0

No luck getting Yahoo to redirect to my Callback Url

Hello,

I believe I am using 3-legged authentication yet at the end of the process, Yahoo is not redirecting to my callback url.

After I agree to allow sharing of yahoo info with my application, it goes to a page that displays a code for me to use with my application. Instead, I would like it to append that code onto a callback url that I have specified.

Below is an example call to Yahoo to start the allowing sharing process:
https://api.login.yahoo.com/oauth/v2/reques...rumb=yS8FMNsUdp.

As you can see, I am setting an Oauth_Callback query string with my own value. I am not using "oob" as is a common problem in other threads. Additionally, my project is registered under "http://mydomain.com" and I am not sure if a difference there would cause an issue. Does anyone have any ideas as to what might be happening? I am using ASP.NET MVC and have spent several hours working on this specific issue. Also, I have verified that my url is publicly accessible.

by
4 Replies
  • QUOTE (Stu @ Aug 10 2010, 07:15 AM) <{POST_SNAPBACK}>
    Hello,

    I believe I am using 3-legged authentication yet at the end of the process, Yahoo is not redirecting to my callback url.

    After I agree to allow sharing of yahoo info with my application, it goes to a page that displays a code for me to use with my application. Instead, I would like it to append that code onto a callback url that I have specified.

    Below is an example call to Yahoo to start the allowing sharing process:
    https://api.login.yahoo.com/oauth/v2/reques...rumb=yS8FMNsUdp.

    As you can see, I am setting an Oauth_Callback query string with my own value. I am not using "oob" as is a common problem in other threads. Additionally, my project is registered under "http://mydomain.com" and I am not sure if a difference there would cause an issue. Does anyone have any ideas as to what might be happening? I am using ASP.NET MVC and have spent several hours working on this specific issue. Also, I have verified that my url is publicly accessible.

    Can you try to set up another Fantasy application in YDN, except this time specifying that you're making a Client/Desktop application instead of a Web-based application? Swap in that application key/secret in your application and see if works any better. Alternately, are you able to expose your callback URL over the standard port 80 instead of port 5263? I'm thinking that two things are possible:

    • Our OAuth servers validate against the domain for web-based applications, and having the different port for your callback is a sufficient difference that our OAuth servers think something funny is going on and choose to show the OOB view instead.
    • Alternately, we just don't like to redirect to non-standard webserver ports.


    So, yeah, see if either of those two suggestions help -- let me know how it goes!
    0
  • QUOTE (Sean Montgomery @ Aug 11 2010, 12:25 PM) <{POST_SNAPBACK}>
    Can you try to set up another Fantasy application in YDN, except this time specifying that you're making a Client/Desktop application instead of a Web-based application? Swap in that application key/secret in your application and see if works any better. Alternately, are you able to expose your callback URL over the standard port 80 instead of port 5263? I'm thinking that two things are possible:

    • Our OAuth servers validate against the domain for web-based applications, and having the different port for your callback is a sufficient difference that our OAuth servers think something funny is going on and choose to show the OOB view instead.
    • Alternately, we just don't like to redirect to non-standard webserver ports.


    So, yeah, see if either of those two suggestions help -- let me know how it goes!


    I have tried both these suggestions and I am still not getting redirected to my web server. I have created a Client/Desktop application and used the key/secret for it when authenticating. I have also exposed my callback URL to be the standard port 80 and not port 5263. I used my old Fantasy application with this setup as well as the new Client/Desktop application and neither work. My call back url is very simple: http://mydomain.com/Account/Oauth and http://mydomain.com is what is registered under my Fantasy application.

    Please help. I have spent many hours working on this issue that should be trivial.
    0
  • QUOTE (Stu @ Aug 18 2010, 02:24 PM) <{POST_SNAPBACK}>
    I have tried both these suggestions and I am still not getting redirected to my web server. I have created a Client/Desktop application and used the key/secret for it when authenticating. I have also exposed my callback URL to be the standard port 80 and not port 5263. I used my old Fantasy application with this setup as well as the new Client/Desktop application and neither work. My call back url is very simple: http://mydomain.com/Account/Oauth and http://mydomain.com is what is registered under my Fantasy application.

    Please help. I have spent many hours working on this issue that should be trivial.

    Oh. Are you possibly getting the URLs from the 2nd and 3rd steps of the OAuth flow mixed up? It looks like you're sending your callback URL to https://api.login.yahoo.com/oauth/v2/request_auth , which is where the user should get sent to after you get your request token. I believe you should be sending all of the callback and other information to https://api.login.yahoo.com/oauth/v2/get_request_token instead, right?

    Request token: http://developer.yahoo.com/oauth/guide/oau...questtoken.html
    User Auth (based on URL that's passed back as part of request token, as "xoauth_request_auth_url"): http://developer.yahoo.com/oauth/guide/oauth-userauth.html

    Let me know if that clears things up. EDIT: Basically, you should be providing your callback URL when you ask for your request token, and you should never have to construct the User Auth URL on your own, because it should come back with the request token.
    0
  • Thanks. I believe this was essentially my problem. I was not specifying the callbackUrl early enough in the process.

    I am using the DevDefined.OAuth library so much of this was abstracted away. It turns out I was not specifying my callBackUrl when I created a new OAuthSession.

    Thanks again.
    0

Recent Posts

in Fantasy Sports API