ally
Version:
Social authentication provider for AdonisJS
157 lines (155 loc) • 4.4 kB
JavaScript
import {
Oauth2Driver
} from "../../chunk-EXGR73T6.js";
import "../../chunk-NK6X76EQ.js";
import "../../chunk-TSIMPJ6I.js";
// src/drivers/linked_in_openid_connect.ts
var LinkedInOpenidConnectDriver = class extends Oauth2Driver {
/**
* @param ctx - The HTTP context
* @param config - Configuration for the LinkedIn OpenID Connect driver
*/
constructor(ctx, config) {
super(ctx, config);
this.config = config;
this.loadState();
}
config;
/**
* LinkedIn OpenID authorization endpoint URL.
*/
authorizeUrl = "https://www.linkedin.com/oauth/v2/authorization";
/**
* LinkedIn OpenID token endpoint URL.
*/
accessTokenUrl = "https://www.linkedin.com/oauth/v2/accessToken";
/**
* LinkedIn OpenID userinfo endpoint URL.
*/
userInfoUrl = "https://api.linkedin.com/v2/userinfo";
/**
* The param name for the authorization code
*/
codeParamName = "code";
/**
* The param name for the error
*/
errorParamName = "error";
/**
* Cookie name for storing the "linkedin_openid_connect_oauth_state"
*/
stateCookieName = "linkedin_openid_connect_oauth_state";
/**
* Parameter name to be used for sending and receiving the state
* from linkedin
*/
stateParamName = "state";
/**
* Parameter name for defining the scopes
*/
scopeParamName = "scope";
/**
* Scopes separator
*/
scopesSeparator = " ";
/**
* Configures the redirect request with default scopes for OpenID Connect.
*
* @param request - The redirect request to configure
*/
configureRedirectRequest(request) {
request.scopes(this.config.scopes || ["openid", "profile", "email"]);
request.param("response_type", "code");
}
/**
* Creates an authenticated HTTP request with the proper authorization
* header for LinkedIn API calls.
*
* @param url - The API endpoint URL
* @param token - The access token
*/
getAuthenticatedRequest(url, token) {
const request = this.httpClient(url);
request.header("Authorization", `Bearer ${token}`);
request.header("Accept", "application/json");
request.parseAs("json");
return request;
}
/**
* Fetches the authenticated user's profile information from the LinkedIn API
* using the OpenID Connect userinfo endpoint.
*
* @param token - The access token
* @param callback - Optional callback to customize the API request
*/
async getUserInfo(token, callback) {
let url = this.config.userInfoUrl || this.userInfoUrl;
const request = this.getAuthenticatedRequest(url, token);
if (typeof callback === "function") {
callback(request);
}
const body = await request.get();
return {
id: body.sub,
nickName: body.given_name,
name: body.family_name,
avatarUrl: body.picture,
email: body.email,
emailVerificationState: body.email_verified === true ? "verified" : "unverified",
original: body
};
}
/**
* Check if the error from the callback indicates that the user
* denied authorization or cancelled the login.
*/
accessDenied() {
const error = this.getError();
if (!error) {
return false;
}
return error === "user_cancelled_login" || error === "user_cancelled_authorize";
}
/**
* Get the authenticated user's profile information using
* the authorization code from the callback request.
*
* @param callback - Optional callback to customize the API request
*
* @example
* ```ts
* const user = await ally.use('linkedinOpenidConnect').user()
* console.log(user.name, user.email)
* ```
*/
async user(callback) {
const accessToken = await this.accessToken(callback);
const userInfo = await this.getUserInfo(accessToken.token, callback);
return {
...userInfo,
token: { ...accessToken }
};
}
/**
* Get the user's profile information using an existing
* access token.
*
* @param token - The LinkedIn access token
* @param callback - Optional callback to customize the API request
*
* @example
* ```ts
* const user = await ally.use('linkedinOpenidConnect').userFromToken(accessToken)
* ```
*/
async userFromToken(token, callback) {
const user = await this.getUserInfo(token, callback);
return {
...user,
token: { token, type: "bearer" }
};
}
};
export {
LinkedInOpenidConnectDriver
};