From 63cec006bc28d119424be26aefb4ac61c992e56d Mon Sep 17 00:00:00 2001
From: AMAICDAX <amaury.maizy.external@airbus.com>
Date: Wed, 3 Sep 2025 12:52:12 +0200
Subject: [PATCH] Modif user profile

---
 controllers/linkedin.js | 47 +++++++++++++++++++++++++++++++++++++----
 1 file changed, 43 insertions(+), 4 deletions(-)

diff --git a/controllers/linkedin.js b/controllers/linkedin.js
index 1e10fff..a757d27 100644
--- a/controllers/linkedin.js
+++ b/controllers/linkedin.js
@@ -56,14 +56,53 @@ const handleCallback = async (req, res) => {
 
 const getUserProfile = async (req, res) => {
   try {
-    const profileResponse = await axios.get("https://api.linkedin.com/v2/me", {
+    const token = req.session?.user?.accessToken;
+    if (!token) {
+      return res.status(401).json({ error: "Aucun accessToken en session." });
+    }
+
+    const url =
+      "https://api.linkedin.com/v2/me" +
+      "?projection=(id,localizedFirstName,localizedLastName,profilePicture(displayImage~:playableStreams))";
+
+    const { data } = await axios.get(url, {
       headers: {
-        Authorization: `Bearer ${req.session.user.accessToken}`,
+        Authorization: `Bearer ${token}`,
+        "X-Restli-Protocol-Version": "2.0.0", // souvent requis par les endpoints v2
+        Accept: "application/json",
       },
     });
-    res.json(profileResponse.data);
+
+    return res.json(data);
   } catch (error) {
-    res.status(500).send("Error retrieving user profile.");
+    const status = error.response?.status ?? 500;
+    const payload = error.response?.data ?? { message: error.message };
+
+    // Log côté serveur pour diagnostiquer vite
+    console.error("LinkedIn API error:", status, payload);
+
+    if (status === 401) {
+      return res.status(401).json({
+        error: "Token invalide ou expiré.",
+        hint: "Renouvelle le token OAuth (nouvelle auth) et réessaie.",
+      });
+    }
+    if (status === 403) {
+      return res.status(403).json({
+        error: "Permissions insuffisantes.",
+        hint: "Ajoute le scope 'r_liteprofile' (et 'r_emailaddress' si besoin) et assure que ton app y est autorisée.",
+      });
+    }
+    if (status === 429) {
+      return res.status(429).json({
+        error: "Trop de requêtes (rate limit).",
+        hint: "Ajoute du retry/backoff.",
+      });
+    }
+    return res.status(500).json({
+      error: "Erreur lors de la récupération du profil.",
+      details: payload,
+    });
   }
 };