平台授权模式
作为服务平台接入时可选择该授权模式,个人或者团队接入请采用客户端授权模式
注册应用
联系我们进行应用注册,需要提供应用名称、回调地址redirect_uri,注册完成后给与client_id、client_secret
如需开通事件通知,请提供事件通知回调地址
授权流程
采用 OAuth2.0 进行授权认证
OAuth2官网https://oauth.net/2
+--------+ +-------------+
| |--(A)------- Authorization Grant -------->| |
| | | |
| |<-(B)----------- Access Token ------------| |
| | & Refresh Token | |
| | | |
| | +----------+ | |
| |--(C)---- Access Token ---->| | | |
| | | | | |
| |<-(D)- Protected Resource --| Resource | |Authorization|
| Client | | Server | | Server |
| |--(E)---- Access Token ---->| | | |
| | | | | |
| |<-(F)- Invalid Token Error -| | | |
| | +----------+ | |
| | | |
| |--(G)----------- Refresh Token ---------->| |
| | | |
| |<-(H)----------- Access Token ------------| |
+--------+ & Optional Refresh Token +-------------+
字段说明
YOU_CLIENT_ID:应用的 client_id
YOU_CLIENT_SECRET:应用的 client_secret
YOU_REDIRECT_URI:注册应用时提供的 redirect_uri
RETURNED_CODE:请求授权后重定向返回的参数code
STATE:随机字符串,用于防止CSRF攻击(可选)
请求授权(直接访问)
GET /oauth/authorize?client_id=YOU_CLIENT_ID&redirect_uri=YOU_REDIRECT_URI&response_type=code&scope=exam%2binterview&state=STATE
用户授权完毕后会重定向至YOU_REDIRECT_URI
并带上授权码code
YOU_REDIRECT_URI?code=RETURNED_CODE&state=STATE
你可以用该code请求接口获取 access_token
获取 access_token
POST /oauth/token.json
请求参数:
{
"client_id": YOU_CLIENT_ID,
"client_secret": YOU_CLIENT_SECRET,
"code": RETURNED_CODE,
"grant_type": "authorization_code",
"redirect_uri": YOU_REDIRECT_URI
}
返回结果:
{
"access_token": "de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54",
"token_type": "Bearer",
"expires_in": 7200,
"scope": "exam interview",
"refresh_token": "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
}
刷新 access_token
POST /oauth/token.json
请求参数:
{
client_id: YOU_CLIENT_ID,
client_secret: YOU_CLIENT_SECRET,
redirect_uri: YOU_REDIRECT_URI,
grant_type: "refresh_token",
refresh_token: "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
}
返回结果:
{
"access_token": "de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54",
"token_type": "Bearer",
"expires_in": 7200,
"refresh_token": "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
}