{ "openapi": "3.0.3", "info": { "title": "易源OAuth2子授权", "description": "易源OAuth2子授权,可通过应用appid创建无数个子授权access_token,这样在客户端可以使用access_token访问具备权限的接口,不再需要在客户端中放置appid和secret,提高安全性。", "termsOfService": "https://www.showapi.com/helpcenter/view#/4019/2", "version": "1.0.0" }, "servers": [ { "url": "https://route.showapi.com" } ], "paths": { "/2141-6": { "x-pointCode": 6, "x-mode": "mapping", "x-read-timeout": 5, "x-connect-timeout": 5, "post": { "summary": "更新子授权权限", "description": "根据客户系统的out_code,更新对应的子授权access_token,可对子授权的有效时间、访问IP、访问接口、并发、流量等做控制。\n如果此out_code对应的access_token已经存在,则此接口修改老的access_token权限,注意并不修改其有效时间,修改有效时间请使用【延长子授权时效】接入点;\n如果此out_code对应的access_token不存在,易源不做任何操作。", "responses": { "200": { "description": "成功响应", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/ShowapiResEnvelope" }, { "type": "object", "properties": { "showapi_res_body": { "type": "object", "properties": { "item": { "type": "object", "properties": { "expires_in": { "type": "number", "description": "过期时间,秒。" }, "access_token": { "type": "string", "description": "访问token。" }, "rate": { "type": "number", "description": "可调用并发值。" }, "appid": { "type": "number", "description": "创建此token的appid" }, "out_code": { "type": "string", "description": "此token绑定的外部渠道编码(为了便于和外部渠道用户对应)。" }, "ip_white_list": { "type": "array", "items": { "type": "object" }, "description": "此token的访问ip白名单。" } } }, "remark": { "type": "string" }, "ret_code": { "type": "number", "description": "0为成功,其余值失败。" } }, "description": "业务返回体" } } } ] } } } } }, "operationId": "2141_6_POST", "parameters": [], "requestBody": { "content": { "application/x-www-form-urlencoded": { "schema": { "type": "object", "properties": { "out_code": { "type": "string", "description": "子授权的唯一编码,通常对应于客户端系统中的的用户id。" }, "rate": { "type": "number", "description": "新的每秒调用并发数。" }, "ip_white_list": { "type": "string", "description": "新的ip白名单,例如8.8.8.8,9.9.9.9\n白名单列表以半角逗号分隔。一共可以建20个ip。如果要删除此白名单,需要传入 delete 串。" }, "permission_list": { "type": "string", "description": "此token可访问的api-point格式的列表,中间用半角逗号分隔。如果授权某个接口下的所有接入点,可以用32-*这样的格式。\n如果此字段为空串,则不修改老权限;如果此字段为\"delete\"串,则删除老权限。" }, "remark": { "type": "string", "minLength": 0, "maxLength": 100, "description": "此token的备注。" } }, "required": [ "out_code" ] } } } } } }, "/2141-5": { "x-pointCode": 5, "x-mode": "mapping", "x-read-timeout": 5, "x-connect-timeout": 5, "post": { "summary": "查询子授权分页记录", "description": "查询在某个appid下子授权的分页记录,接口适用于平台管理员或授权者,用于查看特定appid下的子授权情况,适用于权限管理、审计、数据安全等场景。", "responses": { "200": { "description": "成功响应", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/ShowapiResEnvelope" }, { "type": "object", "properties": { "showapi_res_body": { "type": "object", "properties": { "allNum": { "type": "number", "description": "共多少条记录。" }, "contentlist": { "type": "array", "items": { "type": "object", "properties": { "0": { "type": "object", "properties": { "expires_in": { "type": "number" }, "access_token": { "type": "string" }, "rate": { "type": "number" }, "appid": { "type": "number" }, "out_code": { "type": "string" }, "ip_white_list": { "type": "array", "items": { "type": "string" } } } } } }, "description": "分页中的数据列表。" }, "remark": { "type": "string" }, "ret_code": { "type": "number" }, "currentPage": { "type": "number", "description": "当前页。" }, "allPages": { "type": "number", "description": "总页数。" }, "maxResult": { "type": "number", "description": "每页最多返回多少条记录。" } }, "description": "业务返回体" } } } ] } } } } }, "operationId": "2141_5_POST", "parameters": [ { "name": "out_code", "in": "query", "description": "子授权的唯一编码,通常对应于客户端系统中的的用户id。", "required": false, "schema": { "type": "string" } }, { "name": "page", "in": "query", "description": "第几页。每页最多返回20条记录。", "required": false, "schema": { "type": "number" } } ] } }, "/2141-4": { "x-pointCode": 4, "x-mode": "mapping", "x-read-timeout": 5, "x-connect-timeout": 5, "post": { "summary": "查看单个子授权明细", "description": "根据渠道外部编码out_code查询对应的子授权。", "responses": { "200": { "description": "成功响应", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/ShowapiResEnvelope" }, { "type": "object", "properties": { "showapi_res_body": { "type": "object", "properties": { "item": { "type": "object", "properties": { "expires_in": { "type": "number" }, "access_token": { "type": "string" }, "rate": { "type": "number" }, "appid": { "type": "number" }, "out_code": { "type": "string" }, "ip_white_list": { "type": "array", "items": { "type": "string" } } }, "description": "out_code对应的子授权明细记录。" }, "remark": { "type": "string" }, "ret_code": { "type": "number" } }, "description": "业务返回体" } } } ] } } } } }, "operationId": "2141_4_POST", "parameters": [ { "name": "out_code", "in": "query", "description": "子授权的唯一编码,通常对应于客户端系统中的的用户id。", "required": true, "schema": { "type": "string" } } ] } }, "/2141-3": { "x-pointCode": 3, "x-mode": "mapping", "x-read-timeout": 5, "x-connect-timeout": 5, "post": { "summary": "删除子授权", "description": "删除某个out_code对应的子授权接口适用于平台管理员或授权者,用于撤销特定out_code下的子授权,适用于管理权限、防止滥用、数据安全等场景。", "responses": { "200": { "description": "成功响应", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/ShowapiResEnvelope" }, { "type": "object", "properties": { "showapi_res_body": { "type": "object", "properties": { "del_item": { "type": "object", "properties": { "expires_in": { "type": "number" }, "permission_list": { "type": "string", "description": "允许访问的api-point列表。" }, "access_token": { "type": "string" }, "rate": { "type": "number" }, "appid": { "type": "number", "description": "发布此token的应用id。" }, "out_code": { "type": "string", "description": "此token对应的外部渠道编码,唯一。" }, "ip_white_list": { "type": "string" } }, "description": "删除的子授权对象。" }, "remark": { "type": "string" }, "ret_code": { "type": "number" } }, "description": "业务返回体" } } } ] } } } } }, "operationId": "2141_3_POST", "parameters": [ { "name": "out_code", "in": "query", "description": "子授权的唯一编码,通常对应于客户端系统中的的用户id。", "required": true, "schema": { "type": "string" } } ] } }, "/2141-2": { "x-pointCode": 2, "x-mode": "mapping", "x-read-timeout": 5, "x-connect-timeout": 5, "post": { "summary": "延长子授权时效", "description": "延长某个out_code对应的子授权。如果子out_code对应的access_token已经失效,则新的失效时间为now+add_seconds;\n如果还未失效,则新的失效时间为老失效时间+add_seconds。", "responses": { "200": { "description": "成功响应", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/ShowapiResEnvelope" }, { "type": "object", "properties": { "showapi_res_body": { "type": "object", "properties": { "remark": { "type": "string" }, "fresh_item": { "type": "object", "properties": { "expires_in": { "type": "number", "description": "新的过期时间,单位秒" }, "access_token": { "type": "string", "description": "访问token。此token和老token一致。" }, "rate": { "type": "number", "description": "新的秒并发限制。" }, "appid": { "type": "number", "description": "发布此token的应用id。" }, "out_code": { "type": "string", "description": "此token对应的外部渠道编码。唯一。" }, "ip_white_list": { "type": "string", "description": "新的访问ip白名单,空串表示不设置。" } }, "description": "延长时效后的子授权记录。" }, "ret_code": { "type": "number", "description": "0为成功,其他失败。" } }, "description": "业务返回体" } } } ] } } } } }, "operationId": "2141_2_POST", "parameters": [ { "name": "out_code", "in": "query", "description": "子授权的唯一编码,通常对应于客户端系统中的的用户id。", "required": true, "schema": { "type": "string" } }, { "name": "add_seconds", "in": "query", "description": "延长此子授权的时效,单位秒。\n如果子out_code对应的access_token已经失效,则新的失效时间为now+add_seconds;\n如果还未失效,则新的失效时间为老失效时间+add_seconds。", "required": true, "schema": { "type": "number" } } ] } }, "/2141-1": { "x-pointCode": 1, "x-mode": "mapping", "x-read-timeout": 30, "x-connect-timeout": 30, "post": { "summary": "创建子授权", "description": "根据客户系统的out_code,创建对应的子授权access_token,可对子授权的有效时间、访问IP、访问接口、并发、流量等做控制。\n1:如果已有正常,则直接返回\n2:如果已有的失效了,则改变token,设置新的过期时间再返回", "responses": { "200": { "description": "成功响应", "content": { "application/json": { "schema": { "allOf": [ { "$ref": "#/components/schemas/ShowapiResEnvelope" }, { "type": "object", "properties": { "showapi_res_body": { "type": "object", "properties": { "item": { "type": "object", "properties": { "expires_in": { "type": "number", "description": "过期时间,秒。" }, "access_token": { "type": "string", "description": "客户端访问token。客户端不再需要使用appid和secret进行鉴权,在get或post请求中带上access_token=xxx即可完成鉴权。" }, "rate": { "type": "number", "description": "可调用并发值。" }, "appid": { "type": "number", "description": "创建此token的appid" }, "out_code": { "type": "string", "description": "此token绑定的外部渠道编码(为了便于和外部渠道用户对应)。" }, "ip_white_list": { "type": "array", "items": { "type": "object" }, "description": "此token的访问ip白名单。空串表示不设置。" } } }, "remark": { "type": "string" }, "ret_code": { "type": "number", "description": "0为成功,其余值失败。" } }, "description": "业务返回体" } } } ] } } } } }, "operationId": "2141_1_POST", "parameters": [], "requestBody": { "content": { "application/x-www-form-urlencoded": { "schema": { "type": "object", "properties": { "out_code": { "type": "string", "description": "子授权的唯一编码,通常对应于客户端系统中的的用户id。" }, "rate": { "type": "number", "description": "每秒调用并发数。不传值或空串时默认为3。" }, "ip_white_list": { "type": "string", "description": "ip白名单,例如8.8.8.8,9.9.9.9\n白名单列表以半角逗号分隔。一共可以建20个ip。不传值 或 空串表示不设置。" }, "expires_in": { "type": "number", "description": "此token的过期时间,单位秒。如果不传,默认7200秒,也就是2小时。" }, "permission_list": { "type": "string", "description": "此token可访问的api-point格式的列表,中间用半角逗号分隔。如果授权某个接口下的所有接入点,可以用32-*这样的格式。最多100个apiCode-pointCode授权对象。\n如果此字段为空串,则可以访问所有接口(在应用app可调用的权限以内)。" }, "grant_type": { "type": "string", "description": "采用Client Credentials方式,即应用公钥、密钥方式获取Access Token。目前仅支持Client Credentials方法。" }, "remark": { "type": "string", "minLength": 0, "maxLength": 100, "description": "此token的备注。" } }, "required": [ "out_code" ] } } } } } } }, "components": { "securitySchemes": { "AppKeyAuth": { "type": "apiKey", "in": "query", "name": "appKey", "description": "从 ShowAPI 控制台获取的 appKey,管理地址:https://www.showapi.com/console#/myApp" } }, "schemas": { "ShowapiResEnvelope": { "type": "object", "description": "ShowAPI 统一返回包裹(业务数据位于 showapi_res_body)", "properties": { "showapi_res_code": { "type": "integer", "description": "API 返回的状态码" }, "showapi_res_error": { "type": "string", "description": "API 返回的错误信息" }, "showapi_res_id": { "type": "string", "description": "API 请求的唯一标识" }, "showapi_fee_num": { "type": "integer", "description": "API 调用计费次数" } } } } }, "security": [ { "AppKeyAuth": [] } ], "externalDocs": { "url": "https://www.showapi.com/apiGateway/view/2141?tab=book" }, "x-apiCode": "2141", "x-is-own": false, "x-is-op": true }