一:此接口与其他接口不同,不同之处有3点:
1:多了一个Params的参数;
2:并且此参数也参与加密;
3:加密时,该参数排在加密参数的第一位;
二:加密过程:(JAVA,其他语言请参照此方法)
Map<String, String> allParams = new HashMap<>();
allParams.put("Params","{\"startCreated\":\"2016-03-01 11:00:00\",\"endCreated\":\"2016-03-02 11:00:00\",\"orderStatus\":\"ORDER_CREATED\",\"page\":1,\"pageSize\":10}”);(如果查询条件包含某个没有赋值的查询字段,请不要传null)
allParams.put("app_key", “用户的appKey");
allParams.put("access_token", “授权的Token");
allParams.put("format", "json");
allParams.put("method", StringUtils.trim("xiaodian.trade.sold.get"));
allParams.put("timestamp", "1471261916454");
//得到加密结果
String sign = SignUtil.signRequest(allParams, “用户的秘钥", “md5");
用户的秘钥+Params参数+access_token+app_key+format+method+timestamp+用户秘的秘钥
示例数据:
4A0DF2BFE22941270969B763ABD4B745Params{"startCreated":"2016-03-01 11:00:00","endCreated":"2016-09-02 11:00:00","page":1,"pageSize":1}access_token83DD15C0D43D20D7FE41602C015FBFEFapp_key100116formatjsonmethodxiaodian.trade.sold.gettimestamp14726240393874A0DF2BFE22941270969B763ABD4B745
*************附调用的加密方法*************
public class SignUtil {
public static String signRequest(Map<String, String> params, String appSecret, String signMethod) throws IOException, ApiException {
StringBuilder sb = new StringBuilder(appSecret);
String[] keys = params.keySet().toArray(new String[0]);
Arrays.sort(keys);
for (String key : keys) {
String value = params.get(key);
if (StringUtils.areNotBlank(key, value)) {
sb.append(key).append(value);
}
}
sb.append(appSecret);
LoggerUtil.info(sb.toString());
if(Constants.SIGN_METHOD_MD5.equals(signMethod)) {
return MD5Util.MD5(sb.toString());
} else {
throw new ApiException("签名方法暂不支持:"+signMethod);
}
}
}
开放平台团队
2016-08-15