第一步:在shopify后台创建公共应用(私有的也可以,我创建的是公共的) 附上源码链接https://download.csdn.net/download/qq_39613976/12511307
注意:不是商店后台,看浏览器链接就知道了 商店后台是 https://商店名.myshopify.com的 不要弄错了
第二步:然后去下载一个内网穿透工具 ngrok 百度一下就知道怎么用了
第三步:去写代码
1、先写一个controller 重定向到shopify
package com.mzt.mztshopify.controller;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.digest.HMac;
import cn.hutool.crypto.symmetric.AES;
import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
import com.mzt.mztshopify.commond.Hmac;
import com.mzt.mztshopify.util.DateUtil;
import com.mzt.mztshopify.util.HttpUtil;
import org.apache.commons.codec.binary.Base64;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.util.DigestUtils;
import org.springframework.util.SocketUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
@Controller
@RequestMapping("/base")
public class BaseController {
private static String URL = "https://%s/admin/oauth/authorize?client_id=%s&grant_options[]=%s&redirect_uri=%s&scope=%s&state=%s";
private static String CLIENT_KEY= "应用上的第一个秘钥";
private static String CLIENT_SECRET = "应用上的第二个秘钥";
private static String SCOPE = "write_product_listings,read_orders";
private static String GRANT_OPTIONS = "per-user";
private static String REDIRECT_URI = "https://03d6ab0d2a5b.ngrok.io/oauth/authorization";
@GetMapping("/index")
public ModelAndView index(@RequestParam("hmac") String hmac, @RequestParam("shop") String shop, @RequestParam("timestamp") String timestamp) throws Exception {
boolean isv = Hmac.validateShopifyAskForPermission(CLIENT_SECRET, hmac, shop, timestamp);
if (isv){
byte[] textByte = shop.getBytes("UTF-8");
String params = Base64.encodeBase64String(textByte);
System.out.println("index state:"+params);
String path=String.format(URL,shop,CLIENT_KEY,GRANT_OPTIONS,REDIRECT_URI,SCOPE,params);
return new ModelAndView("redirect:"+path);
}else {
return new ModelAndView("redirect:https://03d6ab0d2a5b.ngrok.io/404");
}
}
}
2、然后启动 用ngrok 映射一下你接口地址
3、去shopify点击你的应用->点击应用设置
4、在应用URL 上填写你的项目接口映射地址
5、回到项目实现回调地址获取access_token的接口
package com.mzt.mztshopify.controller;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.symmetric.AES;
import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
import com.mzt.mztshopify.commond.Hmac;
import com.mzt.mztshopify.util.HttpUtil;
import com.mzt.mztshopify.util.RequestUtil;
import org.apache.commons.codec.binary.Base64;
import org.springframework.web.bind.annotation.*;
import sun.misc.BASE64Decoder;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@RestController
@RequestMapping("/oauth")
public class Oauth2controller {
private static String CLIENT_KEY= "应用上的第一个秘钥";
private static String CLIENT_SECRET = "应用上的第二个秘钥";
private static String REGULAR = "(https|http)\\:\\/\\/[a-zA-Z0-9][a-zA-Z0-9\\-]*\\.myshopify\\.com[\\/]?/";
private static String ACCESS_TOKEN_URL = "https://%s/admin/oauth/access_token";
@ResponseBody
@GetMapping("/authorization")
public void getBrand(@RequestParam("code")String code,@RequestParam("hmac")String hmac,@RequestParam("shop")String shop,@RequestParam("timestamp")String timestamp,@RequestParam("state")String state) throws Exception {
String params = new String(Base64.decodeBase64(state), "UTF-8");
if (!params.equals(shop)){
}
boolean isv = Hmac.validateShopifyAskForPermission(CLIENT_SECRET, hmac, code,shop,state,timestamp);
if (!isv){
}
boolean hostname = Pattern.matches(REGULAR, "https://"+shop+"/");
if (!hostname){
}
Properties request=new Properties();
request.put("client_id",CLIENT_KEY);
request.put("client_secret",CLIENT_SECRET);
request.put("code",code);
String url=String.format(ACCESS_TOKEN_URL,shop);
String post = HttpUtil.httpsRequest(url, "post", request, null, null);
System.out.println(post);
}
}
6、回到应用上 填写回调地址
第四步:测试
点击你的商店,没有就创建一个
跳到授权页面 安装应用
安装完成之后 shopify 会回调到之前实现的回调接口
至此已经完成了 认证授权流程