程序代码
<%@ WebHandler Language="C#" Class="TOP" %>
using System;
using System.Web;
using ;
using System.Xml;
using System.Text;
using System.Web.Security;
using System.Collections.Generic;
public class TOP : IHttpHandler {
public void ProcessRequest (HttpContext context) {
//1.应用信息
string app_key = "10011201";
string app_secret = "0fd3ffcb7008570b95670ec5ad3fe201";
//2.参数集
SortedList<string, string> parameters = new SortedList<string, string>();
//2.1 应用级输入参数
parameters.Add("fields", "user_id,nick,sex,location.city,birthday,type,has_more_pic");//后3个为隐私数据
parameters.Add("nick", "alipublic01");
//2.2 系统级参数
parameters.Add("method", "taobao.user.get");
parameters.Add("session", context.Request.QueryString["top_session"] == null ? "" : context.Request.QueryString["top_session"].ToString());
parameters.Add("timestamp", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"));
parameters.Add("format", "xml");
parameters.Add("app_key", app_key);
parameters.Add("v", "1.0");
//2.3 生成sign,格式: app_secret参数1值1参数2值2,生成md5后转为大写
StringBuilder sb = new StringBuilder();
sb.Append(app_secret);
foreach (KeyValuePair<string, string> item in parameters)
{
sb.Append(item.Key + item.Value);
}
parameters.Add("sign", FormsAuthentication.HashPasswordForStoringInConfigFile(sb.ToString(), "MD5").ToUpper());
//3.生成url
string url = "http://gw./router/rest?";//线上环境: http://gw./router/rest测试环境: http://gw./router/rest
StringBuilder query = new StringBuilder();
foreach (KeyValuePair<string, string> item in parameters)
{
query.Append(item.Key + "=" + System.Web.HttpUtility.UrlEncode(item.Value, System.Text.Encoding.UTF8) + "&");
}
url += query.ToString().TrimEnd(new char[] { '&' });
//4.淘宝客商品查询
try
{
WebRequest webRequest = WebRequest.Create(new Uri(url));
webRequest.ContentType = "application/x-www-form-urlencoded";
webRequest.Method = "POST";
webRequest.Timeout = 5000;
XmlDocument xmlDocument = new XmlDocument();
xmlDocument.Load(((WebResponse)webRequest.GetResponse()).GetResponseStream());
context.Response.ContentType = "text/xml";
context.Response.Write(xmlDocument.InnerXml);
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
}
public bool IsReusable {
get {
return false;
}
}
}
测试流程
1.测试环境下测试
1).保存上边代码到top.ashx,并上传至/top.ashx;
2).打开/isv/authorize.php?appkey=10011201;
3).选择测试帐号alipublic01, 回调URL为/top.ashx,点击获取授权码,形如:PpAE1wquKJoxTtYyJUszOTTfIK5NTpxPpZ%2BH%2BrbJBGS63dDaKbihaSvn9k8QSZQ%2BLIuurtyuKV%2B1jz5JLLeUHblN3LqzbBf%2B%2BTXb6y4OEe4pF9BuV%2ByqS68g%2F7HCkhkwArNCYPNW%2BD5Wbqx2y0Ey1pFuL1t1zsrk8BEw4hbM6XAhgtSgwKfvGQ%3D%3D;
4).打开http://container./container?authcode={上一步的授权码},将跳转到回调URL中,如:/top.ashx?top_appkey=12001690&top_parameters=aWZyYW1lPTEmdHM9MTI0NjUzNzg5NDk2MiZ2aWV3X21vZGU9ZnVsbCZ2aWV3X3dpZHRoPTAmdmlzaXRvcl9pZD0xNzU3NTQzNTEmdmlzaXRvcl9uaWNrPWFsaXB1YmxpYzAx&top_session=1a059e31dd95ad9968674fb77940e037c&top_sign=1d065Wmf1iO08sRFhTPbAw%3D%3D,其中top_session即为SessionKey;
5).调用 taobao.user.get API即可查看alipublic01敏感信息;
2.正式环境下测试
1).修改上边代码nick和url保存为top.ashx,并上传至/top.ashx;
2).将应用升到正式环境,保存回调地址为/top.ashx;
3).打开http://auth./?appkey=10011201(若未登录将跳转到登录页后再跳转回来),同意申明后页面即显示授权码,形如:TOP-10bc0a8761e98193145846b9fdbada777cyc3dNl5kFr0Rnz8aEmr7wxvQBa9G5r-END;
4).打开http://container./container?authcode={上一步授权码},将跳转到回调URL中,如:/top.ashx?top_appkey=12001690&top_parameters=aWZyYW1lPTEmdHM9MTI0NjUzODE3NzI3OSZ2aWV3X21vZGU9ZnVsbCZ2aWV3X3dpZHRoPTAmdmlzaXRvcl9pZD0yMDA4NTYyMjYmdmlzaXRvcl9uaWNrPcLM0ray6M%2Fj&top_session=1ea4749bf3159c702a91cd694319b8e4a&top_sign=qJZoEflAVx5Muzl98VHyjg%3D%3D,其中top_session即为SessionKey;
5).调用 taobao.user.get API即可查看登录用户的敏感信息;
