1. 定义三种参数:
{api-gateway-host}
{unified_domain}
统一域名,即开放平台前台页面的域名
如:
湖北网教通:http://new.hbeducloud.com
获取方式:
{sdp-app-id}
查看位置:开放平台-开发文档-接口调用,如图:
2.审核通过后,便可以开始接入。有两种授权流程:
- 授权码接入
1) 拼接授权码页面
http://{unified_domain}/openplatform/connect?sdp-app-id={sdp-app-id}&response_type={response_type}&access_key_id={access_key_id}&redirect_uri={redirect_uri}&scope={scope}&state={state}&type={type}
| 参数名 | 是否必须 | 类型 | 说明 |
|---|---|---|---|
| sdp-app-id | 是 | string | 开放平台租户标识(获取方式如上) |
| access_key_id | 是 | string | 应用唯一标识,应用注册时由开放平台分配 |
| redirect_uri | 是 | string | 授权成功的回调地址,其中域名必须符合应用注册时填写的安全域名 |
| response_type | 是 | string | 响应类型,目前仅支持传code |
| scope | 是 | string | scope_base(获取你的公开信息)与scope_userinfo(获取你的详细信息) |
| state | 是 | string | 第三方应用自行产生,可以使用随机字符串 |
| type | 否 | string | h5 页面,不传为web页面,传‘h5’为h5页面 |
授权成功开放平台帐号中心会返回302 重定向到应用提供的{redirect_uri}页面并且带上code和state参数
{redirect_uri}?code={code}&state={state}
2) 根据code获取access_token
http://{api-gateway-host}/oauth/access_token
将code传过去,获取返回body中的access_token和open_id。Java代码示例:
public Object auth(@RequestParam("code") String code) throws IOException {if (StringUtils.isBlank(code)) {return "code is null";}HttpClient httpClient = NdHttpClientBuilder.getHttpClient(ACCESS_KEY_ID, SECRET_ACCESS_ID);//此类由sdk提供JSONObject obj = new JSONObject();obj.put("access_key_id", ACCESS_KEY_ID);obj.put("secret_access_key", SECRET_ACCESS_ID);obj.put("code", code);obj.put("grant_type", "authorization_code");HttpPost request = new HttpPost(API_GATEWAY_HOST + "/oauth/access_token");request.setHeader("Content-Type", "application/json");StringEntity entity = new StringEntity(obj.toString());request.setHeader("sdp-app-id", SDP_APP_ID);request.setEntity(entity);HttpHost httpHost = HttpHost.create(API_GATEWAY_HOST);HttpResponse httpResponse = httpClient.execute(httpHost, request);if (httpResponse.getStatusLine().getStatusCode() == 200) {String result = EntityUtils.toString(httpResponse.getEntity());return JSONObject.parseObject(result);}return EntityUtils.toString(httpResponse.getEntity());}
返回参数:
| 参数 | 含义 |
|---|---|
| access_token | 访问令牌,接口调用凭证,有效期 7 天 |
| expires_at | access_token 的过期时间 |
| refresh_token | 用于刷新 access_token,有效期 60 天 |
| open_id | 授权用户唯一标识 |
| server_time | 服务器时间 |
- ticket接入
1) 用户登录智慧教育云平台,进入第三方应用
用户进入第三方后,智慧教育云平台将会302到第三方提供的http地址,并附带ticket参数,如:{redirect_uri}?ticket={ticket}
2) 根据ticket获取access_token
http://{api-gateway-host}/oauth/access_token
将ticket传过去,获取返回body中的access_token和open_id。Java代码示例:
public Object authTicket(String ticket) throws IOException {if (StringUtils.isBlank(ticket)) {return "ticket is null";}HttpClient httpClient = NdHttpClientBuilder.getHttpClient(ACCESS_KEY_ID, SECRET_ACCESS_ID);//此类由sdk提供JSONObject obj = new JSONObject();obj.put("access_key_id", ACCESS_KEY_ID);obj.put("secret_access_key", SECRET_ACCESS_ID);obj.put("ticket", ticket);obj.put("grant_type", "ticket");HttpPost request = new HttpPost(API_GATEWAY_HOST + "/oauth/access_token");request.setHeader("Content-Type", "application/json");StringEntity entity = new StringEntity(obj.toString());request.setHeader("sdp-app-id", SDP_APP_ID);request.setEntity(entity);HttpHost httpHost = HttpHost.create(API_GATEWAY_HOST);HttpResponse httpResponse = httpClient.execute(httpHost, request);if (httpResponse.getStatusLine().getStatusCode() == 200) {String result = EntityUtils.toString(httpResponse.getEntity());return JSONObject.parseObject(result);}return EntityUtils.toString(httpResponse.getEntity());}
返回参数:
| 参数 | 含义 |
|---|---|
| access_token | 访问令牌,接口调用凭证,有效期 7 天 |
| expires_at | access_token 的过期时间 |
| refresh_token | 用于刷新 access_token,有效期 60 天 |
| open_id | 授权用户唯一标识 |
| server_time | 服务器时间 |
3.授权完成后可获取到access_token和open_id。获取用户的基本信息
http://{api-gateway-host}/base/get_user_info
Java代码示例:
public Object getUserInfo(String openid, String accessToken) throws IOException {HttpClient httpClient = NdHttpClientBuilder.getHttpClient(ACCESS_KEY_ID, SECRET_ACCESS_ID);//此类由sdk提供JSONObject obj = new JSONObject();obj.put("open_id", openid);obj.put("access_token", accessToken);HttpPost request = new HttpPost(API_GATEWAY_HOST + "/base/get_user_info");request.setHeader("Content-Type", "application/json");StringEntity entity = new StringEntity(obj.toString());request.setHeader("sdp-app-id", SDP_APP_ID);request.setEntity(entity);HttpHost httpHost = HttpHost.create(API_GATEWAY_HOST);HttpResponse httpResponse = httpClient.execute(httpHost, request);if (httpResponse.getStatusLine().getStatusCode() == 200) {String result = EntityUtils.toString(httpResponse.getEntity());return JSONObject.parseObject(result);}return EntityUtils.toString(httpResponse.getEntity());}
返回参数:
| 参数 | 含义 |
|---|---|
| open_id | 开放平台帐号中心 颁发给应用的授权用户的唯一标识,用来标记一个具体的用户 |
| nick_name | 昵称 |
| avatar_url | 头像 |
| gender | 性别 1:男,2:女,0:未知 |
4.令牌可定时续约,防止令牌失效
http://{api-gateway-host}/oauth/refresh_token
将授权后获取的refresh_token外加其他参数传入,Java代码示例:
public Object refresh(String refreshToken) throws IOException {HttpClient httpClient = NdHttpClientBuilder.getHttpClient(ACCESS_KEY_ID, SECRET_ACCESS_ID);//此类由sdk提供JSONObject obj = new JSONObject();obj.put("access_key_id", ACCESS_KEY_ID);obj.put("refresh_token", refreshToken);obj.put("grant_type", "refresh_token");HttpPost request = new HttpPost(API_GATEWAY_HOST + "/oauth/refresh_token");request.setHeader("Content-Type", "application/json");StringEntity entity = new StringEntity(obj.toString());request.setHeader("sdp-app-id", SDP_APP_ID);request.setEntity(entity);HttpHost httpHost = HttpHost.create(API_GATEWAY_HOST);HttpResponse httpResponse = httpClient.execute(httpHost, request);if (httpResponse.getStatusLine().getStatusCode() == 200) {String result = EntityUtils.toString(httpResponse.getEntity());return JSONObject.parseObject(result);}return EntityUtils.toString(httpResponse.getEntity());}
返回参数:
| 参数 | 含义 |
|---|---|
| access_token | 访问令牌,接口调用凭证,有效期 7 天 |
| expires_at | access_token 的过期时间 |
| refresh_token | 用于刷新 access_token,有效期 60 天 |
| open_id | 授权用户唯一标识 |
| server_time | 服务器时间 |
返回的access_token更新原来的令牌,refresh_token可用来下次续约
作者:wangtc 创建时间:2020-06-18 18:24
更新时间:2023-11-14 10:57
更新时间:2023-11-14 10:57
