Blogging Started with Wrapper Class for YahooBBAuth
Posted by: Sadiqur Rahman on: January 3, 2009
You already might know that the giant company YAHOO provides some API to facilitate the application development process. One of them is Yahoo BBAuth API. I am glad to inform you that I wrote a wrapper class on Yahoo Browser Based Authentication (BBAuth) to make it easy and convenient.
So…, what’s BBAuth? What’s the point for using this class?
Well, a BBAuth API will provide you a WSSID and a cookie which will be destroyed after one hour (idle time) automatically (no way L ). After a successful login you will be able to access the users:
- read and write to your data in Yahoo! Mail
- read and write to your data in twlife
- read your data in Yahoo! Address Book
- read and write to your data in boss
- read and write to your data in music
- read and write to your data in twk
How it works:
The image below will illustrate the life cycle.
Yahoo BBauth
Now lemme tell you the entire process:
- Register your application
- Log in your users
- Use the user’s credentials to make web service calls
Wrapper Class class.YahooAuth.php
<?php
/* Description: Class for Yahoo BBAuth API
* @author: Sadiqur Rahman
* @param: $AppID=Yahoo BB Authentication Application ID
* @param: $secret=Yahoo BB Authentication Secret key
* @param: $AppData=Your application data which is an optional parameter
* @Links: http://developer.yahoo.com/auth/
* @Author-URI: http://sadiqbd.wordpress.com
* @Author-EMail: sadiqbd@gmail.com
* License: GPL
* Version: 1.0.0
*/
//declaring the class
class YahooAuth {
protected $AppID;
protected $secret;
public $AppData;
function __construct($AppID=NULL,$secret=NULL,$AppData=NULL){
if (isset($AppID) && (!empty($AppID))){
$this->AppID = $AppID;
}else{
global $YahooAppID;
$this->AppID = $YahooAppID;
}
if (isset($secret) && (!empty($secret))){
$this->AppID = $secret;
}else{
global $YahooSecret;
$this->secret = $YahooSecret;
}
if (isset($AppData) && (!empty($AppData))){
$this->AppData = $AppData;
}
if (!headers_sent()) {
session_start();
}
}
//Signature generation for Yahoo BBAuth
protected function signature($path,$data,$ts){
return md5($path.$data."&ts=".$ts.$this->secret);
}
//Generating login URL
function generate_url(){
$ts=time();
$path="/WSLogin/V1/wslogin";
$data="?appid=".$this->AppID."&appdata=".$this->AppData;
$sig=$this->signature($path,$data,$ts);
$url = "https://api.login.yahoo.com/WSLogin/V1/wslogin"
."?appid=".$this->AppID."&appdata=".$this->AppData."&ts=".$ts."&sig=".$sig;
return $url;
}
//Automatically redirecting Yahoo login page
function login(){
if (!headers_sent()) {
header('Location: '.$this->generate_url());
exit;
// If Header already sent, redirect to Yahoo using Javascript.
} else {
echo "<script type=\"text/javascript\">
<!--
window.location = \"".$this->generate_url()."\"
//-->
</script>".
"
<div align='center'>If you are not redirected within 5 Seconds <a " .
"href=\"".$this->generate_url()."\">Click Here</a>";
exit;
}
}
//Getting and verifying data from cookie and WSSID given by yahoo
//and storing data into session for future use
function get_credentials($token) {
$ts=time();
$path="/WSLogin/V1/wspwtoken_login";
$data="?appid=".$this->AppID."&token=".$token;
$sig=$this->signature($path,$data,$ts);
$url = "https://api.login.yahoo.com/WSLogin/V1/wspwtoken_login"
."?appid=".$this->AppID."&token=".$token."&ts=".$ts."&sig=".$sig;
$ch = curl_init();
curl_setopt( $ch, CURLOPT_URL, $url );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 );
$store = curl_exec( $ch );
$xml = curl_exec( $ch );
if ( preg_match( "/(Y=.*)/", $xml, $match_array ) == 1 ) {
$COOKIE = $match_array[1];
}
if ( preg_match( "/<WSSID>(.+)<\/WSSID>/", $xml, $match_array ) == 1 ) {
$WSSID = $match_array[1];
}
if ( preg_match( "/<Timeout>(.+)<\/Timeout>/", $xml, $match_array ) == 1 ) {
$timeout = $match_array[1];
}
$_SESSION['valid_user']=true;
$_SESSION['COOKIE'] = $COOKIE;
$_SESSION['WSSID'] = $WSSID;
$rv = array();
$rv["COOKIE"] = $COOKIE;
$rv["WSSID"] = $WSSID;
$rv["timeout"] = $timeout;
return $rv;
}
//some magic methods for your convenience
function __get($name){
return $this->$name;
}
function __set($name,$value){
$this->$name=$value;
}
function __toString(){
return(var_export($this,TRUE));
}
function __destruct(){
unset($this);
}
}
?>
Example Usage index.php
<?php
//implementing lazy loading
function __autoload($class){
include_once("class.".$class.".php");
}
$YahooAppID=".lND7LnIkY5jBHPMGmMhBBkWWpbJ6_gew9XLo.B5.d8-"; //your AppID will be here
$YahooSecret="555060ec4069cf7f67ddb84339f8701c"; //your Secret key goes here
$obj= new YahooAuth(); //Instantiating the class
if (isset($_GET['token']) && isset($_GET['appid'])){
$obj->get_credentials($_GET['token']);
}elseif(isset($_GET['logout'])){
unset($_SESSION['valid_user']);
}
if ($_SESSION['valid_user']){
echo "Congratulation! You are logged in.<br \>";
echo "<a href='".$_SERVER['PHP_SELF']."?logout'>LogOut</a><br \>";
echo "
<pre>";
print_r($_SESSION);
echo "</pre>
";
}else{
echo "You are not logged in.<br \>";
echo "<a href='".$obj->generate_url()."'>Click Here to logIn</a>";
}
?>
Advertisement
4 Responses to "Blogging Started with Wrapper Class for YahooBBAuth"
January 11, 2009 at 7:46 pm
First of all congratulation for such a great site. I learned a lot reading here today. I will make sure i visit this site more often so i can learn more.
[Use URL field to enter your URL]
January 3, 2009 at 3:45 pm
Cool! Keep up……… this a good start with a dashing invention.. Welcome to blogging