mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-21 08:22:07 +02:00
Code Issues Projects Releases Wiki Activity

Merge branch 'MDL-79181-401' of https://github.com/snake/moodle into MOODLE_401_STABLE

Browse Source
This commit is contained in:
Jun Pataleta 2023-09-14 14:02:29 +08:00
commit cdb81ef363
No known key found for this signature in database
GPG Key ID: F83510526D99E2C7
2 changed files with 27 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lib/classes/oauth2/client/linkedin.php
View File

@ -30,34 +30,24 @@ use core\oauth2\client;
*/
class linkedin extends client {
/**
* Fetch the user info from the userinfo and email endpoint and map fields back
* Override to handle LinkedIn's non-spec-compliant 'locale' field, which isn't a string (e.g. 'en-US') but an object.
*
* @return array|false
*/
public function get_userinfo() {
$user = array_merge(parent::get_userinfo(), $this->get_useremail());
return $user;
}
/**
* Get the email address of the user from the email endpoint
*
* @return array|false
*/
private function get_useremail() {
$url = $this->get_issuer()->get_endpoint_url('email');
$response = $this->get($url);
if (!$response) {
return false;
}
$userinfo = new \stdClass();
try {
$userinfo = json_decode($response);
} catch (\Exception $e) {
$rawuserinfo = $this->get_raw_userinfo();
if ($rawuserinfo === false) {
return false;
}
return $this->map_userinfo_to_fields($userinfo);
if (!empty($rawuserinfo->locale) && is_object($rawuserinfo->locale)) {
if (!empty($rawuserinfo->locale->language) && !empty($rawuserinfo->locale->country)) {
$rawuserinfo->locale = "{$rawuserinfo->locale->language}-{$rawuserinfo->locale->country}";
} else {
unset($rawuserinfo->locale);
}
}
return $this->map_userinfo_to_fields($rawuserinfo);
}
}

76
lib/classes/oauth2/service/linkedin.php
View File

@ -16,21 +16,28 @@
namespace core\oauth2\service;
use core\oauth2\discovery\openidconnect;
use core\oauth2\issuer;
use core\oauth2\endpoint;
use core\oauth2\user_field_mapping;
/**
* Class linkedin.
*
* Custom oauth2 issuer for linkedin as it doesn't support OIDC and has a different way to get
* key information for users - firstname, lastname, email.
* OAuth 2 issuer for linkedin which is mostly OIDC compliant, with a few notable exceptions which require working around:
*
* 1. LinkedIn don't provide their OIDC discovery doc at {ISSUER}/.well-known/openid-configuration as the spec requires.
* i.e. https://www.linkedin.com/.well-known/openid-configuration isn't present.
* Instead, they make the configuration available at https://www.linkedin.com/oauth/.well-known/openid-configuration.
* See: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
*
* 2. LinkedIn don't return 'locale' as a string in the userinfo but instead return an object with 'language' and 'country' props.
* See: https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
* This is resolved in {@see \core\oauth2\client\linkedin::get_userinfo()}
*
* @copyright 2021 Peter Dias
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @package core
*/
class linkedin implements issuer_interface {
class linkedin extends openidconnect {
/**
* Build an OAuth2 issuer, with all the default values for this service.
*
@ -40,9 +47,9 @@ class linkedin implements issuer_interface {
$record = (object) [
'name' => 'LinkedIn',
'image' => 'https://static.licdn.com/scds/common/u/images/logos/favicons/v1/favicon.ico',
'baseurl' => 'https://api.linkedin.com/v2',
'loginscopes' => 'r_liteprofile r_emailaddress',
'loginscopesoffline' => 'r_liteprofile r_emailaddress',
'baseurl' => 'https://www.linkedin.com/oauth', // The /oauth is where .well-known/openid-configuration lives.
'loginscopes' => 'openid profile email',
'loginscopesoffline' => 'openid profile email',
'showonloginpage' => issuer::EVERYWHERE,
'servicetype' => 'linkedin',
];
@ -50,57 +57,4 @@ class linkedin implements issuer_interface {
$issuer = new issuer(0, $record);
return $issuer;
}
/**
* Create endpoints for this issuer.
*
* @param issuer $issuer Issuer the endpoints should be created for.
* @return issuer
*/
public static function create_endpoints(issuer $issuer): issuer {
$endpoints = [
'authorization_endpoint' => 'https://www.linkedin.com/oauth/v2/authorization',
'token_endpoint' => 'https://www.linkedin.com/oauth/v2/accessToken',
'email_endpoint' => 'https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))',
'userinfo_endpoint' => "https://api.linkedin.com/v2/me?projection=(localizedFirstName,localizedLastName,"
. "profilePicture(displayImage~digitalmediaAsset:playableStreams))",
];
foreach ($endpoints as $name => $url) {
$record = (object) [
'issuerid' => $issuer->get('id'),
'name' => $name,
'url' => $url
];
$endpoint = new endpoint(0, $record);
$endpoint->create();
}
// Create the field mappings.
$mapping = [
'localizedFirstName' => 'firstname',
'localizedLastName' => 'lastname',
'elements[0]-handle~-emailAddress' => 'email',
'profilePicture-displayImage~-elements[0]-identifiers[0]-identifier' => 'picture'
];
foreach ($mapping as $external => $internal) {
$record = (object) [
'issuerid' => $issuer->get('id'),
'externalfield' => $external,
'internalfield' => $internal
];
$userfieldmapping = new user_field_mapping(0, $record);
$userfieldmapping->create();
}
return $issuer;
}
/**
* Linkedin does not have a discovery url that could be found. Return empty.
* @param issuer $issuer
* @return int
*/
public static function discover_endpoints($issuer): int {
return 0;
}
}