How to make a Linkedin Rest API request the Node way (without the JS SDK)?

Question

I'm using Node (v0.12.4) + Express (v4.0.0) + PassportJS(v0.1.17) to authenticate users with LinkedIn (OAuth2).

I'm following the steps from this tutorial: https://developer.linkedin.com/docs/oauth2

I was able to authenticate the user and save his information along with the Auth Token provided by LinkedIn to my database.

My question: how do I make requests to the API using the token? I'm stuck in step 4 of the given tutorial.

For example, how would I make the call below (taken from the tutorial above)?

sample call

GET /v1/people/~ HTTP/1.1
Host: api.linkedin.com
Connection: Keep-Alive
Authorization: Bearer AQXdSP_W41_UPs5ioT_t8HESyODB4FqbkJ8LrV_5mff4gPODzOYR

Seems easy, but as a node beginner, I've been struggling with it for too long.

==================

EDIT: Following Ted Avery's advice, I tried the request module and ended up with something like this:

// LinkedIn API route
app.get('/linkedin/people', function(req,res){
    request.get('http://api.linkedin.com/v1/people/~', {
        'host': 'api.linkedin.com',
        'connection': 'Keep-Alive'
        'auth': {
            'bearer': req.user.linkedin.token
        }
    }, function(error,apiRes,body){
        res.send(apiRes);
    });
});

And I get the following response (apiRes):

{
"statusCode":401

"body":"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n<error>\n  <status>401</status>\n  <timestamp>1437750879622</timestamp>\n  <request-id>AKM2GX6BFE</request-id>\n  <error-code>0</error-code>\n  <message>ssl required</message>\n</error>\n",

"headers":{
    "server":"Apache-Coyote/1.1",
    "x-li-request-id":"AKM2GX6BFE",
    "date":"Fri, 24 Jul 2015 15:14:38 GMT",
    "vary":"*",
    "x-li-format":"xml",
    "content-type":"text/xml;charset=UTF-8",
    "content-length":"236",
    "x-li-fabric":"prod-ltx1",
    "x-li-pop":"prod-ltx1",
    "x-li-uuid":"zoW/s87q8xNQnsleUCsAAA==",
    "set-cookie":["lidc=\"b=TB60:g=105:u=27:i=1437750879:t=1437833236:s=AQFNZrhu0_0QIvH-rUkU4ElJ8Ytm_dKV\"; Expires=Sat, 25 Jul 2015 14:07:16 GMT; domain=.linkedin.com; Path=/"]
    },

"request":{
    "uri":{
        "protocol":"http:",
        "slashes":true,
        "auth":null,
        "host":"api.linkedin.com",
        "port":80,
        "hostname":"api.linkedin.com",
        "hash":null,
        "search":null,
        "query":null,
        "pathname":"/v1/people/~",
        "path":"/v1/people/~",
        "href":"http://api.linkedin.com/v1/people/~"
        },
    "method":"GET",
    "headers":{
        "authorization":"Bearer AQVYLfCs5lpbUlFdGeKXdR3z-3IiuO2N-PdJ7wgEtD_2doyxcy--mUxCN-GCJm-CaRXa-j7OF646enu_V5cp8jbiuMPesqKjWLcDdMmy8PSbEXS6Mw2iVznVF0Mk0iSAm419XlB7uMFwX0iAC71a_kjk_hZmvc90PmT471MLButnQmo3ww0"
        }
    }
}

I know that the linkedin-passport auth process is ok because I'm getting the user name, email and token in my DB. The problem is that with this token I always get a 401 unauthorized for some reason. Any thoughts on that?

Answer 1

I know you have asked this question a long time ago, but I have an answer and it might help others.

Replace the 'auth' with 'Authorization'

// LinkedIn API route
app.get('/linkedin/people', function(req,res){
    request.get('http://api.linkedin.com/v1/people/~', {
        'host': 'api.linkedin.com',
        'connection': 'Keep-Alive'
        'Authorization': { // <------- Replace this
            'bearer': req.user.linkedin.token
        }
    }, function(error,apiRes,body){
        res.send(apiRes);
    });
});

Also read this: https://developer.linkedin.com/docs/oauth2#hero-par_longformtext_3_longform-text-content-par_resourceparagraph_3

You need to add state=ThisIsRandomBlaBlaDCEeFWf45A53sdfKef424 as a param

when you do the GET request to https://www.linkedin.com/oauth/v2/authorization

Answer 2

The passport library you're using to access LinkedIn may still be requesting more default scope member permissions that it is now allowed to (as per the LinkedIn api changes that occurred back in Feb). I'd recommend that you ensure that the scope you are requesting when you setup the passport call is limited to just the basic r_basicprofile member permission to start with and go from there.

IIRC, it used to ask for r_fullprofile by default, which is no longer available to the general public, which would result in an error when attempting to authenticate under the new set of publicly available permissions.

Answer 3

Anything REST in Node is hugely simplified with the request library, so I'd recommend that. There are some examples of what you want in the docs. Sorry, I know a code sample would be best, but it's been awhile since I've worked on a project with this lib.