如何获取身份验证令牌

提示

appkey与appsecret获取后，接下来就是开始正式对接了，在调用接口集成接口之前首先需要获取身份令牌。

获取身份令牌接口

戳此查看获取身份令牌接口

可以看到接口文档中Body中需要传很多参数，所需参数如下
app_key, pid_scope, timestamp, unique_id, version, sign app_key就是应用的秘钥信息之一，这个在对接之前就可以找对接商务经理获取。

pid_scope字段是产品标识，假如想要给用户授权初中物理实验的权限，那么可以设置 pid_scope 为 RESCZWLEeqji。
如果想给用户初中物理实验盒初中化学实验权限，可以设置 pid_scope 为 RESCZWLEeqji,RESCZHX8afQ1关于产品标识列表，请参考产品标识

timestamp 是时间戳（北京时间），注意这里的单位是秒。

unique_id 可以传入当前系统用户的id，如果考虑到用户的一些保密信息，可以传入用户id的映射。

version 是获取当前对接应用的版本号，传入SDK版本，点击查看SDK版本列表

sign 是签名字段，这个需要将各个参数值字符串拼接后再进行md5()获取信息摘要

警告

拼接的字符串顺序不能打乱

代码示例

以下是获取签名令牌的不同语言的示例代码，仅供参考

Node.js

const http = require("https");
const md5 = require('md5');

const options = {
  "method": "POST",
  "hostname": "nbapi.nobook.com",
  "port": null,
  "path": "/v1/auth",
  "headers": {
    "Content-Type": "application/json"
  }
};

const req = http.request(options, function (res) {
  const chunks = [];

  res.on("data", function (chunk) {
    chunks.push(chunk);
  });

  res.on("end", function () {
    const body = Buffer.concat(chunks);
    console.log(body.toString());
  });
});

const app_key = '76432';
const app_secret = 'yaoszg7isnj1zyzd6s7pvcw1ttoyfdj0p';
const pid_scope = 'RESCZWLEeqji';
const timestamp = Math.round(new Date().getTime() / 1000);
const unique_id = '10000';
const version = '1.0';
const sign = md5(`${app_key}${app_secret}${pid_scope}${timestamp}${unique_id}${version}`);

req.write(JSON.stringify({
  app_key: app_key,
  pid_scope: pid_scope,
  timestamp: timestamp,
  unique_id: unique_id,
  version: version,
  sign: sign,
}));
req.end();

Java

• pom.xml 依赖库

<dependency>
  <groupId>org.apache.httpcomponents</groupId>
  <artifactId>httpclient</artifactId>
  <version>4.5.12</version>
</dependency>
<dependency>
  <groupId>commons-codec</groupId>
  <artifactId>commons-codec</artifactId>
  <version>1.15</version>
</dependency>

import org.apache.commons.codec.digest.DigestUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

import java.io.IOException;
import java.util.Date;

public class App 
{
    public static void main( String[] args ) throws IOException
    {
        String pid_scope = "RESCZWLEeqji";
        String app_key = System.getenv("APP_KEY");
        String app_secret = System.getenv("APP_SECRET");
        long timestamp = new Date().getTime() / 1000;
        String unique_id = "10000";
        String version = "1.0";
        String sign = DigestUtils.md5Hex(app_key + app_secret + pid_scope + timestamp + unique_id + version);
        
        CloseableHttpClient client = HttpClients.createDefault();
        HttpPost httpPost = new HttpPost("https://nbapi.nobook.com/v1/auth");
        String json = "{\"app_key\":\"" + app_key + "\",\"pid_scope\":\"" + pid_scope + "\",\"timestamp\":" + timestamp + ",\"unique_id\":\"" + unique_id + "\",\"version\":\"" + version + "\",\"sign\":\"" + sign + "\"}";
        StringEntity entity = new StringEntity(json);
        httpPost.setEntity(entity);
        httpPost.setHeader("Accept", "application/json");
        httpPost.setHeader("Content-type", "application/json");

        HttpResponse response = client.execute(httpPost);
        String responseBody = EntityUtils.toString(response.getEntity());
        System.out.println(responseBody);
        client.close();
    }
}