From 6e54ac27459c45498df28402ac0df450d5f1117c Mon Sep 17 00:00:00 2001
From: Jeeva Kandasamy <jkandasa@gmail.com>
Date: Sat, 20 Nov 2021 03:06:33 +0530
Subject: [PATCH] Update LinkedIn provider validate URL (#1444)

* update LinkedIn validate URL

Signed-off-by: Jeeva Kandasamy <jkandasa@gmail.com>

* update changelog

Signed-off-by: Jeeva Kandasamy <jkandasa@gmail.com>

* update failed unit test

Signed-off-by: Jeeva Kandasamy <jkandasa@gmail.com>
---
 CHANGELOG.md               | 1 +
 providers/linkedin.go      | 9 ++++++++-
 providers/linkedin_test.go | 2 +-
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ba00ca1b..98d64d5b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@
 
 - [#1433](https://github.com/oauth2-proxy/oauth2-proxy/pull/1433) Let authentication fail when session validation fails (@stippi2)
 - [#1445](https://github.com/oauth2-proxy/oauth2-proxy/pull/1445) Fix docker container multi arch build issue by passing GOARCH details to make build (@jkandasa)
+- [#1444](https://github.com/oauth2-proxy/oauth2-proxy/pull/1444) Update LinkedIn provider validate URL (@jkandasa)
 
 # V7.2.0
 
diff --git a/providers/linkedin.go b/providers/linkedin.go
index 9e5135ab..cac80222 100644
--- a/providers/linkedin.go
+++ b/providers/linkedin.go
@@ -46,6 +46,13 @@ var (
 		Host:   "api.linkedin.com",
 		Path:   "/v2/emailAddress",
 	}
+
+	// Default Validate URL for LinkedIn.
+	linkedinDefaultValidateURL = &url.URL{
+		Scheme: "https",
+		Host:   "api.linkedin.com",
+		Path:   "/v2/me",
+	}
 )
 
 // NewLinkedInProvider initiates a new LinkedInProvider
@@ -55,7 +62,7 @@ func NewLinkedInProvider(p *ProviderData) *LinkedInProvider {
 		loginURL:    linkedinDefaultLoginURL,
 		redeemURL:   linkedinDefaultRedeemURL,
 		profileURL:  linkedinDefaultProfileURL,
-		validateURL: linkedinDefaultProfileURL,
+		validateURL: linkedinDefaultValidateURL,
 		scope:       linkedinDefaultScope,
 	})
 	return &LinkedInProvider{ProviderData: p}
diff --git a/providers/linkedin_test.go b/providers/linkedin_test.go
index 1d5bd90a..8f6f0d5f 100644
--- a/providers/linkedin_test.go
+++ b/providers/linkedin_test.go
@@ -54,7 +54,7 @@ func TestNewLinkedInProvider(t *testing.T) {
 	g.Expect(providerData.LoginURL.String()).To(Equal("https://www.linkedin.com/oauth/v2/authorization"))
 	g.Expect(providerData.RedeemURL.String()).To(Equal("https://www.linkedin.com/uas/oauth2/accessToken"))
 	g.Expect(providerData.ProfileURL.String()).To(Equal("https://api.linkedin.com/v2/emailAddress"))
-	g.Expect(providerData.ValidateURL.String()).To(Equal("https://api.linkedin.com/v2/emailAddress"))
+	g.Expect(providerData.ValidateURL.String()).To(Equal("https://api.linkedin.com/v2/me"))
 	g.Expect(providerData.Scope).To(Equal("r_emailaddress r_liteprofile"))
 }