Sadiqur Rahman

Blogging Started with Wrapper Class for YahooBBAuth

Posted on: January 3, 2009

You already might know that the giant company YAHOO provides some API to facilitate the application development process. One of them is Yahoo BBAuth API. I am glad to inform you that I wrote a wrapper class on Yahoo Browser Based Authentication (BBAuth) to make it easy and convenient.

So…, what’s BBAuth? What’s the point for using this class?

Well, a BBAuth API will provide you a WSSID and a cookie which will be destroyed after one hour (idle time) automatically (no way L ). After a successful login you will be able to access the users:

  • read and write to your data in Yahoo! Mail
  • read and write to your data in twlife
  • read your data in Yahoo! Address Book
  • read and write to your data in boss
  • read and write to your data in music
  • read and write to your data in twk

How it works:

The image below will illustrate the life cycle.

Yahoo BBauth

Yahoo BBauth

Now lemme tell you the entire process:

  1. Register your application
  2. Log in your users
  3. Use the user’s credentials to make web service calls

Wrapper Class  class.YahooAuth.php

Download from phpClasses.org


<?php
/* Description: Class for Yahoo BBAuth API
 * @author: Sadiqur Rahman
 * @param: $AppID=Yahoo BB Authentication Application ID
 * @param: $secret=Yahoo BB Authentication Secret key
 * @param: $AppData=Your application data which is an optional parameter
 * @Links:  http://developer.yahoo.com/auth/
 * @Author-URI: http://sadiqbd.wordpress.com
 * @Author-EMail: sadiqbd@gmail.com
 * License: GPL
 * Version: 1.0.0
 */
//declaring the class
class YahooAuth {

    protected $AppID;
    protected $secret;
    public $AppData;

    function __construct($AppID=NULL,$secret=NULL,$AppData=NULL){

        if (isset($AppID) && (!empty($AppID))){
            $this->AppID = $AppID;
        }else{
            global $YahooAppID;
            $this->AppID = $YahooAppID;
        }

        if (isset($secret) && (!empty($secret))){
            $this->AppID = $secret;
        }else{
            global $YahooSecret;
            $this->secret = $YahooSecret;
        }

        if (isset($AppData) && (!empty($AppData))){
            $this->AppData = $AppData;
        }

        if (!headers_sent()) {
            session_start();
        }

    }

    //Signature generation for Yahoo BBAuth
    protected function signature($path,$data,$ts){
        return md5($path.$data."&ts=".$ts.$this->secret);
    }

    //Generating login URL
    function generate_url(){
        $ts=time();
        $path="/WSLogin/V1/wslogin";
        $data="?appid=".$this->AppID."&appdata=".$this->AppData;
        $sig=$this->signature($path,$data,$ts);

        $url = "https://api.login.yahoo.com/WSLogin/V1/wslogin"
        ."?appid=".$this->AppID."&appdata=".$this->AppData."&ts=".$ts."&sig=".$sig;
        return $url;
    }

    //Automatically redirecting Yahoo login page
    function login(){

        if (!headers_sent()) {
            header('Location: '.$this->generate_url());
            exit;
            // If Header already sent, redirect to Yahoo using Javascript.
        } else {
            echo "<script type=\"text/javascript\">
                  <!--
                  window.location = \"".$this->generate_url()."\"
                  //-->
                  </script>".
                  "
<div align='center'>If you are not redirected within 5 Seconds <a " .
                  "href=\"".$this->generate_url()."\">Click Here</a>";
            exit;
        }
    }

    //Getting and verifying data from cookie and WSSID given by yahoo
    //and storing data into session for future use
    function get_credentials($token) {
        $ts=time();
        $path="/WSLogin/V1/wspwtoken_login";
        $data="?appid=".$this->AppID."&token=".$token;
        $sig=$this->signature($path,$data,$ts);

        $url = "https://api.login.yahoo.com/WSLogin/V1/wspwtoken_login"
        ."?appid=".$this->AppID."&token=".$token."&ts=".$ts."&sig=".$sig;

        $ch = curl_init();
        curl_setopt( $ch, CURLOPT_URL, $url );
        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 );
        $store = curl_exec( $ch );
        $xml = curl_exec( $ch );

        if (  preg_match( "/(Y=.*)/", $xml, $match_array ) == 1 ) {
            $COOKIE = $match_array[1];
        }
        if (  preg_match( "/<WSSID>(.+)<\/WSSID>/", $xml, $match_array ) == 1 ) {
            $WSSID = $match_array[1];
        }
        if (  preg_match( "/<Timeout>(.+)<\/Timeout>/", $xml, $match_array ) == 1 ) {
            $timeout = $match_array[1];
        }

        $_SESSION['valid_user']=true;
        $_SESSION['COOKIE'] = $COOKIE;
        $_SESSION['WSSID'] = $WSSID;
        $rv = array();
        $rv["COOKIE"] = $COOKIE;
        $rv["WSSID"] = $WSSID;
        $rv["timeout"]   = $timeout;
        return $rv;
    }

    //some magic methods for your convenience
    function __get($name){
        return $this->$name;
    }

    function __set($name,$value){
        $this->$name=$value;
    }

    function __toString(){
        return(var_export($this,TRUE));
    }

    function __destruct(){
        unset($this);
    }
}
?>

Example Usage  index.php


<?php

//implementing lazy loading
function __autoload($class){
    include_once("class.".$class.".php");
}

$YahooAppID=".lND7LnIkY5jBHPMGmMhBBkWWpbJ6_gew9XLo.B5.d8-"; //your AppID will be here
$YahooSecret="555060ec4069cf7f67ddb84339f8701c"; //your Secret key goes here

$obj= new YahooAuth(); //Instantiating the class

if (isset($_GET['token']) && isset($_GET['appid'])){
    $obj->get_credentials($_GET['token']);
}elseif(isset($_GET['logout'])){
    unset($_SESSION['valid_user']);
}

if ($_SESSION['valid_user']){
    echo "Congratulation! You are logged in.<br \>";
    echo "<a href='".$_SERVER['PHP_SELF']."?logout'>LogOut</a><br \>";
    echo "
<pre>";
    print_r($_SESSION);
    echo "</pre>
";
}else{
    echo "You are not logged in.<br \>";
    echo "<a href='".$obj->generate_url()."'>Click Here to logIn</a>";
}
?>

Download from phpclasses.org

About these ads

4 Responses to "Blogging Started with Wrapper Class for YahooBBAuth"

Cool! Keep up……… this a good start with a dashing invention.. Welcome to blogging :)

First of all congratulation for such a great site. I learned a lot reading here today. I will make sure i visit this site more often so i can learn more.

[Use URL field to enter your URL]

يسلموووو ايديك يا غالي ..

واصل عملك وابداعك

تحيتي لك

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

My Qualification

My Classes on PHPClasses.org

Archives

January 2009
M T W T F S S
     
 1234
567891011
12131415161718
19202122232425
262728293031  

Flickr Photos

DSC00972

DSC00970

DSC00969

DSC00968

DSC00967

DSC00966

DSC00965

DSC00962

DSC00960

DSC00959

More Photos
Blog - Sadiqur Rahman

test

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: