Configuration
In order to be able to use the linkedin authentication provider, you have to add the configuration to your newly added plugins. To do so here are the steps
1
Configure your linkedin developer console
2
Go to your medusa-config.js
3
Check that the variables are set with the appropriate values
const BACKEND_URL = process.env.BACKEND_URL || "localhost:9000"
const ADMIN_URL = process.env.ADMIN_URL || "localhost:7000"
const STORE_URL = process.env.STORE_URL || "localhost:8000"
const LinkedinClientId = process.env.LINKEDIN_CLIENT_ID || ""
const LinkedinClientSecret = process.env.LINKEDIN_CLIENT_SECRET || ""Then in your plugins collections, if you did not already inserted the plugin, add the following otherwise, you can
just add the linkedin options to your auth plugin options
{
resolve: "medusa-plugin-auth",
// strict: "all", // or "none" or "store" or "admin"
options: {
linkedin: {
clientID: LinkedinClientId,
clientSecret: LinkedinClientSecret,
admin: {
callbackUrl:`${BACKEND_URL}/admin/auth/linkedin/cb`,
failureRedirect: `${ADMIN_URL}/login`,
// The success redirect can be overriden from the client by adding a query param `?redirectTo=your_url` to the auth url
// This query param will have the priority over this configuration
successRedirect: `${ADMIN_URL}/`,
// authPath: '/admin/auth/linkedin',
// authCallbackPath: '/admin/auth/linkedin/cb',
// expiresIn: 24 * 60 * 60 * 1000,
// verifyCallback: (container, req, accessToken, refreshToken, profile) => {
// // implement your custom verify callback here if you need it
// }
},
store: {
callbackUrl:`${BACKEND_URL}/store/auth/linkedin/cb`,
failureRedirect: `${STORE_URL}/login`,
// The success redirect can be overriden from the client by adding a query param `?redirectTo=your_url` to the auth url
// This query param will have the priority over this configuration
successRedirect: `${STORE_URL}/`,
// authPath: '/store/auth/linkedin',
// authCallbackPath: '/store/auth/linkedin/cb',
// expiresIn: 24 * 60 * 60 * 1000,
// verifyCallback: (container, req, accessToken, refreshToken, profile) => {
// // implement your custom verify callback here if you need it
// }
}
}
}
}The options that are commented are optional and the value that you see are the default values
4
Update your client to add the authentication action
<a href="${medusa_url}/${authPath}" type="button" class="text-white bg-[#2663eb] hover:bg-[#2663eb]/90 focus:ring-4 focus:outline-none focus:ring-[#2663eb]/50 font-medium rounded-lg text-sm px-5 py-2.5 text-center inline-flex items-center dark:focus:ring-[#2663eb]/55 mr-2 mb-2">
<svg class="mr-2 -ml-1 w-4 h-4" aria-hidden="true" focusable="false" data-prefix="fab" data-icon="linkedin" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 256 256"><path fill="currentColor" d="M218.123122,218.127392 L180.191928,218.127392 L180.191928,158.724263 C180.191928,144.559023 179.939053,126.323993 160.463756,126.323993 C140.707926,126.323993 137.685284,141.757585 137.685284,157.692986 L137.685284,218.123441 L99.7540894,218.123441 L99.7540894,95.9665207 L136.168036,95.9665207 L136.168036,112.660562 L136.677736,112.660562 C144.102746,99.9650027 157.908637,92.3824528 172.605689,92.9280076 C211.050535,92.9280076 218.138927,118.216023 218.138927,151.114151 L218.123122,218.127392 Z M56.9550587,79.2685282 C44.7981969,79.2707099 34.9413443,69.4171797 34.9391618,57.260052 C34.93698,45.1029244 44.7902948,35.2458562 56.9471566,35.2436736 C69.1040185,35.2414916 78.9608713,45.0950217 78.963054,57.2521493 C78.9641017,63.090208 76.6459976,68.6895714 72.5186979,72.8184433 C68.3913982,76.9473153 62.7929898,79.26748 56.9550587,79.2685282 M75.9206558,218.127392 L37.94995,218.127392 L37.94995,95.9665207 L75.9206558,95.9665207 L75.9206558,218.127392 Z M237.033403,0.0182577091 L18.8895249,0.0182577091 C8.57959469,-0.0980923971 0.124827038,8.16056231 -0.001,18.4706066 L-0.001,237.524091 C0.120519052,247.839103 8.57460631,256.105934 18.8895249,255.9977 L237.033403,255.9977 C247.368728,256.125818 255.855922,247.859464 255.999,237.524091 L255.999,18.4548016 C255.851624,8.12438979 247.363742,-0.133792868 237.033403,0.000790807055"></path></svg>
Sign in with Linkedin
</a>medusa_urlcorrespond to your backend server url (e.ghttp://localhost:9000)authPathcorrespond toauthPathconfiguration in your plugin (e.gadmin/auth/linkedin)
Default behaviour
The default verifyCallback flow looks as follow (unless the strict option is changed to none or store or admin depending on the targeted domain)
- for the
admin- if the user trying to authenticate exists
- then we are looking in the metadata to find if the strategy identifier is present in
authProvider.- If it is not, the user authentication gets rejected.
- In the case it is present, then the user authentication gets authorized.
- then we are looking in the metadata to find if the strategy identifier is present in
- if the user trying to authenticate does not exist, an unauthorized error will be returned
- if the user trying to authenticate exists
- for the
store- if the customer trying to authenticate exists
- then we are looking in the metadata to find if the strategy identifier is present in
authProvider.- If none are found, then the customer gets authenticated and can proceed and the metadata gets updated.
- In the case another external authentication method have been used in the past, then an unauthorized will be returned.
- then we are looking in the metadata to find if the strategy identifier is present in
- if the customer trying to authenticate does not exist, a new customer will be created and the authentication flow follow the previous point
- if the customer trying to authenticate exists