I put together a BBAuth sample to test the userhash / SSO feature and you can download the source code for it. The application uses a database connection to store the userhash and the data that the user submitted. If you want to use it for more than just a sample I recommend adding error handling.
To make the sample work you need to get your own appid:
- Go to https://developer.yahoo.com/wsregapp/
- Fill in your info – The Web Application URL is where Yahoo! redirects the user after he signs in successfully. This should be PATHTOTHEFILES/success.php
- Pick the scope that is called something like “Yahoo Authentication, no user data access” (SSO)
- Follow the steps in the flow until you get your appid / secret
- Enter both in the bbauth.inc file where it says appid and secret.
- At this point the redirect to Yahoo and redirect back to the server should work, but the success.php will fail because of the missing database.
- Set up a database – feed sso.sql to your db
- Enter the database info in success.php where it says “Edit your info here:”
- Now it should run like a Prius in the carpool lane.