« Birfffffday
Play XviD with audio in Quicktime Player »

Drop-in Yahoo Browser Based Authentication for Rails

Tonight I’m releasing my first plugin. This is the result of about half the work I did with my team at at . I wrote the guts, but generous amounts of Rails plugin goodness were provided by Scott Fleckenstein.

The Plugin:

It’s a drop-in addition to ActionController that allows you to define a consumer of Yahoo’s unified login scheme that was released last week, called Browser Based Authentication, or BBAuth. More info

It’s configurable so that you may define your own endpoint within the Rails app and a controller method is defined to allow you to easily retrieve the necessary credentials for authenticated API calls after the initial login. It’s up to you to handle the storage of the returned cookie and wssid.

Many of Yahoo’s APIs are currently open, and each of them is slightly different. I left this complexity out of the plugin to make it as simple to use and unobtrusive as possible. You can contact me at cameron at this domain if something is busted. I’d like this plugin to “just work” so if something is wrong, let me know.

You can see the plugin in action in a dummy application at http://hackday2006.rubyredlabs.com/

Instructions:

Unzip the archive and drop it in your vendor/plugins folder.

You’ll need to register your application with Yahoo here. Configuring the plugin is easy, after you have followed all the instructions on Yahoo’s developer website about authenticating your application’s domain. The only necessary configuration is to place the following in config/yahoo.yml:

application_id: YOUR_APPLICATION_ID
secret: YOUR_SECRET

Download: Yahoo BBAuth plugin

Sample Controller

class UsersController < ApplicationController
  authorizes_through_yahoo

  def index
  end

  verify :params => [:token, :sig, :appid, :ts], :only => :get_credentials, :redirect_to => :index
  def get_credentials
    @credentials = request_yahoo_credentials(params[:token])
  end

end

In this example, assuming the route ':controller/:action/:id' exists, the value to enter in “Web Application URL” when registering your app with Yahoo is http://your-domain.com/users/get_credentials

Update: Looks like the error messages weren’t being passed through to the exception. Code has been updated!

NEW:

    raise YahooAuthorizationException.new("Yahoo BBAuth error: %s %s" % 
      [ doc.elements['//Error/ErrorCode'].text.strip,
        doc.elements['//Error/ErrorDescription'].text.strip ]) unless doc.elements['//Success']

OLD:

    raise YahooAuthorizationException.new("Yahoo BBAuth error: :code :message" % 
      { :code => doc.elements['//Error/ErrorCode'].text.strip,
        :message => doc.elements['//Error/ErrorDescription'].text.strip }) unless doc.elements['//Success']

Technorati Tags:

This entry was posted on Monday, October 2nd, 2006 at 10:42 pm and is filed under Web/Technology. You can follow any responses to this entry through the Comments RSS feed. Comments are currently closed, but you can trackback from your own site.

9 Responses to “Drop-in Yahoo Browser Based Authentication for Rails”

  1. Dr Nic Says:
    October 3rd, 2006 at 3:21 am

    Nice work.

    Theoretically, I could allow users to log onto my apps using Yahoo creditials or Google creditials or they could create a new account with app-specific creditials. And perhaps one or more of the OpenId APIs that are coming out.

    Do you think web apps will evolve this way?

    Nic

    PS Can you email me your response too - I might forget to check back to the comments! :)

  2. cameron Says:
    October 3rd, 2006 at 10:12 am

    Thank you.

    I have a feeling this is where some web apps will go. It may take a while, but authentication schemes are probably the most annoying part of building applications that store anything more than casual user data.

    It’s great that these services are available now, and the more tools that make them easy to use, the more adoption I think we’ll see.

  3. Shane Vitarana Says:
    October 3rd, 2006 at 2:50 pm

    This is great! When I need to show someone an example of Single Sign-On, this is where I’m referring them. I may use this in my next app. Thanks.

  4. RubyFilter.com Says:
    October 5th, 2006 at 7:47 am

    Drop-in Yahoo Browser Based Authentication for Rails…

    Tonight Im releasing my first Rails plugin. This is the result of about half the work I did at Yahoo Hack Day 2006. I wrote the guts, but generous amounts of Rails plugin goodness were provided by Scott Fleckenstein.

    Its a drop-in addition to Acti…

  5. Justin Says:
    October 20th, 2006 at 9:05 am

    Awesome plugin! I got it working on our site www.menuism.com but every now and then I get an error in “requestyahoocredentials”. I’m not sure if Yahoo is sending faulty messages back or of there’s an issue with the code. I’ll keep digging into it, but I just thought I’d see if anyone else encountered something similar.

    A YahooAuthorizationException occurred in user#yahoo_signin:

    Yahoo BBAuth error: :code :message
    [RAILSROOT]/vendor/plugins/yahoobbauth/lib/yahoobbauth/utilitymethods.rb:44:in `requestyahoocredentials’
    ….

    [RAILSROOT]/vendor/plugins/yahoobbauth/lib/yahoobbauth/utilitymethods.rb:44:in request_yahoo_credentials'
    [RAILS_ROOT]/app/controllers/user_controller.rb:30:in    yahoosignin’
    [RAILS    ROOT]/vendor/rails/actionpack/lib/actioncontroller/base.rb:941:in perform_action_without_filters'
    [RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/filters.rb:368:in    perform    actionwithoutbenchmark’
    [RAILSROOT]/vendor/rails/actionpack/lib/actioncontroller/benchmarking.rb:69:in perform_action_without_rescue'
    /opt/csw/lib/ruby/1.8/benchmark.rb:293:in    measure’
    [RAILSROOT]/vendor/rails/actionpack/lib/actioncontroller/benchmarking.rb:69:in perform_action_without_rescue'
    [RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/rescue.rb:82:in    performaction’
    [RAILS    ROOT]/vendor/rails/actionpack/lib/actioncontroller/base.rb:408:in process_without_filters'
    [RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/filters.rb:377:in    process    withoutsessionmanagementsupport’
    [RAILS    ROOT]/vendor/rails/actionpack/lib/actioncontroller/sessionmanagement.rb:117:in process'
    [RAILS_ROOT]/vendor/rails/railties/lib/dispatcher.rb:38:in    dispatch’

  6. cameron Says:
    October 20th, 2006 at 12:31 pm

    First off, thanks for catching the fact that my error message was incorrect! I’ve fixed it and updated the blog post and the zip file.

    After that, I think we’ll have to wait until you get back a proper error message using the new version of the plugin to actually know what’s going on. I’m now properly passing through the error returned by Yahoo in case the requestyahoocredentials doesn’t return success. With the error code and message, you should be able to figure out what’s going on.

    I’ll take a guess though: The token you get back from Yahoo in the first step (after Yahoo login) is good for two weeks. If it’s been longer than that, you need to request a new token.

  7. Use the Yahoo! Sign In to join - it’s easy as pie « foodha for thought - menuism blog Says:
    October 30th, 2006 at 10:47 pm

    […] How did you do this? We used a cool new service that Yahoo made available called Yahoo BBAuth (Browser Based Authentication). We also leveraged a Ruby on Rails plugin that made the implementation rather smooth (Thanks Cameron!). […]

  8. links for 2006-11-06 « Caiwangqin’s delicious bog Says:
    November 6th, 2006 at 4:18 pm

    […] Chuddup and Read This » Archive! » Drop-in Yahoo Browser Based Authentication for Rails (tags: yahoo rubyonrails authentication plugin ruby BBAuth) […]

  9. Martian eyrie :: Yahoo! Developer Network - Ruby Developer Center :: February :: 2007 Says:
    February 11th, 2007 at 1:18 pm

    […] A Rails plug-in for bbauth […]