LinkedIn OAuth2 Plugin

official

(cpradio) #1

I’m happy to announce that I’ve updated/upgraded the LinkedIn OAuth plugin created by @Jessp01 to run on the latest version of Discourse and to utilize OAuth2.

You can find the new repo at GitHub - discourse/discourse-plugin-linkedin-auth: LinkedIn OAuth Login support for Discourse

With this release comes a few enhancements.

  • You can update the Client ID and Secret Key via the Admin > Settings area
  • It is now utilizing OAuth2.

Items still to come:

  • I haven’t found a way to let a setting disable the plugin, so although there is such a setting, it doesn’t do anything.

After installing the plugin, you will need to perform the following steps:

  1. Visit Authenticating with OAuth 2.0 | LinkedIn Developer Network and follow the directions for creating an application, or look up the details of your existing application.
  2. Update the plugin settings in the Admin > Settings area.
  3. Add the your website as an authorized redirect url using
    https://example.com/auth/linkedin/callback
    (replacing the https with http and example.com with your full qualified domain/subdomain)

Any issues should be reported either here or via a GitHub issue. I also welcome translation file PRs, or general enhancement PRs.


How to use Linkedin account to sign in to the Discourse?
Discord Oauth2 Plugin
SSO for some but not for everybody?
LinkedIn OAuth plugin
Discourse SSO + normal login
(Christian Sino) #2

You probably have thought of those updates that they could be useful for this extension but anyway:

  1. Get Linkedin photo
  2. Associate accounts (as other social logins)
  3. Have a Linkedin badge on your public profile that would link to your Linkedin account. (I guess this is more about the general development of Discourse)

(cpradio) #3

#2 is already done. So long as you use the same email address (just like with Facebook, Twitter, et al), it will associate it. #3, would require core changes, should that ever come about, that could likely be done (I don’t think that is doable with Twitter or Facebook at this moment either).


(Christian Sino) #4

Oh so for #2 if you create account with Linkedin (no other account) it shouldn’t show up something on Admin->Users->Login ?? Because for a “Yahoo login” user I see… :confused:


(cpradio) #5

I don’t understand your question. You can use any of the other services to login so long as they all utilize the same email address for your account on a Discourse instance. So if you use myemail@example.com for Facebook, LinkedIn, and Twitter, signing up or logging in with any of those social buttons would result you logged into the same account here on Meta.


(Christian Sino) #6

I do understand that! :slight_smile: The thing is that when you create a new account with a Yahoo profile, on Admin–>Users–>[the yahoo user]–>Login I can see some info (OpenID https://me.yahoo.com/… (email address) ). But if I create a different user with a Linkedin Account on the same field I see “No account associated”. Is that normal?
I guess I don’t seem to get the purpose of that field, since you already have the email field above, if not to show you the associations (and the links) with the social network profiles.

P.S. I’ve already read https://meta.discourse.org/t/associate-accounts/23179/6 and perhaps this post should have been more appropriate there… :confused:


(cpradio) #7

Not sure I see an end point that I can utilize to do this, but maybe there is.

Not sure what the best approach would be to implement it in the same way as Github, Google, Twitter, and Facebook.


(cpradio) #8

Not sure if this is the best approach, but I’ve submitted a PR to core to permit this to work for plugins and existing plugins won’t have to do anything special to implement it, it should work by default.

ping @def, this may interest you.


(EW 👌) #9

I did installed the plugin as described above but when I’m trying to sign-in with Linkedin I’m getting the follwing error:

invalid redirect_uri. This value must match a URL registered with the API Key.

The error URL:
https://www.linkedin.com/uas/oauth2/authorization?client_id=XXXXXXXXXXX&redirect_uri=http%3A%2F%2Fcommunity.EXAMPLE.com%2Fauth%2Flinkedin%2Fcallback&response_type=code&scope=r_basicprofile+r_emailaddress&state=4fb5544fa40XXXXXXXXXXXXXXe15cb9a7275cbc

I’ve noticed from the error URL that my domain started with http instead of https (and all my callback configurations at Linked-in client where as https!)

I did copied this URL (with changing to https of my domain) to a new browser tab and, the Linked-in authorization window showed up just fine.

Anybody had this problem? Anybody could help to fix it please?


(cpradio) #10

Do you have force HTTPS enabled on your Discourse instance? If not, I’d try that.


Configuring Patreon integration with Discourse
(EW 👌) #11

I just did forced HTTPS but now I’n not able to login as admin even!. How to reverse it?

Sign-in with LinkedIn still giving same error also!

Note:
I’m using Digital Ocean droplet and I do have Nginx installed in front of Discourse container to be able to handle the Offline page during rebuild as advised at:


(Felix Freiberger) #12

Why can’t you login? Can you reach your site at all? What error do you get?


(EW 👌) #13

There is no errors at all. I can reach the site but I can’t login with any user. It’s acting like it is processing the login but its reload without any user logged in!


(Felix Freiberger) #14

Try visiting /users/admin-login and logging in as an admin there.


(EW 👌) #15

Nothing changed.

I’m able to get the login window with my username and password like usual but when I click login its loading the page without doing anything. No errors too.

I think I should find a way to cancel this force HTTPS from console first. But I couldn’t find anything helpful yet.


(Felix Freiberger) #16

Very strange. /users/admin-login should look like this:

`

You can also change site settings from the console:


(EW 👌) #17

I couldn’t fix the problems whatever I’d tried so I did restored my previous snapshot of my droplet and everything back to normal. I’d lost some work but what to do :frowning: at least I’m able to login back :slight_smile:

It was a success to enable force_HTTPS without a problem this time. But its wasn’t helpful for my OAuth login problems. I didn’t try yet with Linked-in login but I’m having the same problem logging with Google+. The callback link still mentioning http instead of https. And again, its showing the expected authorization window when I modified the URL in different browser tab manually.

I’m looking at my app.yml

  ## TODO: The domain name this Discourse instance will respond to
  DISCOURSE_HOSTNAME: 'community.example.com'
  ## TODO: Uncomment if you want the container to be started with the same
  ##       hostname (-h option) as specified above (default "$hostname-$config")
  ## NOTE: 'true' is the only valid value here, any other will be ignored
  #DOCKER_USE_HOSTNAME: true

Do you think that if I make this change DISCOURSE_HOSTNAME: 'https://community.example.com' would be a solution?
Or enabling DOCKER_USE_HOSTNAME: true could be helpful?


(Jeff Atwood) #18

I remember having this same http vs. https problem when using the “offline nginx container” so I strongly recommend not doing that. I had to remap all my logins to http which is wrong.


Configuring Instagram login for Discourse
(EW 👌) #19

I think it would be better to edit the first topic!

For a while I’d confused, I thought that I’d installed the outdated plugin. Then when I visited the provided link above it directed me to the link that I’d installed from GitHub - discourse/discourse-plugin-linkedin-auth: LinkedIn OAuth Login support for Discourse


(Dion Beukes) #20

Hi, I tried to install the LinkedIn OAuth2 plugin on my forum/site, followed everthing on how to install the plugin, did not get any errors when I rebuilt the app, when I logged into my site as admin, the plugin is nowhere to be found. I checked my yaml file, and rebuilt the app a second time. no errors, logged in, still the plugin nowhere to be found. Any help would be appreciated.
Kind Regards
Dion