oauth.py 5.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195
  1. # -*- coding: utf-8 -*-
  2. # !/usr/bin/env python
  3. """
  4. jd.oauth
  5. ~~~~~~~~~~~~~~~
  6. This module provides OAuth2 library for jd pay
  7. :copyright: (c) 2019 by messense.
  8. :license: MIT, see LICENSE for more details.
  9. """
  10. from __future__ import absolute_import, unicode_literals
  11. import hashlib
  12. import requests
  13. import six
  14. from six.moves.urllib.parse import quote
  15. import time
  16. from apilib.systypes import StrEnum
  17. from library import to_binary, to_text
  18. from library.jd.exceptions import JDAuthException
  19. try:
  20. import simplejson as json
  21. except ImportError:
  22. import json
  23. class JDOAuth(object):
  24. """ 京东支付 OAuth 网页授权
  25. """
  26. OAUTH_BASE_URL = 'https://jauth.jd.com'
  27. class Scope(StrEnum):
  28. """
  29. 如果不获取电话号码,仅支持scope.userInfo
  30. """
  31. USER_INFO = 'scope.userInfo'
  32. def __str__(self):
  33. _repr = '{kclass}(appid: {appid})'.format(
  34. kclass = self.__class__.__name__,
  35. appid = self.appid)
  36. if six.PY2:
  37. return to_binary(_repr)
  38. else:
  39. return to_text(_repr)
  40. def __repr__(self):
  41. return str(self)
  42. def __init__(self, appid, secret, state = ''):
  43. """
  44. :param appid: 京东支付 app_id
  45. :param secret: 京东支付 secret
  46. :param state: 可选,京东支付 OAuth2 state
  47. """
  48. self.appid = appid
  49. self.secret = secret
  50. self.state = state
  51. def _sign(self, data):
  52. _params = [to_binary('{0}={1}'.format(k, data[k])) for k in sorted(data) if data[k]]
  53. _params = ''.join(_params)
  54. _params = to_binary('{0}{1}'.format(_params, self.secret))
  55. _params = quote(_params, safe = b'')
  56. return to_text(hashlib.md5(_params).hexdigest())
  57. def _request(self, method, url_or_endpoint, **kwargs):
  58. if not url_or_endpoint.startswith(('http://', 'https://')):
  59. url = '{base}{endpoint}'.format(
  60. base = self.OAUTH_BASE_URL,
  61. endpoint = url_or_endpoint
  62. )
  63. else:
  64. url = url_or_endpoint
  65. if isinstance(kwargs.get('data', ''), dict):
  66. body = json.dumps(kwargs['data'], ensure_ascii = False)
  67. body = body.encode('utf-8')
  68. kwargs['data'] = body
  69. kwargs['timeout'] = kwargs.get('timeout', 15)
  70. with requests.sessions.Session() as session:
  71. res = session.request(
  72. method = method,
  73. url = url,
  74. **kwargs
  75. )
  76. try:
  77. res.raise_for_status()
  78. except requests.RequestException as reqe:
  79. raise JDAuthException(
  80. errCode = res.status_code,
  81. errMsg = reqe.message,
  82. client = self,
  83. request = reqe.request,
  84. response = reqe.response)
  85. result = json.loads(res.content.decode('utf-8', 'ignore'), strict = False)
  86. if 'errcode' in result and result['errcode'] != 0:
  87. errcode = result['errcode']
  88. errmsg = result['errmsg']
  89. raise JDAuthException(
  90. errCode = errcode,
  91. errMsg = errmsg,
  92. client = self,
  93. request = res.request,
  94. response = res
  95. )
  96. return result
  97. def _get(self, url, **kwargs):
  98. return self._request(
  99. method = 'get',
  100. url_or_endpoint = url,
  101. **kwargs
  102. )
  103. def get_oauth_token(self, auth_code):
  104. """获取 access_token
  105. :param auth_code: 授权完成跳转回来后 URL 中的 code 参数
  106. :return: JSON 数据包
  107. """
  108. params = {
  109. 'grant_type': 'authorization_code',
  110. 'appid': self.appid,
  111. 'code': auth_code,
  112. 'ts': str(int(time.time()))
  113. }
  114. params.update({
  115. 'sign': self._sign(params),
  116. 'secret': self.secret
  117. })
  118. return self._get(
  119. '/access_token',
  120. params = params
  121. )
  122. def get_user_info(self, access_token, openid):
  123. """
  124. 获取用户信息
  125. """
  126. params = {
  127. 'access_token': access_token,
  128. 'openid': openid,
  129. 'ts': str(int(time.time()))
  130. }
  131. params.update({'sign': self._sign(params)})
  132. res = self._get(
  133. '/userinfo',
  134. params = params
  135. )
  136. return res
  137. def authorize_url(self, redirect_uri, scope):
  138. """获取授权跳转地址
  139. :return: URL 地址
  140. """
  141. redirect_uri = quote(redirect_uri, safe = b'')
  142. url_list = [
  143. self.OAUTH_BASE_URL,
  144. '/entrance?appid=',
  145. self.appid,
  146. '&redirect_uri=',
  147. redirect_uri,
  148. '&cancel_uri=',
  149. redirect_uri,
  150. '&response_type=code&scope=',
  151. scope,
  152. '&act_type=2',
  153. '&show_titile=0'
  154. ]
  155. if self.state:
  156. url_list.extend(['&state=', self.state])
  157. else:
  158. url_list.extend(['&state=', ''])
  159. return ''.join(url_list)