Sadiqur Rahman

Blogging Started with Wrapper Class for YahooBBAuth

Posted on: January 3, 2009

You already might know that the giant company YAHOO provides some API to facilitate the application development process. One of them is Yahoo BBAuth API. I am glad to inform you that I wrote a wrapper class on Yahoo Browser Based Authentication (BBAuth) to make it easy and convenient.

So…, what’s BBAuth? What’s the point for using this class?

Well, a BBAuth API will provide you a WSSID and a cookie which will be destroyed after one hour (idle time) automatically (no way L ). After a successful login you will be able to access the users:

  • read and write to your data in Yahoo! Mail
  • read and write to your data in twlife
  • read your data in Yahoo! Address Book
  • read and write to your data in boss
  • read and write to your data in music
  • read and write to your data in twk

How it works:

The image below will illustrate the life cycle.

Yahoo BBauth

Yahoo BBauth

Now lemme tell you the entire process:

  1. Register your application
  2. Log in your users
  3. Use the user’s credentials to make web service calls

Wrapper Class  class.YahooAuth.php

Download from

/* Description: Class for Yahoo BBAuth API
 * @author: Sadiqur Rahman
 * @param: $AppID=Yahoo BB Authentication Application ID
 * @param: $secret=Yahoo BB Authentication Secret key
 * @param: $AppData=Your application data which is an optional parameter
 * @Links:
 * @Author-URI:
 * @Author-EMail:
 * License: GPL
 * Version: 1.0.0
//declaring the class
class YahooAuth {

    protected $AppID;
    protected $secret;
    public $AppData;

    function __construct($AppID=NULL,$secret=NULL,$AppData=NULL){

        if (isset($AppID) && (!empty($AppID))){
            $this->AppID = $AppID;
            global $YahooAppID;
            $this->AppID = $YahooAppID;

        if (isset($secret) && (!empty($secret))){
            $this->AppID = $secret;
            global $YahooSecret;
            $this->secret = $YahooSecret;

        if (isset($AppData) && (!empty($AppData))){
            $this->AppData = $AppData;

        if (!headers_sent()) {


    //Signature generation for Yahoo BBAuth
    protected function signature($path,$data,$ts){
        return md5($path.$data."&ts=".$ts.$this->secret);

    //Generating login URL
    function generate_url(){

        $url = ""
        return $url;

    //Automatically redirecting Yahoo login page
    function login(){

        if (!headers_sent()) {
            header('Location: '.$this->generate_url());
            // If Header already sent, redirect to Yahoo using Javascript.
        } else {
            echo "<script type=\"text/javascript\">
                  window.location = \"".$this->generate_url()."\"
<div align='center'>If you are not redirected within 5 Seconds <a " .
                  "href=\"".$this->generate_url()."\">Click Here</a>";

    //Getting and verifying data from cookie and WSSID given by yahoo
    //and storing data into session for future use
    function get_credentials($token) {

        $url = ""

        $ch = curl_init();
        curl_setopt( $ch, CURLOPT_URL, $url );
        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 );
        $store = curl_exec( $ch );
        $xml = curl_exec( $ch );

        if (  preg_match( "/(Y=.*)/", $xml, $match_array ) == 1 ) {
            $COOKIE = $match_array[1];
        if (  preg_match( "/<WSSID>(.+)<\/WSSID>/", $xml, $match_array ) == 1 ) {
            $WSSID = $match_array[1];
        if (  preg_match( "/<Timeout>(.+)<\/Timeout>/", $xml, $match_array ) == 1 ) {
            $timeout = $match_array[1];

        $_SESSION['COOKIE'] = $COOKIE;
        $_SESSION['WSSID'] = $WSSID;
        $rv = array();
        $rv["COOKIE"] = $COOKIE;
        $rv["WSSID"] = $WSSID;
        $rv["timeout"]   = $timeout;
        return $rv;

    //some magic methods for your convenience
    function __get($name){
        return $this->$name;

    function __set($name,$value){

    function __toString(){

    function __destruct(){

Example Usage  index.php


//implementing lazy loading
function __autoload($class){

$YahooAppID=".lND7LnIkY5jBHPMGmMhBBkWWpbJ6_gew9XLo.B5.d8-"; //your AppID will be here
$YahooSecret="555060ec4069cf7f67ddb84339f8701c"; //your Secret key goes here

$obj= new YahooAuth(); //Instantiating the class

if (isset($_GET&#91;'token'&#93;) && isset($_GET&#91;'appid'&#93;)){

if ($_SESSION['valid_user']){
    echo "Congratulation! You are logged in.<br \>";
    echo "<a href='".$_SERVER&#91;'PHP_SELF'&#93;."?logout'>LogOut</a><br \>";
    echo "
    echo "</pre>
    echo "You are not logged in.<br \>";
    echo "<a href='".$obj->generate_url()."'>Click Here to logIn</a>";

Download from


4 Responses to "Blogging Started with Wrapper Class for YahooBBAuth"

Cool! Keep up……… this a good start with a dashing invention.. Welcome to blogging 🙂

First of all congratulation for such a great site. I learned a lot reading here today. I will make sure i visit this site more often so i can learn more.

[Use URL field to enter your URL]

يسلموووو ايديك يا غالي ..

واصل عملك وابداعك

تحيتي لك

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

My Qualification

My Classes on


January 2009

Flickr Photos

Blog - Sadiqur Rahman


%d bloggers like this: