Search code examples
authenticationoauthuwpwin-universal-appyahoo-api

Yahoo OAuth returning error using WebAuthenticationBroker

I was trying to login using yahoo from my UWP app.

StartUri is https://api.login.yahoo.com/oauth2/request_auth?response_type=code&scope=openid&client_id=dj0yJmk9TDNtd2MxeGNMT1pUJmQ9WVdrOVQwVlNVbFpQTkdjbWNHbzlNQS0tJnM9Y29uc3VtZXJzZWNyZXQmeD05Mw&redirect_uri=http://localhost:8080

EndUri is http://localhost:8080/

 WebAuthenticationResult WebAuthenticationResult = await WebAuthenticationBroker.AuthenticateAsync(
                                            WebAuthenticationOptions.None,
                                            StartUri,
                                            EndUri);

It is properly showing the sign in but after sign in it shows error page enter image description here

if we press close it will direct me to yahoo home page instead of asking user consent. anyone having idea why this happen?

Solution

  • There are two problems in your authorization URL.

    Firstly, the client_id in your URL is not right. Usually, client_id is end up with --, using the client_id in Authorization Code Flow for Server-side App for example, it is

    dj0yJmk9ak5IZ2x5WmNsaHp6JmQ9WVdrOVNqQkJUMnRYTjJrbWNHbzlNQS0tJnM9Y29uc3VtZXJzZWNyZXQmeD1hYQ--

    So I think your client_id in wrong.

    The second problem is your redirect_uri, the redirect_uri should match the Callback Domain you've set in your app.enter image description here

    Please specify the domain to which your application will be returning after successfully authenticating. Yahoo OAuth flow will redirect users to a URL only on this domain (or its sub-domain) after they authorize access to their private data.

    So redirect_uri need to be a domain and http://localhost:8080 don't meet this requirement. In my test I just used localhost.com for example:

    public async Task<string> AuthorizeWithYahoo()
{
    var clientId = "<My client id>";

    var StartUri = new Uri($"https://api.login.yahoo.com/oauth2/request_auth?client_id={clientId}&response_type=code&redirect_uri=http://localhost.com");
    var EndUri = new Uri("http://localhost.com");

    WebAuthenticationResult WebAuthenticationResult = await WebAuthenticationBroker.AuthenticateAsync(WebAuthenticationOptions.None,
StartUri, EndUri);
    if (WebAuthenticationResult.ResponseStatus == WebAuthenticationStatus.Success)
    {
        var responseData = WebAuthenticationResult.ResponseData;

        return responseData;
    }
    else if (WebAuthenticationResult.ResponseStatus == WebAuthenticationStatus.ErrorHttp)
    {
        return $"HTTP Error returned by AuthenticateAsync() : {WebAuthenticationResult.ResponseErrorDetail.ToString()}";
    }
    else
    {
        return $"Error returned by AuthenticateAsync() : {WebAuthenticationResult.ResponseStatus.ToString()}";
    }
}

    And after sign in, you will see something like: enter image description here