#!/usr/bin/env python """ Get LinkedIn OAuth1 access tokens without having to open a web browser. Notes ----- Based upon https://developer.linkedin.com/documents/getting-oauth-token-python Assumes that the application API key, secret key, user name, and password are stored in an a configuration file formatted as follows: [Secrets] API_KEY = WWWWWWWW SECRET_KEY = XXXXXXXX NAME = YYYYYYYY PASSWORD = ZZZZZZZZ """ import re import ConfigParser as cp import oauth2 import urlparse import lxml.html import mechanize # Read secrets: cfg_file = 'linkedin_config' config = cp.ConfigParser() config.read(cfg_file) if not config.has_section('Secrets'): raise RuntimeError('no secrets specified') secrets = {} for s in config.items('Secrets'): secrets[s[0]] = s[1] # Set up headless browser: br = mechanize.Browser() br.set_cookiejar(mechanize.CookieJar()) br.set_handle_redirect(True) br.set_handle_robots(False) # Get request token: consumer = oauth2.Consumer(secrets['api_key'], secrets['secret_key']) client = oauth2.Client(consumer) request_token_url = 'https://api.linkedin.com/uas/oauth/requestToken' response, content = client.request(request_token_url, 'POST') if response['status'] != '200': raise Exception('Invalid response') request_token = dict(urlparse.parse_qsl(content)) print 'request token: ', request_token['oauth_token'] print 'request token secret: ', request_token['oauth_token_secret'] # Use token to redirect to user login: authorize_url = 'https://api.linkedin.com/uas/oauth/authorize' redirect_url = '%s?oauth_token=%s' % (authorize_url, request_token['oauth_token']) # Login with mechanize: br.open(redirect_url) br.select_form(nr=0) br.form['session_key'] = secrets['username'] br.form['session_password'] = secrets['password'] br.submit() html = br.response().read() tree = lxml.html.fromstring(html) oauth_verifier = tree.xpath('.//div[@class="access-code"]')[0].text_content() # Use PIN to obtain access token: token = oauth2.Token(request_token['oauth_token'], request_token['oauth_token_secret']) token.set_verifier(oauth_verifier) access_token_url = 'https://api.linkedin.com/uas/oauth/accessToken' client = oauth2.Client(consumer, token) response, content = client.request(access_token_url, 'POST') access_token = dict(urlparse.parse_qsl(content)) print 'access token: ', access_token['oauth_token'] print 'access token secret: ', access_token['oauth_token_secret']