附录

签名算法

我们用商家调用URL演示加密算法:

http://api.test.jiuyescm.com/v1/qimen/receive?method=itemlack.report&timestamp=2015-04-2600:00:07&format=xml&app_key=testerp_appkey&v=2.0&sign=abc&sign_method=md5&customerId=stub-cust-code

输入参数

method= itemlack.report
timestamp=2015-04-26 00:00:07
format=xml
app_key= testerp_appkey
v=2.0
sign_method=md5
customerId =test

按首字母升序排列

app_key=testerp_appkey
customerId=stub-cust-code
format=xml
method=entryorder.query
sign_method=md5
timestamp=2015-04-26 00:00:07
v=2.0           

连接字符串

连接参数名与参数值,并在首尾加上secret,此处假设secret=test,如下:

testapp_keytesterp_appkeycustomerIdstub-cust-codeformatxmlmethoditemlack.reportsign_methodmd5timestamp2015-04-26 00:00:07v2.0bodytest

其中:body用请求中的body数据代替

生成签名

32位大写MD5值-> D06D88CB34B2EC0E5C9BAB396C9542B6

拼装请求URL

将所有参数值转换为UTF-8编码,然后拼装,并作URL ENCODING 如下:

http://api.test.jiuyescm.com/v1/qimen/receive?method=itemlack.report&timestamp=2015-04-26%2000:00:07&format=xml&app_key=testerp_appkey&v=2.0&sign=D06D88CB34B2EC0E5C9BAB396C9542B6&sign_method=md5&customerId=stub-cust-code