[英]LinkedIn verify user auth token server side
after 1 day of research, I've ended with the following issue. 经过一天的研究,我结束了以下问题。 I'm building an web app with ember.js and currently I'm implementing LinkedIn login, using linkedin javascript sdk.
我正在使用ember.js构建一个Web应用程序,目前我正在使用linkedin javascript sdk实现LinkedIn登录。 The problem that I have is that after I recieve user information (token, email, first name and etc) I need to verify this token on server side in order to grand session.
我遇到的问题是,在收到用户信息(令牌,电子邮件,名字等)之后,我需要在服务器端验证此令牌才能进行盛会。 Unfortunately, the documentation is not very clear for me.
不幸的是,文档对我来说不是很清楚。 I can access token ( or kind of a token ) using IN.ENV.auth, but when I try to validate one from both of them, I recieve "invalid request".
我可以使用IN.ENV.auth访问令牌(或令牌的种类),但是当我尝试从它们中验证一个时,我收到“无效请求”。 On the server side I'm using node and a sample code look like that:
在服务器端我使用节点和示例代码看起来像这样:
var request = require('request');
var options = {
url: 'https://www.linkedin.com/uas/oauth2/accessToken?grant_type=authorization_code&code=TOKEN_RECIEVED_THROUGH_IN.ENV.auth&redirect_uri=my-domain&client_id=API_CLIENT_ID&client_secret=API_SECRET_KEY'
};
request(options,function(err,res,body){
console.log(body);
});
The response from the sdk is like that: sdk的反应是这样的:
anonymous_expires_in: 1800
anonymous_token: "4u948tas123asfK9DJx9HFYJgcsBFlhIFu93gG"
api_key: "API_KEY"
is_set_client_auth_cookie: false
member_id: "4a13sdasFeD"
oauth_expires_in: 1800
oauth_token: "66Dy9V123lL7H823ddl-5L-KVmg184k0dhAaS"
Thanks in advance. 提前致谢。
It seems that if you just add header oauth_token
to GET
request, it works: 看来如果你只是将头
oauth_token
添加到GET
请求,它可以工作:
GET /v1/people/~:(id,firstName,lastName,siteStandardProfileRequest,picture-url,email-address)?format=json HTTP/1.1
Host: api.linkedin.com
oauth_token: your-token-here
PS But I'm not sure it will work continuously because the documentation I have not read PS但我不确定它是否能继续工作,因为我没有读过的文档
LinkedIn auth tokens granted from the JS SDK and server-side OAuth are not the same. 从JS SDK和服务器端OAuth授予的LinkedIn auth令牌不一样。
There is a process documented on LinkedIn's developer website that explains how to exchange a JS token for a REST API/server-side token: https://developer-programs.linkedin.com/documents/exchange-jsapi-tokens-rest-api-oauth-tokens LinkedIn的开发者网站上记录了一个过程,该过程解释了如何为REST API /服务器端令牌交换JS令牌: https : //developer-programs.linkedin.com/documents/exchange-jsapi-tokens-rest-api -oauth的令牌
For someone that needs to check validity of token via Postman or etc... 对于需要通过Postman等检查令牌有效性的人...
You can achieve this by making request to have next parameters... 您可以通过请求具有下一个参数来实现此目的...
Example: 例:
Method GET:
https://api.linkedin.com/v1/people/~?format=json
Headers:
Authorization Bearer "here you add your access token"
Content-Type application/json
x-li-src msdk
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.