七.接入授权

####1. 定义三种参数：

• {api-gateway-host}

  

• {unified_domain}
  统一域名，即开放平台前台页面的域名
  如：
  湖北中小学智慧教育平台：http://new.hbeducloud.com
  获取方式：

  

• {sdp-app-id}
  查看位置：开放平台-开发文档-接口调用，如图：

####2.审核通过后，便可以开始接入。有两种授权流程：

• 授权码接入

1） 拼接授权码页面

   http://{unified_domain}/openplatform/connect?sdp-app-id={sdp-app-id}&response_type={response_type}&access_key_id={access_key_id}&redirect_uri={redirect_uri}&scope={scope}&state={state}&type={type}

授权成功开放平台帐号中心会返回302 重定向到应用提供的{redirect_uri}页面并且带上code和state参数
{redirect_uri}?code={code}&state={state}

2） 根据code获取access_token

   http://{api-gateway-host}/oauth/access_token

将code传过去，获取返回body中的access_token和open_id。Java代码示例：

   public Object auth(@RequestParam("code") String code) throws IOException {
       if (StringUtils.isBlank(code)) {
           return "code is null";
       }
       HttpClient httpClient = NdHttpClientBuilder.getHttpClient(ACCESS_KEY_ID, SECRET_ACCESS_ID);//此类由sdk提供
       JSONObject obj = new JSONObject();
       obj.put("access_key_id", ACCESS_KEY_ID);
       obj.put("secret_access_key", SECRET_ACCESS_ID);
       obj.put("code", code);
       obj.put("grant_type", "authorization_code");
       HttpPost request = new HttpPost(API_GATEWAY_HOST + "/oauth/access_token");
       request.setHeader("Content-Type", "application/json");
       StringEntity entity = new StringEntity(obj.toString());
       request.setHeader("sdp-app-id", SDP_APP_ID);
       request.setEntity(entity);
       HttpHost httpHost = HttpHost.create(API_GATEWAY_HOST);
       HttpResponse httpResponse = httpClient.execute(httpHost, request);
       if (httpResponse.getStatusLine().getStatusCode() == 200) {
           String result = EntityUtils.toString(httpResponse.getEntity());
           return JSONObject.parseObject(result);
       }
       return EntityUtils.toString(httpResponse.getEntity());
   }

返回参数：

• ticket接入

1） 用户登录智慧教育云平台，进入第三方应用

用户进入第三方后，智慧教育云平台将会302到第三方提供的http地址，并附带ticket参数，如：{redirect_uri}?ticket={ticket}

2） 根据ticket获取access_token

   http://{api-gateway-host}/oauth/access_token

将ticket传过去，获取返回body中的access_token和open_id。Java代码示例：

   public Object authTicket(String ticket) throws IOException {
       if (StringUtils.isBlank(ticket)) {
           return "ticket is null";
       }
       HttpClient httpClient = NdHttpClientBuilder.getHttpClient(ACCESS_KEY_ID, SECRET_ACCESS_ID);//此类由sdk提供
       JSONObject obj = new JSONObject();
       obj.put("access_key_id", ACCESS_KEY_ID);
       obj.put("secret_access_key", SECRET_ACCESS_ID);
       obj.put("ticket", ticket);
       obj.put("grant_type", "ticket");
       HttpPost request = new HttpPost(API_GATEWAY_HOST + "/oauth/access_token");
       request.setHeader("Content-Type", "application/json");
       StringEntity entity = new StringEntity(obj.toString());
       request.setHeader("sdp-app-id", SDP_APP_ID);
       request.setEntity(entity);
       HttpHost httpHost = HttpHost.create(API_GATEWAY_HOST);
       HttpResponse httpResponse = httpClient.execute(httpHost, request);
       if (httpResponse.getStatusLine().getStatusCode() == 200) {
           String result = EntityUtils.toString(httpResponse.getEntity());
           return JSONObject.parseObject(result);
       }
       return EntityUtils.toString(httpResponse.getEntity());
   }

返回参数：

####3.授权完成后可获取到access_token和open_id。获取用户的基本信息

http://{api-gateway-host}/base/get_user_info

Java代码示例：

public Object getUserInfo(String openid, String accessToken) throws IOException {
    HttpClient httpClient = NdHttpClientBuilder.getHttpClient(ACCESS_KEY_ID, SECRET_ACCESS_ID);//此类由sdk提供
    JSONObject obj = new JSONObject();
    obj.put("open_id", openid);
    obj.put("access_token", accessToken);
    HttpPost request = new HttpPost(API_GATEWAY_HOST + "/base/get_user_info");
    request.setHeader("Content-Type", "application/json");
    StringEntity entity = new StringEntity(obj.toString());
    request.setHeader("sdp-app-id", SDP_APP_ID);
    request.setEntity(entity);
    HttpHost httpHost = HttpHost.create(API_GATEWAY_HOST);
    HttpResponse httpResponse = httpClient.execute(httpHost, request);
    if (httpResponse.getStatusLine().getStatusCode() == 200) {
        String result = EntityUtils.toString(httpResponse.getEntity());
        return JSONObject.parseObject(result);
    }
    return EntityUtils.toString(httpResponse.getEntity());
}

#####返回参数：

####4.令牌可定时续约，防止令牌失效

http://{api-gateway-host}/oauth/refresh_token

将授权后获取的refresh_token外加其他参数传入，Java代码示例：

public Object refresh(String refreshToken) throws IOException {
    HttpClient httpClient = NdHttpClientBuilder.getHttpClient(ACCESS_KEY_ID, SECRET_ACCESS_ID);//此类由sdk提供
    JSONObject obj = new JSONObject();
    obj.put("access_key_id", ACCESS_KEY_ID);
    obj.put("refresh_token", refreshToken);
    obj.put("grant_type", "refresh_token");
    HttpPost request = new HttpPost(API_GATEWAY_HOST + "/oauth/refresh_token");
    request.setHeader("Content-Type", "application/json");
    StringEntity entity = new StringEntity(obj.toString());
    request.setHeader("sdp-app-id", SDP_APP_ID);
    request.setEntity(entity);
    HttpHost httpHost = HttpHost.create(API_GATEWAY_HOST);
    HttpResponse httpResponse = httpClient.execute(httpHost, request);
    if (httpResponse.getStatusLine().getStatusCode() == 200) {
        String result = EntityUtils.toString(httpResponse.getEntity());
        return JSONObject.parseObject(result);
    }
    return EntityUtils.toString(httpResponse.getEntity());
}

返回参数：

返回的access_token更新原来的令牌，refresh_token可用来下次续约