# OAuth授权
## 第一步
## OAuth授权登录页(在浏览器访问)
`GET` `https://service.xxx.com/platform/login.html`
最后登录页拼接完成后为:\
[https://service.xxx.com/](https://platform.xxx.com/login.html?appKey=xxx\&redirectUrl=xxx\&state=xxx)platform/[login.html?appKey=xxx\&redirectUrl=xxx\&state=xxx](https://platform.xxx.com/login.html?appKey=xxx\&redirectUrl=xxx\&state=xxx)\
授权登录成功后携带code重定向到redirectUrl
#### Query Parameters
| Name | Type | Description |
| --------------------------------------------- | ------ | ----------- |
| appKey\* | String | 商家appKey |
| redirectUrl\* | String | 授权登录成功后跳转页面 |
| state | String | 商家传入状态字段 |
{% tabs %}
{% tab title="200: OK " %}
```javascript
{
// Response
}
```
{% endtab %}
{% endtabs %}
## 第二步
## 使用code换取token、openId接口
`POST` `https://service.xxx.com/platformapi/chainup/open/auth/token`
需要将参数表格中的数据包装成json字符串 利用rsa 进行参数加密和签名 作为body中的data和sign
#### Request Body
| Name | Type | Description |
| ----------------------------------------- | ------ | ---------------------------- |
| app\_id\* | String | 商家唯一app\_id |
| time\* | String | 请求时间 |
| sign\* | String | 用rsa\_third\_pri对query中的数据签名 |
| data\* | String | rsa\_saas\_pub加密query中数据 |
{% tabs %}
{% tab title="200: OK " %}
```javascript
{
"code": "", //返回code
"msg": "", //成功或失败提示信息
"data": "",
"sign": ""
}
data 解密后的结构
{
"openId":"4dbca5afca8a46f48d863d18bsdd644731", //该授权用户所属该商户下的唯一openId
"expireIn":"1720492073", //token过期时间,秒
"refreshToken":"4dbca5afca8a46f48d863d18bsdd644731", //刷新token所需的token
"token":"4dbca5afca8a46f48d863d18bsdd644731". //授权的token
}
```
{% endtab %}
{% endtabs %}
以下为参与rsa加密的参数
| 名称 | 类型 | 是否必需 | 例子 | 描述 |
| ---- | ------ | ---- | ---------------------------------- | ---------------------- |
| code | string | YES | 2ae04ed9165624419bad68e9e0f3f29fbd | 调用第一步login用户登陆时返回的code |
## 刷新token
## 刷新token
`POST` `https://service.xxx.com/platformapi/chainup/open/auth/refreshToken`
需要将参数表格中的数据包装成json字符串 利用rsa 进行参数加密和签名 作为body中的data和sign
#### Headers
| Name | Type | Description |
| ---------------------------------------------- | ------ | ---------------- |
| Content-Type\* | String | application/json |
#### Request Body
| Name | Type | Description |
| ----------------------------------------- | ------ | ---------------------------- |
| app\_id\* | String | 商家唯一appId |
| time\* | String | 请求时间 |
| data\* | String | 用rsa\_third\_pri对query中的数据签名 |
| sign\* | String | rsa\_saas\_pub加密query中数据 |
{% tabs %}
{% tab title="200: OK " %}
```javascript
{
"code": "", //返回code
"msg": "", //成功或失败提示信息
"data": "",
"sign": ""
}
data 解密后的结构体
{
"openId":"4dbca5afca8a46f48d863d18bsdd644731", //该授权用户所属该商户下的唯一openId
"expireIn":"1720492073", //token过期时间,秒
"refreshToken":"4dbca5afca8a46f48d863d18bsdd644731", //刷新token所需的token
"token":"4dbca5afca8a46f48d863d18bsdd644731". //授权的token
}
```
{% endtab %}
{% endtabs %}
以下为参与rsa加密的参数
| 名称 | 类型 | 是否必需 | 例子 | 描述 |
| ------------ | ------ | ---- | ---------------------------------- | -------------------------- |
| refreshToken | string | YES | 4dbca5afca8a46f48d863d18bsdd644731 | 获取token时收到的 refresh\_token |
| token | string | YES | 2ae04ed9165624419bad68e9e0f3f29fbd | token之前授权的token
|
| openId | string | YES | 4dbca5afca8a46f48d863d18bsdd644731 | 该授权用户所属该商户下的唯一openId |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://platformv2docs.chainup.com/oauth-shou-quan.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.