SAAS Access
Unbounded Cloud Clip provides the function of accessing third-party system user systems, realizing the interoperability of user and login status with third-party systems.
1. Access Principle
- The user-related interfaces of the cloud clip platform use jwt token for user identity authentication
- User mapping: Map third-party users to generate corresponding users in the cloud clip platform
- User token: Generate a token based on the user mapped to the cloud clip platform, and jump to the cloud clip system through url parameters (the cloud clip platform will automatically parse and process the token)
- Login status synchronization:
- The third-party system provides additional interfaces for the cloud clip platform to query the user login status.
- Each time the cloud clip platform calls a user-related interface, in addition to verifying its own platform token status, it also calls the login status query interface provided by the third party. Only when both pass is considered a logged-in status.
2. Access Process
1. Get appid and secret
Create an application in the Unbounded Cloud Clip platform's management background - Application Management, and obtain the application's appid and secret. For specific acquisition methods, please contact the platform customer service WeChat: mantousee.
2. Get Token
Call the platform interface to obtain token, where appid and secret are provided by the platform.
Note:
- Each userId will generate a corresponding user in the cloud clip project (update if it already exists)
- The user information in the cloud clip project will be updated every time the /api/v1/third/login interface is called.
- The
tokenvalidity period and user login status in the cloud clip project may be inconsistent with the third-party system. If consistency is required, the third party should provide an additional interface to query the user login status.
Reference interface documentation: https://docs.apipost.net/docs/detail/40f0d78218e0000?target_id=1fb5aee
Reference code
nodejs
js
const crypto = require('crypto');
const axios = require('axios');
/**
* md5 encryption
* @param {string} str
* @returns
*/
function md5(str) {
return crypto.createHash("md5").update(str).digest("hex");
}
/**
* Get token
* @returns {user_id:”871668385574199296“, token:"Bearer eyJh***", expires_at:1758270091116}
*/
async function getToken() {
const timestamp = Date.now();//Millisecond timestamp
const appid = "";//【Platform obtained】Application appid
const secret = "";//【Platform obtained】Application secret key
const url = `https://video.h5ds.com/api/v1/third/login`;//Interface address
const sign = md5(timestamp + secret);//Signature
//Parameters
const data = {
userId: "user_01", //【Required】Unique identifier of the business user, it is recommended to use user ID
nick_name: "wtone", //【Optional】Nickname
mobile: "15888888889", //【Optional】Mobile phone number
email: "71999911@qq.com", //【Optional】Email address, such as example@qq.com
avatar: "", //【Optional】Avatar, should be a complete accessible address
gender: 0, //【Optional】Gender 0-Female 1-Male 2-Other
};
//Headers
const headers = {
appid,//Application appid
sign,//【Important】Signature algorithm
timestamp,//Millisecond timestamp
};
const response = await axios.post(url, data, { headers });
//Interface returns {code:0,message:"success",data:{}}, code non-0 indicates error
if (!response.data || response.data.code !== 0) {
throw new Error(response.data.message);
}
//Return format {user_id, token, expires_at}
return response.data.data;
}
(async () => {
const { user_id, token, expires_at } = await getToken();
console.log("user_id:", user_id, "\n token:", token, "\nexpires_at:", expires_at);
})();java
java
import okhttp3.*;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* Token generation tool class
*/
public class SAAS {
private static final String APP_ID = ""; // 【Platform obtained】Application appid
private static final String SECRET = ""; // 【Platform obtained】Application secret key
private static final String API_URL = "https://video.h5ds.com/api/v1/third/login"; // API interface address
/**
* Get Token
* @return Token string
* @throws Exception Request exception or API return error
*/
public static String getToken() throws Exception {
// Generate timestamp
long timestamp = System.currentTimeMillis();
// Generate signature(MD5(timestamp+secret))
String sign = md5(timestamp + SECRET);
// Initialize HTTP client
OkHttpClient client = new OkHttpClient();
// Construct request body JSON
String json = "{\"userId\":\"user_01\",\"nick_name\":\"wtone\"," +
"\"mobile\":\"15888888889\",\"email\":\"71999911@qq.com\"," +
"\"avatar\":\"\",\"gender\":0}";
// Create request body
RequestBody body = RequestBody.create(json, MediaType.parse("application/json"));
// Construct request headers
Request request = new Request.Builder()
.url(API_URL) // Set API address
.post(body) // Set to POST request
.addHeader("appid", APP_ID) // Add appid header
.addHeader("sign", sign) // Add signature header
.addHeader("timestamp", String.valueOf(timestamp)) // Add timestamp header
.addHeader("Content-Type", "application/json") // Set content type
.build();
// Execute request and process response
try (Response response = client.newCall(request).execute()) {
// Check response status
if (!response.isSuccessful()) {
throw new IOException("Unexpected code " + response);
}
// Get response data
String responseData = response.body().string();
// TODO: Parse token according to actual API response structure
return responseData;
}
}
/**
* MD5 encryption method
* @param input Input string
* @return MD5 hash value
* @throws NoSuchAlgorithmException
*/
private static String md5(String input) throws NoSuchAlgorithmException {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(input.getBytes());
byte[] digest = md.digest();
StringBuilder sb = new StringBuilder();
for (byte b : digest) {
sb.append(String.format("%02x", b));
}
return sb.toString();
}
// Test main method
public static void main(String[] args) {
try {
String token = getToken();
System.out.println("Token: " + token);
} catch (Exception e) {
e.printStackTrace();
}
}
}php
php
<?php
/**
* post request
*/
function post($url, $data, $headers)
{
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
curl_setopt($ch, CURLOPT_HTTPHEADER, array_merge(['Content-Type: application/json'], $headers));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$response = curl_exec($ch);
if (curl_errno($ch)) {
throw new Exception('Request failed: ' . curl_error($ch));
}
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpCode != 200) {
throw new Exception('API request failed with status: ' . $httpCode);
}
$responseData = json_decode($response, true);
return $responseData;
}
/**
* Get token
*/
function getToken()
{
$timestamp = round(microtime(true) * 1000); //Millisecond timestamp
$appid = "";//【Platform obtained】Application appid
$secret = "";//【Platform obtained】Application secret key
$url = 'https://video.h5ds.com/api/v1/third/login';//Interface address
$sign = md5($timestamp . $secret);//Signature
//Parameters
$data = [
'userId' => 'user_01', //【Required】Unique identifier of the business user, it is recommended to use user ID
'nick_name' => 'wtone', //【Optional】Nickname
'mobile' => '15888888889', //【Optional】Mobile phone number
'email' => '71999911@qq.com', //【Optional】Email address, such as example@qq.com
'avatar' => '', //【Optional】Avatar, should be a complete accessible address
'gender' => 0 //【Optional】Gender 0-Female 1-Male 2-Other
];
//Headers
$headers = [
'appid: ' . $appid, //Application appid
'sign: ' . $sign, //【Important】Signature algorithm
'timestamp: ' . $timestamp //Millisecond timestamp
];
$responseData = post($url, $data, $headers);
if (!$responseData || $responseData['code'] !== 0) {
throw new Exception($responseData['message'] ?? 'Unknown error');
}
return $responseData['data'];
}
// Usage example
$tokenData = getToken();
print_r($tokenData);3. Jump to Unbounded Cloud Clip Project
Based on the token obtained above, jump to the Unbounded Cloud Clip project by carrying query parameters. The project will automatically parse the token parameter in the query and use the token in subsequent interface requests.
jsx
<a href={`https://video.h5ds.com?token=${token}`} target="_blank" />3. User Login Status Interoperability
Since the user login status in the third-party system and the user login status (token validity period) in the cloud clip project are completely isolated information, in order to realize that when the user logs out in the third-party system or the login expires, the cloud clip system user token also automatically becomes invalid and logs out, the third-party system needs to provide additional interfaces to query the user login status.
1. Third-party system provides login status query interface
Interface address
GET http://192.168.31.46:8080/api/v1/test/saas/userStatus?userID={userId}Parameters
userID Third-party system user ID (the userId parameter passed when calling the saas login interface)Return format
json
{
"status": 0, //User login status 0-Not logged in 1-Logged in
}2. Cloud clip project configuration
The cloud clip project needs to configure the login status query interface, the configuration method is as follows: server/.env
#【saas user login status verification configuration】
# host.saas=http://192.168.31.46:8080/api/v1/test/saas/userStatus4. SAAS Interface
SAAS-level interfaces can view and manage user and work information across the entire application scope
Interface reference documentation: https://docs.apipost.net/docs/detail/40f0d78218e0000?target_id=1fb5aec
The interface mainly performs identity permission verification on the sign signature parameter in the Header
5. User Interface
In fact, after we get the token, we can request all API interfaces related to users in the project, such as obtaining project list, deleting project, updating project, etc. The specific API documentation will be provided after purchase.
Reference interface documentation: https://docs.apipost.net/docs/detail/40f0d78218e0000?target_id=1fb58d4
The interface mainly performs identity permission verification on the Authorization:{token} parameter in the Header.
Interface Example
1. Get current user information
ts
/**
* Get current user information
*/
function getCurrentUserInfo(token) {
return axios({
method: "get",
url: host + "/api/v1/user/info",
headers: {
Authorization: token,
},
}).then((res) => res.data.data);
}
// Get current user information
const userInfo = await getCurrentUserInfo(token);2. Create a new project
Get the project data return parameter res
ts
/**
* Create a new H5
*/
function createMovieData(token) {
const ndata = {
title: "Untitled",
createTime: +new Date(),
updateTime: +new Date(),
poster: "",
width: 1920,
height: 1080,
background: {},
transitions: [],
cameras: [],
captions: [],
elements: [],
resouces: [],
};
return axios({
method: "post",
url: host + "/api/v1/user/apps/create",
headers: {
Authorization: token,
},
data: {
source_id: "", //Source Id
category_id: 0, //Category Id
name: ndata.title, //Name
description: ndata.title, //Description
duration: 0, //Duration (milliseconds)
width: ndata.width, //Width
height: ndata.height, //Height
thumb: "", //Cover image url
data: ndata,
},
}).then((res) => res.data.data);
}
// Create video
const res = await createMovieData(token);