I've been researching this for over a day now and I'm running out of things to try. I'm building a desktop application that will use private Yahoo APIs. I want the user to be able to login with their Yahoo account *or* Google/Facebook accounts.
At this point, I can get a couple of things to work. I'm able to use the normal oAuth flow with the call to: https://api.login.yahoo.com/oauth/v2/get_request_token?...
And, able to get an xoauth_request_auth_url for the login page. This page does not have the additional provider buttons (Google, Facebook).
1. Navigate your user to http://mlogin.yahoo.com. This page presents the user will all 3 authentication methods (Yahoo, Google, and Facebook). 2. When the user authenticates, regardless of which method/provider, they will be redirected back to the same Yahoo landing page. You need to capture this redirect in your code, and automatically redirect the user from the Yahoo landing page to the xoauth_request_auth_url returned by making the initial request for a request token (see Yahoo's OAuth Flow). 3. When you redirect the user to xoauth_request_auth_url, they will be presented with the authorization page (and not the authentication page) since they are already authenticated. The main issue was that if you just redirected them straight to xoauth_request_auth_url without doing #1 and #2, then the authentication page that you got only had Yahoo as a provider (no Google or Facebook links). 4. The rest of what you need to do is described by the OAuth Flow.