ColdFusion and OAuth Part 2 - LinkedIn

Earlier this week I discussed how to integrate ColdFusion and Facebook using OAuth2. I mentioned that this was part of a set of examples I had done involving Facebook, LinkedIn, and Google. In today’s entry, I’m going to discuss the LinkedIn API. Luckily, or I should say, obviously, since this is also an OAuth2 protocol, the code is almost the exact same. I literally took the Facebook demo, copied it over, and used that as a starting point. Like Facebook, LinkedIn has a developer portal (developer.linkedin.com) that includes documentation as well as a place to register applications. This may be a point of confusion for some. You may be thinking, “I’m not building an app, I just want to hook up with LinkedIn”, but in general, both Facebook and LinkedIn treat these “applications” as a way to define your connection from your site to its own data.

Finding the place to add application is a bit weird. Once at the developer portal and logged in, notice you can click a down arrow next to your name in the upper right corner:

Click it, and then select API Keys.

On the next page click “Add New Application”. The form here is somewhat intimidating. LinkedIn really could do a better job here, especially with using some defaults since I shouldn’t have to re-enter the same data every time. I’d just bother with the required fields. Once set up, you’ll want to make note of your OAuth keys. All you care about is the API Key and Secret Key:

Now we can switch to the code. As before, the process is as follows: Present a link. User goes to LinkedIn. User is sent back with secret tokens of goodness. We get another token. Then we have the power to make API calls. (As a reminder, both this and the previous demo were written for ColdFusion 8. Hence the tag-based components.)

First, the Application.cfc - almost an exact mirror of the Facebook code.

Next, the index.cfm code. Again, I’m presenting a link I assume my user will click. This is based on checking for a session variable that will be defined once the user finishes the OAuth process.

As before, our links contains part of our access data, a list of permissions, as well as a URL stating where the user is sent back to. Probably the only interesting thing here is scope. That reflects the permissions and will change the prompt the user sees. You will want to modify this based on your needs.

Once the link is clicked, the user will see something like this:

Now let’s look at redir.cfm. Again, this is virtually identical to the Facebook code, excepting that their result for the access token is nicely formatted in JSON as opposed to being a string you have to parse manually.

If everything works out, the user is sent back to the index.cfm page. If you remember, I called a LinkedIn component that is initialized with my access token. I built three methods for this CFC: one to get user data, one to get friends, and one to send messages. To be clear, their API supports more, but this is all my buddy wanted so that’s all I built. Here’s the component.

Enjoy. Let me know if you have any questions. Tomorrow I’ll write up the third entry in the series. That entry will discuss how to authenticate users with Google.

Raymond Camden's Picture

About Raymond Camden

Raymond is a developer advocate looking for his next gig. He focuses on JavaScript, serverless and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support.

Lafayette, LA https://www.raymondcamden.com

Comments