平台授权模式

作为服务平台接入时可选择该授权模式,个人或者团队接入请采用客户端授权模式

注册应用

联系我们进行应用注册,需要提供应用名称、回调地址redirect_uri,注册完成后给与client_id、client_secret

如需开通事件通知,请提供事件通知回调地址

授权流程

采用 OAuth2.0 进行授权认证

OAuth2官网https://oauth.net/2


+--------+                                          +-------------+
|        |--(A)------- Authorization Grant -------->|             |
|        |                                          |             |
|        |<-(b)----------- access="" token="" ------------|="" |="" &="" refresh="" +----------+="" |--(c)----="" ----="">|          |  |             |
|        |                            |          |  |             |
|        |<-(d)- protected="" resource="" --|="" |="" |authorization|="" client="" server="" |--(e)----="" access="" token="" ----="">|          |  |             |
|        |                            |          |  |             |
|        |<-(f)- invalid="" token="" error="" -|="" |="" +----------+="" |--(g)-----------="" refresh="" ----------="">|             |
|        |                                          |             |
|        |

字段说明

YOU_CLIENT_ID:应用的 client_id

YOU_CLIENT_SECRET:应用的 client_secret

YOU_REDIRECT_URI:注册应用时提供的 redirect_uri

RETURNED_CODE:请求授权后重定向返回的参数code

STATE:随机字符串,用于防止CSRF攻击(可选)

请求授权(直接访问)

GET /oauth/authorize?client_id=YOU_CLIENT_ID&redirect_uri=YOU_REDIRECT_URI&response_type=code&scope=exam+interview&state=STATE

用户授权完毕后会重定向至YOU_REDIRECT_URI并带上授权码code

YOU_REDIRECT_URI?code=RETURNED_CODE&state=STATE

你可以用该code请求接口获取 access_token

获取 access_token

POST /oauth/token.json

请求参数:

{
  "client_id": YOU_CLIENT_ID,
  "client_secret": YOU_CLIENT_SECRET,
  "code": RETURNED_CODE,
  "grant_type": "authorization_code",
  "redirect_uri": YOU_REDIRECT_URI
}

返回结果:

{
 "access_token": "de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54",
 "token_type": "Bearer",
 "expires_in": 7200,
 "scope": "exam interview",
 "refresh_token": "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
}

刷新 access_token

POST /oauth/token.json

请求参数:

{
  client_id: YOU_CLIENT_ID,
  client_secret: YOU_CLIENT_SECRET,
  redirect_uri: YOU_REDIRECT_URI,
  grant_type: "refresh_token",
  refresh_token: "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
}

返回结果:

{
 "access_token": "de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54",
 "token_type": "Bearer",
 "expires_in": 7200,
 "refresh_token": "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
}

条 "" 的搜索结果

    没有 "" 的搜索结果