Social Directory

Want to integrate the social API in my website

Hi.....

I want to use the yahoo social API. My requirement is i have the yahoo user name and depending on the yahoo username i wanted to fetch his/her basic personal information (gender, Age, date of joining, About me.) And messenger/buddy list.

But without showing the yahoo login window. I tried to use the yahoo Social API but everytime it ask me to login into the account and if i am on the site first time then i have to allow to access these information then only we can get the details. But i want these information without any yahoo login or any access grant.

In our website we are creating yahoo members profile so let say i am the member of the site and any member comes to my profile page it should see my friend list and my basic information from yahoo.

Can any one suggest me which API should i use? or is it possible?

Thanks in advance.

Yogesh D
Jan 22, 2009

3 Replies

- Erik
- Jan 23, 2009
Hi Yogesh,

Requests to the Social APIs are secured using OAuth. The Yahoo! login window is an essential part of the OAuth authorization flow given Yahoo! is the data provider, so there is no way around it. To ensure the security of a user's credentials and data, the user must authorize data access and must do so through the Yahoo! login page.

From the user's perspective, OAuth means he/she will only ever enter his/her username and password on Yahoo!. This tremendously decreases the chances of being phished or scammed in some way. From the developer's perspective, OAuth is a good thing because it means that you will never have to worry about securing the user's identity; Yahoo! handles it for you.

This example from the OAuth docs provides a good illustration of the issue in question: http://www.hueniverse.com/hueniverse/2007/...ners-gui-1.html

The Yahoo! OAuth docs discuss the auth flow in a way specific to Yahoo!.

Please post back if you have any other questions.

Erik

QUOTE (Yogesh D @ Jan 22 2009, 09:54 PM) <{POST_SNAPBACK}>
Hi.....

I want to use the yahoo social API. My requirement is i have the yahoo user name and depending on the yahoo username i wanted to fetch his/her basic personal information (gender, Age, date of joining, About me.) And messenger/buddy list.

But without showing the yahoo login window. I tried to use the yahoo Social API but everytime it ask me to login into the account and if i am on the site first time then i have to allow to access these information then only we can get the details. But i want these information without any yahoo login or any access grant.

In our website we are creating yahoo members profile so let say i am the member of the site and any member comes to my profile page it should see my friend list and my basic information from yahoo.

Can any one suggest me which API should i use? or is it possible?

Thanks in advance.

Report Abuse

0
- Yogesh D
- Jan 25, 2009
Hello Erik,

Thanks for the reply. According to your post it will always redirect to the login page of yahoo.

I have integrated the Yahoo Social SDK. if you execute the page it always redirect you to the yahoo login window. After logged in i got "oauth_token" in the browser URL.

Can i use this oauth_token n number of times. So let say user have to logged in only once into the yahoo then whenever the user comes next time we will have the last "oauth_token" code with us and will directly get the members information.

Is it possible?

Or

what you can suggest me.

Regards,
Yogesh

QUOTE (Erik @ Jan 23 2009, 08:40 AM) <{POST_SNAPBACK}>
Hi Yogesh,

Requests to the Social APIs are secured using OAuth. The Yahoo! login window is an essential part of the OAuth authorization flow given Yahoo! is the data provider, so there is no way around it. To ensure the security of a user's credentials and data, the user must authorize data access and must do so through the Yahoo! login page.

From the user's perspective, OAuth means he/she will only ever enter his/her username and password on Yahoo!. This tremendously decreases the chances of being phished or scammed in some way. From the developer's perspective, OAuth is a good thing because it means that you will never have to worry about securing the user's identity; Yahoo! handles it for you.

This example from the OAuth docs provides a good illustration of the issue in question: http://www.hueniverse.com/hueniverse/2007/...ners-gui-1.html

The Yahoo! OAuth docs discuss the auth flow in a way specific to Yahoo!.

Please post back if you have any other questions.

Erik

Report Abuse

0
- Erik
- Jan 30, 2009
Hi Yogesh,

To make several requests without prompting the user for each one, you would store, use, and refresh the access token, of which the oauth_token field is a part.

The Yahoo! OAuth documentation discussing the auth flow defines the fields in both the request and access tokens, how to get and use them, and how the auth flow works in general.

The PHP SDK handles all this for you, but if you want a deeper understanding, on line 463 of the Yahoo.inc file, you can see the YahooSession class requesting the access token using the fetchAccessToken() method and storing the token as JSON in a cookie. If you wanted to, you could modify or re-purpose the code to store the token in a database or local file.

I hope this helps. Please post back if you have any questions.

Erik

QUOTE (Yogesh D @ Jan 25 2009, 09:01 PM) <{POST_SNAPBACK}>
Hello Erik,

Thanks for the reply. According to your post it will always redirect to the login page of yahoo.

I have integrated the Yahoo Social SDK. if you execute the page it always redirect you to the yahoo login window. After logged in i got "oauth_token" in the browser URL.

Can i use this oauth_token n number of times. So let say user have to logged in only once into the yahoo then whenever the user comes next time we will have the last "oauth_token" code with us and will directly get the members information.

Is it possible?

Or

what you can suggest me.

Regards,
Yogesh

Report Abuse

0

Ask a Question

Yahoo! Developer Network

Social Directory

Want to integrate the social API in my website

Recent Posts