API鉴权

(1) 原理

e签宝API服务使用OAuth2.0的客户端鉴权方式,所有api访问前需要先获取access_token, 再携带access_token访问具体的业务API。在只需访问自身资源情况下,可只使用client_credentials模式,存在跨应用使用的情况下,需使用Authorization Code模式。 详细鉴权原理参考 https://tools.ietf.org/html/rfc6749

img

(2)获取access_token

请求access_token时需携带appid和app_secrect,示例: 请求示例:

GET https://openapi.esign.cn/v1/oauth2/access_token?appId=11&secret=4a563e406fc6356ed44924aa69191b8c&grantType=client_credentials

响应示例:

  {
      "success": true,
      "message": "执行成功",
      "data": {
          "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJnSWQiOiI5MGYwMDcxOGYzYWY0YTJiYWY4NzllOTY3YzNkODA3NSIsImFwcElkIjoiMzQzODc1NzAxNyIsImNhbGxzY29wZSI6W10sInRpbWVzdGFtcCI6MTU0NTEyMzgyNzI5NH0.2ZtkKdEt8catRbtgBgSG9ckndDQuoXMxtw7PjUlTrkY",
          "expiresIn": 1545123827385,
          "refreshToken": "sgDVhrZfHd3zB953C58jRg=="
      }
  }

(3)刷新access_token

access_token可通过refresh_token刷新 请求示例:

GET https://openapi.esign.cn/v1/oauth2/refresh_token?appId=3438757017&grantType=refresh_token&refreshToken=sgDVhrZfHd3zB953C58jRg==

响应示例:

  {
      "success": true,
      "message": "执行成功",
      "data": {
          "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJnSWQiOiI5MGYwMDcxOGYzYWY0YTJiYWY4NzllOTY3YzNkODA3NSIsImFwcElkIjoiMzQzODc1NzAxNyIsImNhbGxzY29wZSI6W10sInRpbWVzdGFtcCI6MTU0NTEyMzgyNzI5NH0.2ZtkKdEt8catRbtgBgSG9ckndDQuoXMxtw7PjUlTrkY",
          "expiresIn": 1545123827385,
          "refreshToken": "sgDVhrZfHd3zB953C58jRg=="
      }
  }

(4)访问业务api

访问业务api统一使用自定义HTTP头传输appid和access_token

GET /v1/xxx HTTP/1.1
Host: openapi.esign.cn
X-Tsign-Open-App-Id: appid
X-Tsign-Open-Token: access_token
Accept: */*

Copyright © 2019 杭州天谷信息科技有限公司版权所有 浙ICP备11026113号

results matching ""

    No results matching ""