0

Json and javascript?

Is it possible using Javascript to perform Oauth using json for all the steps in the oauth authorization flow?
http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html

4 Replies
  • 3-legged OAuth with JS is, in my experience, difficult, if not impossible, with the current Y! auth server configuration. To authenticate using JS from your server, you will need to make a cross-domain call. To do this, you will need to use an unorthodox request method. A dynamic script tag is the only feasible one I have found to date (the Yahoo! auth servers do not currently have an open crossdomain.xml file required for a flash proxy, and we don't have access to the servers for something like iframe proxy code). Unfortunately, we also do not define a callback parameter for the auth url, so the string containing the authentication parameters returned from the request call for the request token will not be wrapped in a function and instead it will be evaluated as invalid JS :(http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html
    0
  • QUOTE (Erik @ Dec 8 2008, 09:04 AM) <{POST_SNAPBACK}>
    3-legged OAuth with JS is, in my experience, difficult, if not impossible, with the current Y! auth server configuration. To authenticate using JS from your server, you will need to make a cross-domain call. To do this, you will need to use an unorthodox request method. A dynamic script tag is the only feasible one I have found to date (the Yahoo! auth servers do not currently have an open crossdomain.xml file required for a flash proxy, and we don't have access to the servers for something like iframe proxy code). Unfortunately, we also do not define a callback parameter for the auth url, so the string containing the authentication parameters returned from the request call for the request token will not be wrapped in a function and instead it will be evaluated as invalid JS :(One time the error even said unknown SSL error but that was only once so I took it as a fluke
    0
  • error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

    can someone fix this problem???
    0
  • now i know how to fix the SSL problem...

    //Curl related functions
    $ch = curl_init();
    curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 );
    curl_setopt( $ch, CURLOPT_URL, $url );
    curl_setopt( $ch, CURLOPT_VERBOSE , 1 );
    $resp = curl_exec( $ch );
    curl_close($ch);
    parse_str($resp,$tokens);
    $oauth_token = $tokens['oauth_token'];
    $oauth_token_secret = $tokens['oauth_token_secret'];

    this will give the certificate :

    * About to connect() to api.login.yahoo.com port 443 (#0)
    * Trying 124.108.120.246... * connected
    * Connected to api.login.yahoo.com (124.108.120.246) port 443 (#0)
    * SSL connection using AES256-SHA
    * Server certificate:
    * subject: C=US, ST=California, L=Santa Clara, O=Yahoo! Inc., OU=Yahoo, C
    N=*.login.yahoo.com
    * start date: 2009-08-06 16:15:22 GMT
    * expire date: 2014-09-07 01:34:02 GMT
    * common name: *.login.yahoo.com (matched)
    * issuer: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
    * SSL certificate verify result: unable to get local issuer certificate (
    20), continuing anyway.
    0
  • Recent Posts

    in Social Directory API