Alipay Login
Document Description
This document describes how to integrate Alipay authorized login on an Android client. In an Alipay login scenario, the Alipay APP is already installed on the user's phone. The user clicks the Alipay login button in the client APP. The IDaaS SDK launches the authorization page in the Alipay APP. The user clicks the "Authorize Login" button. After authorization succeeds, the Alipay APP redirects back to the client APP. At this point, the IDaaS SDK automatically receives the temporary ticket and requests authentication from the IDaaS server with the ticket. The final authentication result is returned to the client APP.
Flow Description
Login Flow

Integration Flow Description
The user clicks the Alipay login button in the APP client.
The APP client calls the Alipay login method of the IDaaS SDK.
The IDaaS SDK sends a login authorization request to the Alipay SDK.
The Alipay SDK launches the Alipay APP on the phone and displays the authorization login page.
The user clicks the authorize login button.
Alipay authorization succeeds and launches the client APP, carrying the Alipay authorization ticket. At this point, the IDaaS SDK automatically obtains the Alipay authorization ticket during the launch.
IDaaS requests authentication from the IDaaS server using the Alipay authorization ticket.
The IDaaS server checks whether a mobile number is bound. If a mobile number is already bound, the IDaaS server authentication succeeds and returns sessionToken to the IDaaS SDK.
The IDaaS SDK returns sessionToken to the APP client.
If the IDaaS server finds that no mobile number is bound, it returns a flag indicating that binding or registration is required.
The IDaaS server displays the binding or registration page.
The user enters the mobile number, clicks to get the verification code, and completes the slider verification.
The IDaaS SDK requests slider verification from the IDaaS server with the slider verification code.
The IDaaS server validates the slider successfully and returns token to the IDaaS SDK.
The IDaaS SDK requests the IDaaS server to send an SMS verification code using token and mobile number.
The user receives the SMS verification code, enters it in the verification code input box, and clicks the bind or register button.
The IDaaS SDK submits the binding or login data to the IDaaS server.
Binding or registration succeeds, and the IDaaS server returns sessionToken to the IDaaS SDK.
The IDaaS SDK returns sessionToken to the client APP.
Preparation
Get Application clientId
Log in to the IDaaS Enterprise Center platform, click "Resources --> Applications", select the relevant application, and view it.

Configure Authentication Source
Log in to the IDaaS Enterprise Center platform, click "Authentication --> Authentication Source Management --> Alipay".

Click Add Authentication Source, enter the AppId and public key obtained after registering the application on the Alipay Open Platform. The channel selection box should be "Mobile Application". Enter a display name.

Click the newly created application, and after creation, select "Login Configuration --> Mobile Application --> Configure".

In the window shown below, click the enable button at the end of the Alipay row.

Select the configured authentication source and save the configuration.
Import Dependency Packages
Before integrating Alipay OAuth authorized login, you need to register a developer account on the Alipay Open Platform and have an approved mobile application, obtaining the corresponding AppID and application public key. After enabling Alipay login and passing review, you can begin the integration process.
Import the aar package into lib, as shown below:

Configure build.gradle
/*begin*/
/* rxjava2 + okhttp + retrofit2 */
api 'io.reactivex.rxjava2:rxjava:2.2.10'
api 'io.reactivex.rxjava2:rxandroid:2.1.1'
api 'com.squareup.retrofit2:retrofit:2.6.0'
api 'com.squareup.retrofit2:adapter-rxjava2:2.6.0'
api 'com.squareup.retrofit2:converter-gson:2.6.0'
api 'com.squareup.okhttp3:okhttp:4.3.1'
api 'com.squareup.okhttp3:logging-interceptor:3.6.0'
api 'com.jakewharton.retrofit:retrofit2-rxjava2-adapter:1.0.0'
api 'com.trello.rxlifecycle2:rxlifecycle-components:2.1.0'
api 'com.alibaba:fastjson:1.2.61'
/*end*/
//Common library, required
implementation(name: 'AuthnCenter_Common-1.5.3', ext: 'aar')
//Alipay login SDK, required
implementation(name: ''AuthnCenter_Login_AliPay-1.5.3', ext: 'aar')
//Alipay official dependency library, required
implementation(name: 'alipaySdk-15.7.9-20200727142846', ext: 'aar')Configure AndroidManifest
<!--Permissions-->
<uses-permission android:name="android.permission.INTERNET" />
<!--Write external storage permission-->
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<!--Read external storage permission-->
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<!-- Alipay redirect, must register -->
<!-- To use the "universal redirect SDK" capability, add this to your App's AndroidManifest.xml -->
<!-- And set android:scheme reasonably -->
<activity
android:name="com.alipay.sdk.app.AlipayResultActivity"
tools:node="merge">
<intent-filter tools:node="replace">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="__alipaysdklogin__" />
</intent-filter>
</activity>
<!-- Country code interface, register as needed -->
<activity
android:name="com.authncenter.loginalipay.view.CountryCodeListActivity"
android:launchMode="singleTask"
android:screenOrientation="portrait" />
<!-- SMS verification interface, register as needed -->
<activity
android:name="com.authncenter.loginalipay.view.MsgActivity"
android:launchMode="singleTask"
android:screenOrientation="portrait" />Development Integration
Built-in API Introduction
Main methods of the basic configuration initialization class AuthnCenterAPI:
/**
* SMS verification code -- send SMS
*/
public void smsSend(Context context, SendSmsReq req, RequestListener listener)
/**
* Get country/area code. Note: If country/area codes are configured, call this API to obtain them.
*/
public void getCountryCode(Context context, RequestListener listener)
/**
* Social account binding interface
* @param context Context
* @param stateToken Temporary token returned after current login
* @param otpsmsReq Binding object information
* @param listener Event callback
*/
public void socialBind(Context context, String stateToken, OTPSMSReq otpsmsReq, RequestListener listener)
/**
* Register
* @param context Context
* @param stateToken Temporary token returned after current login
* @param otpsmsReq Registration object information
* @param listener Event callback
*/
public void register(Context context, String stateToken, OTPSMSReq otpsmsReq, RequestListener listener)Main methods of the Alipay login initialization class AuthnCenterLoginAliPay:
/**
* Alipay login
* @param context Context
* @param loginListener Event listener
* @param loginType LoginType.DEFAULT (built-in), LoginType.CUSTOM (custom)
*/
public void loginByAliPay(Context context, WeChatLoginListener loginListener, LoginType loginType)Mobile International Area Code Acquisition
If international number support is enabled, call the international area code acquisition API first. The API returns the configured list of international area codes, along with regular expressions for phone number formats. The figure below shows how to configure the international area code list and preferred area code.

Sample code for obtaining the international area code list:
AuthnCenterAPI.Builder().getCountryCode(this, new RequestListener<CountryCodeInfoRsp>() {
@Override
public void success(CountryCodeInfoRsp codeInfoRsp) {
}
@Override
public void error(String code, String errorMessage) {
}
});Success example: code=0, data value:
{
"phoneAreaCodeDefinitions": [
{
"areaCode": "86",
"displayMapping": {
"zh-TW": "Mainland China",
"en": "China",
"zh-CN": "Mainland China"
},
"countryCode": "CN",
"mobileRegex": "^(\\+86){0,1}\\-?1\\d{10}$",
"areaCodeSuffixes": []
},
{
"areaCode": "852",
"displayMapping": {
"zh-TW": "Hong Kong",
"en": "Hong Kong",
"zh-CN": "Hong Kong"
},
"countryCode": "HK",
"mobileRegex": "^(\\+852){1}\\-?0{0,1}[1,4,5,6,7,8,9](?:\\d{7}|\\d{8}|\\d{12})$",
"areaCodeSuffixes": []
},
{
"areaCode": "886",
"displayMapping": {
"zh-TW": "Taiwan",
"en": "Taiwan",
"zh-CN": "Taiwan"
},
"countryCode": "TW",
"mobileRegex": "^(\\+886){1}\\-?[6,7,9](?:\\d{7}|\\d{8})$",
"areaCodeSuffixes": []
},
{
"areaCode": "853",
"displayMapping": {
"zh-TW": "Macau",
"en": "Macau",
"zh-CN": "Macau"
},
"countryCode": "MO",
"mobileRegex": "^(\\+853){1}\\-?0{0,1}[1,4,5,6,7,8,9](?:\\d{7}|\\d{8}|\\d{12})$",
"areaCodeSuffixes": []
},
{
"areaCode": "93",
"displayMapping": {
"zh-TW": "Afghanistan",
"en": "Afghanistan",
"zh-CN": "Afghanistan"
},
"countryCode": "AF",
"mobileRegex": "^(\\+93){1}\\-\\d{6,11}",
"areaCodeSuffixes": []
}
],
"preferredAreaCode": "CN"
}Return Parameters:
| Parameter Name | Chinese Name | Type | Description |
|---|---|---|---|
| preferredAreaCode | Preferred international area code | String | Preferred international area code configured in the current enterprise center |
| countryCode | Country/region code | String | Country/region code |
| areaCode | International dialing code | String | International dialing code |
| areaCodeSuffixes | International dialing code suffixes | String | International dialing code suffixes |
| mobileRegex | Mobile number format regex | String | Mobile number format regex |
| displayMapping | Multilingual display name mapping | String | Multilingual display name mapping |
Built-in Slider Verification
When sending a verification code, human-machine interaction verification needs to be called.
BlockPuzzleDialog mBlockPuzzleDialog = new BlockPuzzleDialog(mContext);
mBlockPuzzleDialog.setOnResultsListener(new OnResultsListener() {
@Override
public void onResultsClick(String result) {
LogUtil.getInstance().d("Secondary verification callback result mCaptchaToken:" + result);
//This callback result is the captchaToken parameter for SMS verification
}
@Override
public void onError(String code, String msg) {
ToastUtils.ShowToast(mContext, String.format("Error code : %s Error message : %s", code, msg));
}
});
}Send Verification Code
The APP client needs to have its own UI interface, which contains several necessary components: mobile number input box, verification code input box, button (or event) to trigger getting the verification code, and login button (or event).
After the user enters the mobile number and before clicking (triggering) the send verification code event, the APP client performs mobile number format checking.
Click (trigger) the send verification code event. The APP client calls the IDaaS SDK send verification code method, as shown below:
//Send verification code
SendSmsReq sendSmsReq = new SendSmsReq();
sendSmsReq.setMobile(getPhoneNum());
sendSmsReq.setType(SendSmsType.login);//Type enum
sendSmsReq.setCaptcha_token(“Result returned after slider verification succeeds”);
AuthnCenterAPI.Builder().smsSend(mContext, sendSmsReq
, new RequestListener<BaseResponse>() {
@Override
public void success(BaseResponse rsp) {
}
@Override
public void error(String code, String errorMessage) {
}
});Built-in UI Development Integration
Initialization
AuthnCenterSDK.Builder()
.init(this)
.setBaseUrl("https://xxx.xxx.com") //Tenant domain
.setClientId("xxxx") //Tenant backend application client-id
.isCheckSSL(false) //Whether to check SSL certificate
.logEnable(false).build(); //Whether to enable HTTP request log
PlatformConfig.Builder().init(this).setAlipayAppId(alipayAppId); //Set Alipay APPIDUI Customization
The caller can set the text, description, color, etc. of the binding interface through BindThemeConfig. Specific attributes are as follows:
//Custom interface
BindThemeConfig.Builder().setBindTitle("I am the title")
.setBindDes("I am the details")
.setBindButtonText("I just want to change the button text")
.setBindButtonTextDefaultColor("#367517")
.setBindButtonTextColor("#C8E2B1")
.setBindButtonTextOnPressColor("#F9F400")
.setSendMsgColor("#976D00")
.setSendMsgNoActiviColor("#50A625")
.setDialogTitle("I just want to customize")
.setDialogBtnConfirmColor("#FFB6C1");Attribute Description
| Parameter | Type | Description | Example |
|---|---|---|---|
| setBackFont | String | Change back text | None |
| setBackFontColor | String | Change back text color | Hex color e.g. #FFFFFF |
| setBackImg | int | Set back icon | Resource file R |
| setBackFontSize | int | Set back text size | 14sp |
| setCountryCodeVisibility | boolean | Set whether international area code is displayed | Default is true |
| setBindTitle | String | Bind interface title | None |
| setBindDes | String | Bind interface description | None |
| setBindButtonText | String | Bind button text | None |
| setBindButtonTextDefaultColor | String | Bind button text default background color | Hex color e.g. #FFFFFF |
| setBindButtonTextColor | String | Bind button text color | Hex color e.g. #FFFFFF |
| setBindButtonTextOnPressColor | String | Bind button text background color after click | Hex color e.g. #FFFFFF |
| setSendMsgColor | String | Send SMS button text color | Hex color e.g. #FFFFFF |
| setSendMsgNoActiviColor | String | Countdown text color | Hex color e.g. #FFFFFF |
| setDialogTitle | String | Unbind dialog title | None |
| setDialogBtnConfirmColor | String | Unbind dialog confirm button color | Hex color e.g. #FFFFFF |
| sendMsgNoActiveBackground | int | Send SMS button background resource | Android color or background resource file (R) |
| setButtonBackground | int | Send SMS button default background resource | Android color or background resource file (R) |
| setSendMsgBackground | int | Bind button background resource | Android color or background resource file (R) |
Alipay Login Built-in Interface
AuthnCenterLoginAliPay.Builder().loginByAliPay(this, new AlipayLoginListener() {
@Override
public void success(String code, String data) {
//Success callback
}
@Override
public void error(String code, String errorMessage) {
//Failure callback
}
}, LoginType.DEFAULT);API Development Integration
If you choose this integration method, after login returns, you need to handle binding or registration business yourself based on the returned status, and perform basic mobile number-related operations.
At the same time, the relevant registration information in the AndroidManifest file can be filled with your own.
Call Sequence Description
If the returned status after login success is binding, then at this point you need to call:
Get country/area code (call this based on whether international support is configured) (getCountryCode)
Slider verification (BlockPuzzleDialog)
Send SMS (smsSend)
Bind or register (socialBind/register)
Initialization
AuthnCenterSDK.Builder()
.init(this)
.setBaseUrl("https://xxx.xxx.com") //Tenant domain
.setClientId("xxxx") //Tenant backend application client-id
.isCheckSSL(false) //Whether to check SSL certificate
.logEnable(false).build(); //Whether to enable HTTP request log
PlatformConfig.Builder().init(this).setAlipayAppId(alipayAppId); //Set Alipay APPIDAlipay Login (Custom Interface)
AuthnCenterLoginAliPay.Builder().loginByAliPay(this, new WeChatLoginListener() {
@Override
public void success(String code, String data) {
//Here, jump to your own interface for binding or registration operations based on the code return value
Intent intent = new Intent(MainActivity.this, AliPayActivity.class);
intent.putExtra(SocialType.STATETOKEN, data);
intent.putExtra(SocialType.BINDTYPE, SocialType.WX);
switch (code) {
case "10002": //Login successful
ToastUtils.ShowToast(MainActivity.this, "Login successful : " + data);
return;
case "10003": //Bind user
intent.putExtra(SocialType.ACTIONTYPE, ActionType.BIND);
break;
case "10004": //Register user
intent.putExtra(SocialType.ACTIONTYPE, ActionType.REGISTER);
break;
}
intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
startActivity(intent);
}
@Override
public void error(String code, String errorMessage) {
ToastUtils.ShowToast(MainActivity.this, "SDK callback code : " + code + "---- msg " + errorMessage);
}
}, LoginType.CUSTOM);Determine based on the returned code here:
| Code | Description |
|---|---|
| 10001 | AuthCenter server error |
| 10002 | Success |
| 10003 | User binding required |
| 10004 | User registration required |
Return Codes
| HTTP Status Code | Error Code (error_code) | Error Message (error_msg) | Chinese Error Message |
|---|---|---|---|
| 400 | IDAAS.SDK.COMMON.1001 | Parameter {0} cannot be left blank | 参数 {0} 不能为空 |
| 400 | IDAAS.SDK.COMMON.1002 | The {0} parameter format is incorrect | 参数 {0} 格式错误 |
| 400 | IDAAS.SDK.COMMON.1003 | Device information is incomplete | 设备信息不完整 |
| 400 | IDAAS.SDK.COMMON.1004 | Signature decryption error | 签名解密错误 |
| 400 | IDAAS.SDK.COMMON.1005 | The {0} has failed | {0} 已失效 |
| 400 | IDAAS.SDK.COMMON.1006 | The {0} parameter error | {0} 参数错误 |
| 400 | IDAAS.SDK.COMMON.1007 | The {0} parameter type error | {0}参数类型错误 |
| 500 | IDAAS.SDK.COMMON.1008 | The system is busy. Try again later | 系统繁忙。稍后再试 |
| 400 | IDAAS.SDK.COMMON.1009 | Unknown authentication configuration | 未知的认证配置 |
| 400 | IDAAS.SDK.COMMON.1010 | Failed to obtain the enterprise center global configuration | 获取企业中心全局配置失败 |
| 400 | IDAAS.SDK.COMMON.1011 | Failed to obtain the international area code configuration | 获取国际区号配置失败 |
| 400 | IDAAS.SDK.COMMON.1012 | The x-client-ID is incorrect and the corresponding application cannot be found | X-client-id错误,找不到对应的应用 |
| 400 | IDAAS.SDK.COMMON.1013 | The corresponding user is not found | 未找到对应的用户 |
| 400 | IDAAS.SDK.COMMON.1014 | Application private key not found | 未找到应用私钥 |
| 400 | IDAAS.SDK.LOGIN.1001 | Error calling interface | 调用 {0} 接口出错 |
| 400 | IDAAS.SDK.LOGIN.1002 | User not bound | 用户未绑定 |
| 400 | IDAAS.SDK.LOGIN.1003 | The user has been locked due to too many unsuccessful login attempts. It will be unlocked in {0} minutes and {1} seconds | 由于多次登录失败,用户已被锁定。 它将在 {0} 分钟和 {1} 秒内解锁 |
| 400 | IDAAS.SDK.LOGIN.1004 | Failed to obtain the password policy | 获取密码策略错误 |
| 400 | IDAAS.SDK.LOGIN.1005 | Invalid username or password. Remaining login attempts: | 无效的用户名或密码。 其余登录尝试次数: |
| 400 | IDAAS.SDK.LOGIN.1006 | Configuration error, unable to find wechat authentication source | 配置错误,找不到微信认证源 |
| 400 | IDAAS.SDK.LOGIN.1007 | Configuration error, unable to find alipay authentication source | 配置错误,找不到支付宝认证源 |
| 400 | IDAAS.SDK.LOGIN.1008 | The configuration is incorrect. The one-click login authentication source cannot be found | 配置错误,无法找到一键登录认证源 |
| 400 | IDAAS.SDK.SMS.1001 | {0} slide base map is not initialized successfully, please check the path | {0} 滑动底图未初始化成功,请检查路径 |
| 400 | IDAAS.SDK.SMS.1002 | {0} verification code coordinate resolution failed | {0} 验证码坐标解析失败 |
| 400 | IDAAS.SDK.SMS.1003 | {0} verification code coordinate verification fails | {0} 验证码坐标校验失败 |
| 400 | IDAAS.SDK.SMS.1004 | The graphic verification code is incorrect | 图形验证码校验错误 |
| 400 | IDAAS.SDK.SMS.1005 | SMS verification code verification is incorrect | 短信验证码验证错误 |
| 400 | IDAAS.SDK.SMS.1006 | The email verification code is incorrect | 邮件验证码验证错误 |
| 400 | IDAAS.SDK.SMS.1007 | Sending scenario does not exist | 发送场景不存在 |
| 400 | IDAAS.SDK.SMS.1008 | Failed to send the verification code | 发送验证码失败 |
| 400 | IDAAS.SDK.SOCIAL.1001 | The social account is unbound incorrectly | 社交账号解绑错误 |
| 400 | IDAAS.SDK.SOCIAL.1002 | The social account has been bound, please unbind it first | 社交账号已绑定,请先解绑 |
| 400 | IDAAS.SDK.PWD.1001 | The password length is incorrect | 密码长度错误 |
| 400 | IDAAS.SDK.PWD.1002 | The password cannot be the username | 密码不能为用户名 |
| 400 | IDAAS.SDK.PWD.1003 | Your password complexity is low | 你的密码复杂度过低 |
| 400 | IDAAS.SDK.PWD.1004 | The password is weak | 密码很弱 |
| 400 | IDAAS.SDK.PWD.1005 | The password is used before, cannot be used again | 该密码已被使用过,不能再次使用 |
| 400 | IDAAS.SDK.PWD.1006 | Password cannot username in reverse order | 密码不能是用户名的倒序 |
| 400 | IDAAS.SDK.PWD.1007 | The number of repeated password characters exceeded the upper limit | 密码重复字符数超过限制 |
| 400 | IDAAS.SDK.PWD.1008 | Password cannot contain :username, phone number, email prefix, name in PinYing | 密码不能包含:用户名、电话号码、邮件前缀、拼音名 |
| 400 | IDAAS.SDK.MFA.1001 | The mobile doesn't match the user | 手机号和用户不匹配 |
| 400 | IDAAS.SDK.MFA.1002 | The access control policy is incorrect | 访问控制策略配置错误 |
| 400 | IDAAS.SDK.MFA.1003 | Access control authentication source type conversion error | 访问控制身份验证源类型转换错误 |