Mammoth UI Cleanup. LinkedIn certifier. Identity URLs.

Author: nick

issuer-services/_linkedin.js

@@ -0,0 +1,109 @@
+// https://developer.linkedin.com/docs/oauth2
+
+var OAuth = require('oauth').OAuth2
+var HTML = require('./html')
+var superagent = require('superagent')
+
+const ClaimType = 9 // Has LinkedIn
+
+module.exports = function facebook(app, { web3, linkedInApp, baseUrl }) {
+  const redirect_uri = `${baseUrl}/linkedin-auth-response`
+
+  var linkedInOAuth = new OAuth(
+    linkedInApp.client_id,
+    linkedInApp.secret,
+    'https://www.linkedin.com',
+    '/oauth/v2/authorization',
+    '/oauth/v2/accessToken',
+    null
+  )
+
+  app.get('/linkedin-auth', (req, res) => {
+    if (!req.query.target) {
+      res.send('No target identity contract provided')
+      return
+    }
+    if (!req.query.issuer) {
+      res.send('No issuer identity contract provided')
+      return
+    }
+
+    req.session.targetIdentity = req.query.target
+    req.session.issuer = req.query.issuer
+    req.session.state = web3.utils.randomHex(8)
+
+    var authURL = linkedInOAuth.getAuthorizeUrl({
+      redirect_uri,
+      scope: ['r_basicprofile', 'r_emailaddress'],
+      state: req.session.state,
+      response_type: 'code'
+    })
+
+    res.redirect(authURL)
+  })
+
+  app.get(
+    '/linkedin-auth-response',
+    (req, res, next) => {
+      linkedInOAuth.getOAuthAccessToken(
+        req.query.code,
+        {
+          redirect_uri,
+          grant_type: 'authorization_code'
+        },
+        function(e, access_token, refresh_token, results) {
+          if (e) {
+            next(e)
+          } else if (results.error) {
+            next(results.error)
+          } else {
+            req.access_token = access_token
+            next()
+          }
+        }
+      )
+    },
+    (req, res, next) => {
+      superagent
+        .get('https://api.linkedin.com/v1/people/~')
+        .set('Authorization', `Bearer ${req.access_token}`)
+        .query({ format: 'json' })
+        .then(response => {
+          req.linkedInUser = response.body
+          next()
+        })
+    },
+    async (req, res) => {
+      // var data = JSON.stringify({ user_id: req.githubUser.id })
+      var rawData = 'Verified OK'
+      var hashedData = web3.utils.soliditySha3(rawData)
+      var hashed = web3.utils.soliditySha3(
+        req.session.targetIdentity,
+        ClaimType,
+        hashedData
+      )
+      req.signedData = await web3.eth.accounts.sign(
+        hashed,
+        linkedInApp.claimSignerKey
+      )
+
+      res.send(
+        HTML(`
+        <div class="mb-2">Successfully signed claim:</div>
+        <div class="mb-2"><b>Issuer:</b> ${req.session.issuer}</div>
+        <div class="mb-2"><b>Target:</b> ${req.session.targetIdentity}</div>
+        <div class="mb-2"><b>Data:</b> ${rawData}</div>
+        <div class="mb-2"><b>Signature:</b> ${req.signedData.signature}</div>
+        <div class="mb-2"><b>Hash:</b> ${req.signedData.messageHash}</div>
+        <div><button class="btn btn-primary" onclick="window.done()">OK</button></div>
+        <script>
+          window.done = function() {
+            window.opener.postMessage('signed-data:${
+              req.signedData.signature
+            }:${req.signedData.messageHash}:${ClaimType}', '*')
+          }
+        </script>`)
+      )
+    }
+  )
+}

issuer-services/app.js

@@ -7,6 +7,7 @@ var facebook = require('./_facebook')
 var twitter = require('./_twitter')
 var github = require('./_github')
 var google = require('./_google')
+var linkedin = require('./_linkedin')
 
 try {
   var Config = require('./config.json')
@@ -16,7 +17,6 @@ try {
 }
 
 Config.web3 = new Web3(Config.provider)
-Config.baseUrl = 'http://localhost:3001'
 
 const app = express()
 app.use(
@@ -36,6 +36,7 @@ facebook(app, Config)
 twitter(app, Config)
 github(app, Config)
 google(app, Config)
+linkedin(app, Config)
 
 const PORT = process.env.PORT || 3001
 app.listen(PORT, () => {

issuer-services/config.json.eg

@@ -12,7 +12,7 @@
     "claimSignerKey": "0x0000000000000000000000000000000000000000000000000000000000000000"
   },
   "githubApp": {
-    "key": "00000000000000000000",
+    "client_id": "00000000000000000000",
     "secret": "0000000000000000000000000000000000000000",
     "claimSignerKey": "0x0000000000000000000000000000000000000000000000000000000000000000"
   },
@@ -21,6 +21,11 @@
     "secret": "000000000000000000000000",
     "claimSignerKey": "0x0000000000000000000000000000000000000000000000000000000000000000"
   },
+  "linkedInApp": {
+    "client_id": "00000000000000",
+    "secret": "0000000000000000",
+    "claimSignerKey": "0x0000000000000000000000000000000000000000000000000000000000000000"
+  },
   "simpleApp": {
     "claimSignerKey": "0x0000000000000000000000000000000000000000000000000000000000000000"
   }

issuer-services/index.js

@@ -6,6 +6,7 @@ var google = require('./_google')
 var github = require('./_github')
 var simple = require('./_simple')
 var twitter = require('./_twitter')
+var linkedin = require('./_linkedin')
 
 module.exports = function (app) {
   Config.web3 = new Web3()
@@ -14,4 +15,5 @@ module.exports = function (app) {
   github(app, Config)
   simple(app, Config)
   twitter(app, Config)
+  linkedin(app, Config)
 }

issuer-services/standalone.js

@@ -12,6 +12,7 @@ var facebook = require('./_facebook')
 var google = require('./_google')
 var github = require('./_github')
 var twitter = require('./_twitter')
+var linkedin = require('./_linkedin')
 
 var Web3 = require('./public/vendor/web3.min')
 
@@ -37,6 +38,7 @@ facebook(app, Config)
 google(app, Config)
 github(app, Config)
 twitter(app, Config)
+linkedin(app, Config)
 
 const PORT = process.env.PORT || 3001
 app.listen(PORT, () => {