Add support for refresh token for linkedin provider

sinujohn91 · sinujohn91 · commit 41da9bdedbdd · 2025-05-15T10:17:04.000+05:30
diff --git a/providers/linkedin/linkedin.go b/providers/linkedin/linkedin.go
@@ -2,6 +2,7 @@
 package linkedin
 
 import (
+	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -82,9 +83,10 @@ func (p *Provider) BeginAuth(state string) (goth.Session, error) {
 func (p *Provider) FetchUser(session goth.Session) (goth.User, error) {
 	s := session.(*Session)
 	user := goth.User{
-		AccessToken: s.AccessToken,
-		Provider:    p.Name(),
-		ExpiresAt:   s.ExpiresAt,
+		AccessToken:  s.AccessToken,
+		Provider:     p.Name(),
+		ExpiresAt:    s.ExpiresAt,
+		RefreshToken: s.RefreshToken,
 	}
 
 	if user.AccessToken == "" {
@@ -267,12 +269,18 @@ func newConfig(provider *Provider, scopes []string) *oauth2.Config {
 	return c
 }
 
-// RefreshToken refresh token is not provided by linkedin
-func (p *Provider) RefreshToken(refreshToken string) (*oauth2.Token, error) {
-	return nil, errors.New("Refresh token is not provided by linkedin")
+// RefreshTokenAvailable tells whether a refresh token is provided by the auth provider or not
+func (p *Provider) RefreshTokenAvailable() bool {
+	return true
 }
 
-// RefreshTokenAvailable refresh token is not provided by linkedin
-func (p *Provider) RefreshTokenAvailable() bool {
-	return false
+// RefreshToken gets a new access token using the refresh token
+func (p *Provider) RefreshToken(refreshToken string) (*oauth2.Token, error) {
+	token := &oauth2.Token{RefreshToken: refreshToken}
+	ts := p.config.TokenSource(context.Background(), token)
+	newToken, err := ts.Token()
+	if err != nil {
+		return nil, err
+	}
+	return newToken, err
 }
diff --git a/providers/linkedin/linkedin_test.go b/providers/linkedin/linkedin_test.go
@@ -47,11 +47,12 @@ func Test_SessionFromJSON(t *testing.T) {
 
 	provider := linkedinProvider()
 
-	s, err := provider.UnmarshalSession(`{"AuthURL":"http://linkedin.com/auth_url","AccessToken":"1234567890"}`)
+	s, err := provider.UnmarshalSession(`{"AuthURL":"http://linkedin.com/auth_url","AccessToken":"1234567890","RefreshToken":"987654321"}`)
 	a.NoError(err)
 	session := s.(*linkedin.Session)
 	a.Equal(session.AuthURL, "http://linkedin.com/auth_url")
 	a.Equal(session.AccessToken, "1234567890")
+	a.Equal(session.RefreshToken, "987654321")
 }
 
 func linkedinProvider() *linkedin.Provider {
diff --git a/providers/linkedin/session.go b/providers/linkedin/session.go
@@ -10,9 +10,10 @@ import (
 
 // Session stores data during the auth process with LinkedIn.
 type Session struct {
-	AuthURL     string
-	AccessToken string
-	ExpiresAt   time.Time
+	AuthURL      string
+	AccessToken  string
+	ExpiresAt    time.Time
+	RefreshToken string
 }
 
 // GetAuthURL will return the URL set by calling the `BeginAuth` function on the LinkedIn provider.
@@ -37,6 +38,7 @@ func (s *Session) Authorize(provider goth.Provider, params goth.Params) (string,
 
 	s.AccessToken = token.AccessToken
 	s.ExpiresAt = token.Expiry
+	s.RefreshToken = token.RefreshToken
 	return token.AccessToken, err
 }
 
diff --git a/providers/linkedin/session_test.go b/providers/linkedin/session_test.go
@@ -1,13 +1,37 @@
 package linkedin_test
 
 import (
+	"errors"
+	"io"
+	"net/http"
+	"strings"
 	"testing"
+	"time"
 
 	"github.com/markbates/goth"
 	"github.com/markbates/goth/providers/linkedin"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/mock"
+	"github.com/stretchr/testify/require"
 )
 
+type MockParams struct {
+	params map[string]string
+}
+
+func (m *MockParams) Get(key string) string {
+	return m.params[key]
+}
+
+type MockedHTTPClient struct {
+	mock.Mock
+}
+
+func (m *MockedHTTPClient) RoundTrip(req *http.Request) (*http.Response, error) {
+	args := m.Mock.Called(req)
+	return args.Get(0).(*http.Response), args.Error(1)
+}
+
 func Test_Implements_Session(t *testing.T) {
 	t.Parallel()
 	a := assert.New(t)
@@ -46,3 +70,73 @@ func Test_String(t *testing.T) {
 
 	a.Equal(s.String(), s.Marshal())
 }
+
+func Test_Authorize(t *testing.T) {
+	session := &linkedin.Session{}
+	params := &MockParams{
+		params: map[string]string{
+			"code": "authorization_code",
+		},
+	}
+
+	t.Run("happy path", func(t *testing.T) {
+		mockClient := new(MockedHTTPClient)
+		p := linkedinProvider()
+		p.HTTPClient = &http.Client{Transport: mockClient}
+		mockClient.On("RoundTrip", mock.Anything).Return(&http.Response{
+			StatusCode: http.StatusOK,
+			Body:       io.NopCloser(strings.NewReader(`{"access_token":"test_token","expires_in":3600, "refresh_token":"refresh_token"}`)),
+		}, nil)
+		token, err := session.Authorize(p, params)
+		require.NoError(t, err)
+		assert.Equal(t, "test_token", token)
+		assert.Equal(t, session.AccessToken, "test_token")
+		assert.WithinDuration(t, session.ExpiresAt, time.Now().Add(3600*time.Second), 1*time.Second)
+		assert.Equal(t, session.RefreshToken, "refresh_token")
+	})
+
+	t.Run("error on request", func(t *testing.T) {
+		mockClient := new(MockedHTTPClient)
+		p := linkedinProvider()
+		p.HTTPClient = &http.Client{Transport: mockClient}
+		mockClient.On("RoundTrip", mock.Anything).Return(&http.Response{}, errors.New("request error"))
+		_, err := session.Authorize(p, params)
+		require.Error(t, err)
+	})
+
+	t.Run("non-200 status code", func(t *testing.T) {
+		mockClient := new(MockedHTTPClient)
+		p := linkedinProvider()
+		p.HTTPClient = &http.Client{Transport: mockClient}
+		mockClient.On("RoundTrip", mock.Anything).Return(&http.Response{
+			StatusCode: http.StatusForbidden,
+			Body:       io.NopCloser(strings.NewReader(``)),
+		}, nil)
+		_, err := session.Authorize(p, params)
+		require.Error(t, err)
+	})
+
+	t.Run("error on response decode", func(t *testing.T) {
+		mockClient := new(MockedHTTPClient)
+		p := linkedinProvider()
+		p.HTTPClient = &http.Client{Transport: mockClient}
+		mockClient.On("RoundTrip", mock.Anything).Return(&http.Response{
+			StatusCode: http.StatusOK,
+			Body:       io.NopCloser(strings.NewReader(`not a json`)),
+		}, nil)
+		_, err := session.Authorize(p, params)
+		require.Error(t, err)
+	})
+
+	t.Run("error code in response", func(t *testing.T) {
+		mockClient := new(MockedHTTPClient)
+		p := linkedinProvider()
+		p.HTTPClient = &http.Client{Transport: mockClient}
+		mockClient.On("RoundTrip", mock.Anything).Return(&http.Response{
+			StatusCode: http.StatusOK,
+			Body:       io.NopCloser(strings.NewReader(`{"code":1,"msg":"error message"}`)),
+		}, nil)
+		_, err := session.Authorize(p, params)
+		require.Error(t, err)
+	})
+}
