如何认证
此认证只适用于此wintelapi接口
方式一:用户中心通用认证方式(推荐)
概述
使用 中通天鸿用户中心 进行统一认证。推荐
从用户中心获取 access_token 后,在所有接口请求头加上 Authorization: Bearer {ACCESS_TOKEN} 即可
第一步
从您专属的中通天鸿 vip 售后人员处申请用户中心访问 client_id 与 client_secret。您将会得到一下信息:
- client_id: 您的应用专属账号
- client_secret: 您的应用密码
- scope: 您的应用权限
第二步
从用户中心获取 access_token.
举例1:
POST https://account.icsoc.net/oauth2/token HTTP/1.1
Host: account.icsoc.net
Content-Type: application/x-www-form-urlencoded
cache-control: no-cache
client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&grant_type=password&username=6019072501|8005&password={password}&scope={SCOPE}
以上例子中 6019072501|8005 为 您的企业代码|坐席工号
举例2:
curl -X POST \
https://account.icsoc.net/oauth2/token \
-F client_id={CLIENT_ID} \
-F client_secret={CLIENT_SECRET} \
-F grant_type=password \
-F 'username={企业代码}|{工号}' \
-F password={password}
-F scope={SCOPE}
以上例子中,正常返回为:
{
"access_token": "434233e4631417de4da122f4275bf76854004f68",
"expires_in": 86400,
"token_type": "Bearer",
"scope": "openid",
"refresh_token": "007c70090faba9687a78072d8769ada2096bde12"
}
第三步
从第二步拿到的 access_token 即为您的访问凭证,在后续调用中,您只需要在请求头中加入
Authorization: Bearer 434233e4631417de4da122f4275bf76854004f68
即可
方式二:manage 独有认证方式
如何使用
需要在http请求头中添加如下字段
X-WSSE:UsernameToken Username="420110002",PasswordDigest="FXxvCwZ7RO0sOL4HBhAQ7JKldyY=",Nonce="NzI0Y2NmOTAzZjc1OWRkMg==",Created="1372834488"
字段说明
X-WSSE
http请求头的键名(大小写无关)UsernameToken
固定字符串,后面添加一个空格Username="420110002"
=后面的值为企业代码(企业账号的唯一标识),引号为必需的,后续再添加一个英文逗号PasswordDigest="FXxvCwZ7RO0sOL4HBhAQ7JKldyY="
密码摘要,计算方式如下:base64_encode(sha1(base64_decode($nonce).$created.$secret, true))其中
$nonce为任意的随机数,每次请求可以固定,也可以每次都不一样、$created为当前请求的时间的时间戳、$secret为企业账号对应的密码(系统提供), base64_decode 为base64加密, sha1 为sha1哈希加密, 引号为必需的,后续再添加一个英文逗号Nonce="NzI0Y2NmOTAzZjc1OWRkMg=="
随机字符串,为base64encode的之后的字符串,引号为必需的,后续再添加一个英文逗号Created="1372834488"
当前请求的时间的时间戳,引号为必需的
例子
PHP
$url = "http://...";//接口地址base64_encode
$params = "vcc_code=test&start_date=2014-06-16 20:10:20&end_date=2014-06-16 6:10:10";
$method = 'post';
$nonce = base64_encode("123456"); //随机数,需要base64_encode;
$Created = "123456"; //当前时间的时间戳
$secret ="28395dfd93640d760c36cb858b4277de"; //账号对应的密码
$username = "8015012701"; //企业代码vcc_code
$PasswordDigest = base64_encode(sha1(base64_decode($nonce).$Created.$secret, true));
$wsse = 'UsernameToken Username="'.$username.'",PasswordDigest="'.$PasswordDigest.'", Nonce="'.$nonce.'", Created="'.$Created.'"';
$header = array("X-WSSE"=>$wsse);
function request($url, $params, $method, $my_header)
{
/* 开始一个新会话 */
$curl_session = curl_init();
/* 基本设置 */
curl_setopt($curl_session, CURLOPT_FORBID_REUSE, true); // 处理完后,关闭连接,释放资源
curl_setopt($curl_session, CURLOPT_HEADER, true);//结果中包含头部信息
curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, true);//把结果返回,而非直接输出
curl_setopt($curl_session, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);//采用1.0版的HTTP协议
$url_parts = parse_raw_url($url); //处理URL
$header = array();
/* 设置主机 */
$header[] = 'Host: ' . $url_parts['host'];
/* 格式化自定义头部信息 */
if ($my_header && is_array($my_header))
{
foreach ($my_header AS $key => $value)
{
$header[] = $key . ': ' . $value;
}
}
if ($method === 'GET')
{
curl_setopt($curl_session, CURLOPT_HTTPGET, true);
$url .= $params ? '?' . $params : '';
}
else
{
curl_setopt($curl_session, CURLOPT_POST, true);
$header[] = 'Content-Type: application/x-www-form-urlencoded';
$header[] = 'Content-Length: ' . strlen($params);
curl_setopt($curl_session, CURLOPT_POSTFIELDS, $params);
}
/* 设置请求地址 */
curl_setopt($curl_session, CURLOPT_URL, $url);
/* 设置头部信息 */
curl_setopt($curl_session, CURLOPT_HTTPHEADER, $header);
/* 发送请求 */
$http_response = curl_exec($curl_session);
if (curl_errno($curl_session) != 0)
{
return false;
}
$separator = '/\r\n\r\n|\n\n|\r\r/';
list($http_header, $http_body) = preg_split($separator, $http_response, 2);
$http_response = array('header' => $http_header,//肯定有值
'body' => $http_body); //可能为空
curl_close($curl_session);
return $http_response;
}
function parse_raw_url($raw_url)
{
$retval = array();
$raw_url = (string) $raw_url;
if (strpos($raw_url, '://') === false)
{
$raw_url = 'http://' . $raw_url;
}
$retval = parse_url($raw_url);
if (!isset($retval['path']))
{
$retval['path'] = '/';
}
if (!isset($retval['port']))
{
$retval['port'] = '80';
}
return $retval;
}
JAVA
import java.io.IOException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.PostMethod;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class httpdemo {
public static void main(String[] args) throws Exception
{
HttpClient client = new HttpClient();
client.getHostConfiguration().setHost("接口地址", 80, "http");
HttpMethod method = getPostMethod();
client.executeMethod(method);
System.out.println(method.getStatusLine());
String response = new String(method.getResponseBodyAsString().getBytes("utf-8"));
System.out.println(response);
method.releaseConnection();
}
public static String MD5(String str){
MessageDigest md = null;
byte[] message = null;
try {
md = MessageDigest.getInstance("MD5");
message = md.digest(str.getBytes());
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return new BigInteger(1, message).toString(16);
}
public static String encode(String nonce, String created, String secret) throws Exception {
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.reset();
String decode = decryptBASE64(nonce)+created+secret;
return new BASE64Encoder().encode(md.digest(decode.getBytes()));
}
public static String decryptBASE64(String key){
BASE64Decoder decoder = new BASE64Decoder();
try {
return new String(decoder.decodeBuffer(key));
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return "";
}
private static HttpMethod getPostMethod() throws Exception {
PostMethod post = new PostMethod("/wintelapi/web/callin");
String Username = "420110002";
String Nonce = "NzI0Y2NmOTAzZjc1OWRkMg==";//需要是base64encode的之后的字符串;
String secret = "e10adc3949ba59abbe56e057f20f883e";
String Created = "123456abc";
String PasswordDigest = encode(Nonce,Created,secret);
String headerValue = "UsernameToken Username=\""+ Username +"\",PasswordDigest=\""+PasswordDigest+"\",Nonce=\""+Nonce+"\",Created=\""+Created+"\"";
post.setRequestHeader("X-WSSE",headerValue);
String test = "{\"filter\":{\"start_time\":\"2014-05-06 00:00:00\"}}";
NameValuePair model0 = new NameValuePair("vcc_code","420110002");
NameValuePair model1 = new NameValuePair("start_date","2014-10-10 00:00:00");
post.setRequestBody(new NameValuePair[] { model0,model1});
return post;
}
}
C#
using System;
using System.Text;
using System.IO;
using System.Collections.Generic;
using System.Security.Cryptography;
using Newtonsoft.Json;
using System.Net.Http;
using System.Linq;
namespace vscode
{
class Program
{
static void Main(string[] args)
{
var wsse = GetWsseHeader();
Console.WriteLine(wsse);
var info = new Dictionary<string, object>{
{"filter",new Dictionary<string,string>{
{"start_time","2019-05-01 00:00:00"}, //开始时间
{"end_time","2019-06-12 00:00:00"}, //结束时间
// {"ag_num","1002"},
// {"call_type","1"},
// {"cus_phone","18292011112"}, 客户号码
// {"que_id","1"},
}},
};
var data = new Dictionary<string, string>
{
{"vcc_code", "4219061001" },
{"info",JsonConvert.SerializeObject(info)}
};
var client = new HttpClient();
client.DefaultRequestHeaders.Add("x-wsse", wsse);
var formContent = new FormUrlEncodedContent(data.ToList());
//发送请求
var response = client.PostAsync("http://m.icsoc.net/v2/wintelapi/detail/agentstate", formContent);
response.Wait();
var t2 = response.Result.Content.ReadAsByteArrayAsync();
Console.WriteLine(Encoding.UTF8.GetString(t2.Result));
}
public static string GetWsseHeader()
{
var nonce = EncodeBase64("utf-8", "123456");
var created = "abcd";
var username = "4219061001";
var secret = "8e591c388cec62846e7d9d4e55dcf653";
var passwordDiget = encodeBase64SHA1(DecodeBase64("utf-8", nonce)+created+secret);
return "UsernameToken Username=\"" + username + "\", PasswordDigest=\""+ passwordDiget+ "\", Nonce=\""+ nonce +"\", Created=\""+created+"\"";
}
public static string EncodeBase64(string code_type, string code)
{
string encode = "";
byte[] bytes = Encoding.GetEncoding(code_type).GetBytes(code);
try
{
encode = Convert.ToBase64String(bytes);
}
catch
{
encode = code;
}
return encode;
}
///解码
public static string DecodeBase64(string code_type, string code)
{
string decode = "";
byte[] bytes = Convert.FromBase64String(code);
try
{
decode = Encoding.GetEncoding(code_type).GetString(bytes);
}
catch
{
decode = code;
}
return decode;
}
private static string encodeBase64SHA1(string phrase)
{
UTF8Encoding encoder = new UTF8Encoding();
SHA1CryptoServiceProvider sha1Hasher = new SHA1CryptoServiceProvider();
byte[] hashedDataBytes = sha1Hasher.ComputeHash(encoder.GetBytes(phrase));
return Convert.ToBase64String(hashedDataBytes);
}
}
}
认证失败返回结果
| 字段 | 说明 |
|---|---|
| code | 结果编码 |
| message | 结果说明 |
结果编码说明
| code | 说明 |
|---|---|
| 900 | 认证失败;用户名密码不对应 |
| 901 | 请求头缺少项:x-wsse,或格式错误 |