流程说明

流程描述

HG 调用 Headline 后端 API 注册和绑定用户
HG 用户点击打开Headline时，需要请求Headline API获取这个特定用户的一次性令牌。这个一次性令牌可以用于验证用户的身份并授权其访问Headline的相关内容。
HG 在获取到用户的一次性令牌后，可以在其页面中使用 iframe 元素嵌入Headline网站。在嵌入的URL中附加用户的一次性令牌，这样用户在访问该iframe时将自动进行登录过程，而无需手动输入用户名和密码。

交互流程图

详细交互图：https://www.processon.com/view/link/662d1a0858531d4d72e2acac

注册绑定账户

HG业务系统注册用户时，需要调用HL交易系统接口进行用户注册和绑定。

通过ManagerApi进行创建用户和绑定操作，接口地址如下：

https://docs.multimarkets.org/manager-api/customer/customer-registration

调用示例

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType,
"{\"phone\":\"{{mock_phone}}\",\"pwd\":\"dc483e80a7a0bd9ef71d8cf973673924\",\"country\":\"{{national_code}}\",\"registerSource\":1,\"customerGroupId\":1,\"tradeTypeCurrencyList\":[{\"allCurrency\":\"USDT\",\"tradeType\":\"1\"}],\"phoneArea\":\"+86\"}");
Request request = new Request.Builder()
  .url("https://web.headline.net/openapi-b/global/customer.admin.WhiteCustomerAdminApiService.addCusAndOpenAccountAndKyc")
  .post(body)
  .addHeader("accept", "application/json")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

{
  "msg": "Success",
  "fail": false,
  "trace": "t-h2jv9x-4to64-9mp4wd7-793nv-1661227305",
  "code": "0",
  "data": "86021976",
  "bizCode": "",
  "tm": 236026513,
  "msgParams": null,
  "ok": true
}

获取一次性令牌

在HG中打开Headline交易页面时，需要通过Headline后端接口获取一次有效令牌。

根据已经绑定的用户客户编号以及对应密码进行请求一次有效令牌，接口地址如下：

https://docs.multimarkets.org/client-api/login

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, 
"{\"type\":2,\"device\":1,\"loginName\":\"13429837442\",\"isThird\":false,\"thirdSource\":\"\",\"bindThirdUserId\":\"\",\"loginPwd\":\"dc483e80a7a0bd9ef71d8cf973673924\"}");
Request request = new Request.Builder()
  .url("https://web.headline.net/api/login/customer.app.CustomerWebApiService.login")
  .post(body)
  .addHeader("accept", "application/json")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

{
  "msg": "Success",
  "fail": false,
  "trace": "x-31z6g86n-kr01ct-4g1u-ci45-1678377046",
  "code": "0",
  "data": {
    "token": "a541f9d5-2507-42b3-b790-59e1f755c380app",
    "customerNo": "86001175",
    "customerGroupId": 1,
    "thirdUserId": null,
    "googleId": -1,
    "lastName": null,
    "country": "CN",
    "kycStatus": 1,
    "companyKycStatus": 2,
    "assertPassStatus": "2",
    "idCard": null,
    "thirdLoginSource": null,
    "payPassStatus": "2",
    "source": "H5",
    "type": 0,
    "registerSource": 1,
    "loginPassStatus": "2",
    "idCardType": null,
    "loginTime": 1678360534200,
    "associationCompanyId": null,
    "id": 1176,
    "activateStatus": null,
    "email": "22**@qq.com",
    "openAccountType": 0,
    "accountRemark": null,
    "companyType": "real",
    "registerTime": 1648777706117,
    "activateTime": null,
    "kycAuditStatus": 2,
    "optional": 1,
    "isFund": 0,
    "firstName": null,
    "companyId": 360,
    "thirdIntactMsg": null,
    "createTime": 1648777706117,
    "phone": "135******9561",
    "relationCustomerId": 0,
    "accountList": [],
    "name": null,
    "phoneArea": "+86",
    "deposit": 1,
    "rToken": "291e08e4e0af86b3d8af85f2947a02125a1c1746db58b303b06cc1aba389f4cd",
    "thirdServerCode": "",
    "status": 2,
    "withdraw": 1
  },
  "bizCode": "",
  "tm": 82650853,
  "msgParams": null,
  "ok": true
}

📘 重点说明：
返回结果中Token作为一次有效令牌，用于Headline页面的打开参数

打开交易页面

根据一次有效令牌，拼接成iframe 的url地址，如下格式：

https://www.headline.net/zh-CN/home?tsource=10e87b3b-1278-43f3-a0cb-16cfba88ca4aapp

📘 拼接参数格式：
https://www.headline.net/zh-CN/home?tsource=${token}
其中token是有效令牌参数

换取有效令牌

Headline交易UI需要修改，增加有效令牌换取真实access token的逻辑

Headline交易UI根据url中的tsource参数主动调用接口换取真实access token，接口地址如下：

https://multimarkets-c-api-en.apidocumentation.com/reference#tag/customerauth/post/global/thirdExt/randomKey

调用方式与结果：

OkHttpClient client = new OkHttpClient();

Request request = new Request.Builder()
  .url("https://web.headline.net/api/global/thirdExt/randomKey")
  .post(null)
  .addHeader("accept", "application/json")
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

{
  "msg": "Success",
  "fail": false,
  "trace": "x-qfx13-8z5850-mf4l657-gkqbn-1677563999",
  "code": "0",
  "data": "qfx13-8z5850-mf4l657-gkqbn-167756399",
  "bizCode": "",
  "tm": 955,
  "msgParams": null,
  "ok": true
}

交易UI获取真实access token后写入浏览器本地缓存（local storage），用于后续交易访问令牌

Previous介绍 Next接口如何申请apikey？

Last updated 6 months ago