这个页面用于快速生成业务站点调用 /auth/check_is_login 的签名参数,便于本地和第三方站点联调。
输入参数
redirect_url
https://sso.365d4u.com/test-result
timestamp
1780112472
signature
aefecac1a7eca2704fc7e68cb81e87d92d593b204762f5781446b4a61b9a8762
可直接请求的链接
https://sso.365d4u.com/auth/check_is_login?redirect_url=https://sso.365d4u.com/test-result×tamp=1780112472&signature=aefecac1a7eca2704fc7e68cb81e87d92d593b204762f5781446b4a61b9a8762
浏览器或前端 GET 示例
fetch("https://sso.365d4u.com/auth/check_is_login?redirect_url=https://sso.365d4u.com/test-result\u0026timestamp=1780112472\u0026signature=aefecac1a7eca2704fc7e68cb81e87d92d593b204762f5781446b4a61b9a8762")
.then(r => r.json())
.then(console.log);
Python 示例
import requests check_url = "https://sso.365d4u.com/auth/check_is_login?redirect_url=https://sso.365d4u.com/test-result\u0026timestamp=1780112472\u0026signature=aefecac1a7eca2704fc7e68cb81e87d92d593b204762f5781446b4a61b9a8762" print(requests.get(check_url).json())
联调说明
- 业务站点先请求
/auth/check_is_login,如果data.user不为null,直接更新本地登录态。 - 若返回
data.user = null,再跳转到/auth/login_ssl?redirect_url=...×tamp=...&signature=...。 - 签名规则:
hex(hmac_sha256(SSO_SIGNATURE_SECRET, timestamp + "\n" + redirect_url))。 - 白名单仅校验
domain_url,因此redirect_url对应域名必须在白名单中。
当前白名单 domain_url
http://127.0.0.1:5000 http://127.0.0.1:8079 http://host365d.local https://msg.365d4u.com https://newsystem.365d4u.com https://newsystemtest.365d4u.com https://respondstat.365d4u.com https://sso.365d4u.com https://test.365d4u.com https://www.365d4u.com