Adds API v2 support, adds profile pic for v2, and adds specs.

[mdesjardins]

The current Omniauth strategy works great, but the step to gather raw_info relies on the old v1 API. LinkedIn recently upgraded us to the v2 API, and when they did so they disabled the v1 API, so authentication stopped working. This change allows you to specify the api_version as an option (with v1 still the default) so it will work with both.

Keeping a single default list of fields for both v1 and v2 is tricky because they have different names, and I didn't want to add another option for fields that was version-specific, so instead the code converts the v1 field names to v2 names. Unfortunately some of the data (email and location) is much more difficult to get w/ the v2 API, requiring multiple API calls, so I left those two fields out for v2.

[gnapse]

This would be great to have!

Any news about it? Any help needed to move it forward?

[maximedelpit]

+1

Yesterday I had invalid_credentials anytime a user wanted to sign_in with Linkedin. The error message was.

{
  "errorCode": 0,
  "message": "Malformed path segment {:(id,email-address,first-name,last-name,headline,location,industry,positions,picture-url}",
  "requestId": xxxxx,
  "status": 400,
  "timestamp": 1527108387012
}

As @mdesjardins mentioned, it seems that raw_info was broken.

By the way even more surprising, today this error has disappeared and I can login with Linkedin.
Does anybody know if and when Linkedin plans to drop V1 support ?

I was trying @mdesjardins solution but for the moment I get {"serviceErrorCode":100,"message":"Not enough permissions to access: GET /me","status":403}
Should I change anything on my Linkedin app settings ? When I check my app usage & limits it says API Version: v1

[maximedelpit]

Not sure this is the best place to, but I looked on SO and could not find really clear answer.

Something is still obscure to me. When does Linkedin decides to update you to V2 ?
Does this comes from being accepted as a Partner?

Why does the doc still refers to v1 for Oauth2 ? Is this endpoint permanent for non-partner to be able to use features such as LinkedinConnect or will it be deprecated?

Thanks

[mdesjardins]

My company was updated to v2 a few weeks ago, I believe it's because we did get approved for some sort of "partner status." I don't know if/when they are planning on releasing the v2 API to everybody. The documentation to it is here, don't know if everyone can see it yet? https://developer.linkedin.com/docs/guide/v2

[gnapse]

@j4rs and @leosoto may have some info about that issue, because we too had our linked in login broken yesterday. We were planning to contribute the fix to this repo. But we also thought about the better solution, which would be to support linkedin's api v2.

[j4rs]

Yup, as @gnapse said, we ran with the same Malformed path segment issue Yesterday and the problem was with this line https://github.com/decioferreira/omniauth-linkedin-oauth2/blob/master/lib/omniauth/strategies/linkedin.rb#L70 probably after some changes at LinkedIn API that if got back to work today it means they rolled back.

Our solution was to get rid of the secure_image_url option in our setup that anyway was doing nothing as LinkedIn is sending the pictureUrl attr as https - or at least it was Yesterday :) -. I sent PR #42 regarding this.

Personally I haven't heard anything about LinkedIn deprecating or abandoning support (if any 😄) for V1 of its API, however it makes sense anyway to add the capability of choosing the version.

[wheeyls]

Looks like LinkedIn is going to officially deprecate the V1 endpoint on Dec 1 of this year. Any movement on this PR?

[jamesstaub]

With linkedin confirming the deprecation of V1 APIs in March of the coming year, is there any likelihood that this PR will get moved along?

[pjg]

To be honest, I don't think making compatibility attempts with v1 make much sense given how the deprecation time is approaching. Best to just remove v1 cruft and bump major version of this gem, I think.