API 鉴权说明
一、简介
本文档描述了HTTP OpenAPI调用者调用API时如何完成签名sign的生成及参数携带约定。
JAVA开发引入kfpt-sdk-java.jar包,使用方式和jar下载地址见下方 [五、请求示例JAVA DEMO]
PHP开发引入 openapi-demo-php.php, 使用方式和php文件下载地址见下方 [六、请求示例PHP DEMO]
二、鉴权说明
通过开放平台创建应用完毕之后,为每个应用都会分配一组唯一的app-key和app-secret
假如:
app-key = 999999
app-secret = 04d4ad40eeec11e9bad2d962f53dda9d
三、生成签名sign
①所有业务接口服务 请求方式均为 POST, 请求参数类型Content-Type=application/json
②sign 签名字符生成规则为 MD5( RequstBody(请求参数对象).toJSONString() + “_” + app-secret);
③例如 物流查询接口, 请求参数http body 内容JSON 字符串jsonReqBody:
{"mailno":"3120052228790"}
*app-secret = 04d4ad40eeec11e9bad2d962f53dda9d
那么签名字符串生成为 sign = MD5(jsonReqBody_04d4ad40eeec11e9bad2d962f53dda9d)*
四、生成请求消息头
** HTTP headers 增加两个鉴权参数**
① app-key 参数放在头信息中传输(创建应用分配的appkey)
② sign 参数放在头信息中传输 (生成的32位小写的 MD5加密签名串)
五、请求示例JAVA DEMO
package com.yundasys;
public class Main {
/**
* 创建应用分配的appkey
*/
final static String appKey = "999999";
/**
* 创建应用分配的appsecret
*/
final static String appSecret = "04d4ad40eeec11e9bad2d962f53dda9d";
public static void main(String[] args) {
//http 工具类通用方法
String serverUrl = "https://u-openapi.yundasys.com/openapi/outer/logictis/query";
String sourceContent = "{\"mailno\":\"3120052228790\"}";
System.out.println(OpenApiHttpUtils.doPostJson( serverUrl, sourceContent, appKey, appSecret));
}
}
附件 kfpt-sdk-java 下载地址
https://openapi.yundaex.com/openapi-gateway/SDK-JAVA/kfpt-sdk-1.0.0.jar
java源码
https://openapi.yundaex.com/openapi-gateway/SDK-JAVA/kfpt-sdk.zip
六、请求示例PHP DEMO
附件 openapi-sdk-php 下载地址
https://openapi.yundaex.com/openapi-gateway/SDK-JAVA/openapi-demo-php-1.0.0.php
<?php
//调用下单
(new demo())->queryLogistics();
/**
* Class demo
* demo 开放平台查询物流
*/
class demo
{
/**
* @var string 接口地址 测试地址
*/
static $serverUrl = "https://u-openapi.yundasys.com/openapi/outer/logictis/query";
/**
* @var string 创建应用分配的appkey
*/
static $appKey = "000083";
/**
* @var string 创建应用分配的appsecret
*/
static $appSecret = "ea1ac6ce075111eab0af139563344bd6";
/**
* 查询物流
*/
public static function queryLogistics(){
//下单报文
$info = [
'mailno'=>"3120052228790",
];
//请求参数body,指定JSON格式 转json
$json_info = json_encode($info,JSON_UNESCAPED_UNICODE);
//生成的SIGN签名串
$sign = md5($json_info.'_'.self::$appSecret);
//header
$header = [
'app-key:'.self::$appKey,
'sign:'.$sign,
'req-time:'.time(),
'Content-Type:application/json;charset=UTF-8',
];
//http请求
try {
$res = (new Http())->postJson(self::$serverUrl, $json_info, $header);
if (!empty($res)){
$res_array = json_decode($res,true);
if ($res_array['code'] === '0000'){
echo '请求成功'.PHP_EOL;
}else{
echo '请求失败'.self::getResCodeInfo($res_array['code']).PHP_EOL;
}
echo $res.PHP_EOL;
}else{
echo '请求失败:无返回';
}
}catch (Exception $e){
echo '请求失败:'.$e->getMessage();
}
}
/**
* 返回报文code对应关系
* @param $code
* @return string
*/
private static function getResCodeInfo($code){
switch ($code){
case '0000':
return "请求成功";
case '7100':
return "账号无权限";
case '7200':
return "接口无权限";
case '7300':
return "IP无权限";
case '7400':
return "签名失败";
case '7500':
return "超过单用户日最高访问量";
case '7501':
return "超过日访问量最高值";
case '7502':
return "超过单用户接口QPS最大限制";
case '7503':
return "超过该接口QPS最大限制";
case '7600':
return "头信息header参数中缺少app-key";
case '7601':
return "头信息header参数中缺少sign";
case '7602':
return "头信息header参数中缺少req-time";
case '7603':
return "content-type只支持application/json;utf-8格式";
case '7604':
return "httpmothod只支持post类型";
case '7605':
return "请求body参数不能为空";
case '7777':
return "内部服务错误";
default:
return '未知错误';
}
}
}
/**
* http
* Class Http
*/
class Http
{
/**
* http 请求
* @param $url
* @param $data
* @param array $header
* @param int $timeout
* @return mixed|string
* @throws Exception
*/
public static function postJson($url, $data, $header = array(
"Content-Type: application/json;charset=UTF-8"
),$timeout=5)
{
$url = trim($url);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$res = curl_exec($ch);
if ($res === false) {
$res = curl_error($ch);
throw new Exception($res, 1);
}
curl_close($ch);
return $res;
}
}
```