taobao_order_api.py
import requests
import time
import hashlib
import json
class TaobaoAPI:
def __init__(self, app_key, app_secret, redirect_uri):
"""初始化淘宝API客户端"""
self.app_key = app_key
self.app_secret = app_secret
self.redirect_uri = redirect_uri
self.access_token = None
self.refresh_token = None
self.token_expire_time = 0
# 淘宝开放平台API端点
self.auth_url = "https://oauth.taobao.com/authorize"
self.token_url = "https://oauth.taobao.com/token"
self.api_url = "https://eco.taobao.com/router/rest"
def get_authorize_url(self, state=None):
"""生成授权URL,引导商家登录授权"""
params = {
"response_type": "code",
"client_id": self.app_key,
"redirect_uri": self.redirect_uri,
"view": "web" # 可选值: web/wap,决定授权页面的样式
}
if state:
params["state"] = state
# 构建授权URL
query_string = '&'.join([f"{k}={v}" for k, v in params.items()])
return f"{self.auth_url}?{query_string}"
def get_access_token(self, code):
"""通过授权码换取Access Token"""
params = {
"grant_type": "authorization_code",
"client_id": self.app_key,
"client_secret": self.app_secret,
"code": code,
"redirect_uri": self.redirect_uri
}
response = requests.post(self.token_url, data=params)
result = response.json()
if "access_token" in result:
self.access_token = result["access_token"]
self.refresh_token = result.get("refresh_token")
self.token_expire_time = int(time.time()) + result.get("expires_in", 0)
return result
else:
raise Exception(f"获取AccessToken失败: {result}")
def refresh_access_token(self):
"""刷新Access Token"""
if not self.refresh_token:
raise Exception("没有刷新令牌,无法刷新AccessToken")
if time.time() + 600 > self.token_expire_time: # 提前10分钟刷新
params = {
"grant_type": "refresh_token",
"client_id": self.app_key,
"client_secret": self.app_secret,
"refresh_token": self.refresh_token
}
response = requests.post(self.token_url, data=params)
result = response.json()
if "access_token" in result:
self.access_token = result["access_token"]
self.refresh_token = result.get("refresh_token", self.refresh_token)
self.token_expire_time = int(time.time()) + result.get("expires_in", 0)
return result
else:
raise Exception(f"刷新AccessToken失败: {result}")
return {"message": "Token未过期,无需刷新"}
def generate_sign(self, params):
"""生成API请求签名"""
# 按参数名升序排序
sorted_params = sorted(params.items(), key=lambda x: x[0])
# 拼接参数
sign_str = self.app_secret
for k, v in sorted_params:
if k != "sign" and v is not None:
sign_str += f"{k}{v}"
sign_str += self.app_secret
# MD5加密
return hashlib.md5(sign_str.encode("utf-8")).hexdigest().upper()
def call(self, method, params=None):
"""调用淘宝API"""
if not self.access_token:
raise Exception("请先获取Access Token")
# 检查并刷新token
self.refresh_access_token()
# 构建公共参数
public_params = {
"method": method,
"app_key": self.app_key,
"timestamp": time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()),
"format": "json",
"v": "2.0",
"sign_method": "md5",
"session": self.access_token
}
# 合并参数
all_params = {**public_params, **(params or {})}
# 生成签名
all_params["sign"] = self.generate_sign(all_params)
# 发送请求
response = requests.post(self.api_url, data=all_params)
return response.json()
def get_orders(self, start_time, end_time, status="WAIT_SELLER_SEND_GOODS", page_no=1, page_size=20):
"""获取淘宝订单列表
:param start_time: 订单创建开始时间,格式: yyyy-MM-dd HH:mm:ss
:param end_time: 订单创建结束时间,格式: yyyy-MM-dd HH:mm:ss
:param status: 订单状态,默认等待发货
:param page_no: 页码
:param page_size: 每页数量
"""
method = "taobao.trades.sold.get"
params = {
"fields": "tid,title,type,status,payment,discount_fee,adjust_fee,post_fee,total_fee,"
"pay_time,end_time,created,seller_nick,buyer_nick,buyer_message,"
"receiver_name,receiver_state,receiver_city,receiver_district,"
"receiver_address,receiver_zip,receiver_mobile,receiver_phone",
"start_created": start_time,
"end_created": end_time,
"status": status,
"page_no": page_no,
"page_size": page_size,
"use_has_next": True
}
return self.call(method, params)
# 使用示例
if __name__ == "__main__":
# 替换为你的应用信息
APP_KEY = "your_app_key"
APP_SECRET = "your_app_secret"
REDIRECT_URI = "https://yourdomain.com/callback"
# 初始化API客户端
taobao = TaobaoAPI(APP_KEY, APP_SECRET, REDIRECT_URI)
# 1. 生成授权URL,引导商家授权
auth_url = taobao.get_authorize_url()
print(f"请访问以下URL进行授权: {auth_url}")
# 2. 用户授权后,会跳转至REDIRECT_URI,并携带code参数
# 这里需要开发者自己实现接收code的逻辑
code = input("请输入授权码: ")
# 3. 获取Access Token
token_result = taobao.get_access_token(code)
print(f"获取Token成功: {json.dumps(token_result, indent=2)}")
# 4. 获取订单数据
start_time = "2023-01-01 00:00:00"
end_time = "2023-01-31 23:59:59"
orders_result = taobao.get_orders(start_time, end_time)
if "trades_sold_get_response" in orders_result:
trades = orders_result["trades_sold_get_response"].get("trades", {}).get("trade", [])
print(f"成功获取{len(trades)}个订单")
for trade in trades:
print(f"订单号: {trade['tid']}, 状态: {trade['status']}, 金额: {trade['payment']}")
else:
print(f"获取订单失败: {json.dumps(orders_result, indent=2)}") 
上述代码实现了一个完整的淘宝订单接口客户端,包括授权流程、Token 管理和订单数据获取。使用时需要替换为自己的应用信息。商家首先需要访问生成的授权 URL 进行登录授权,授权通过后可以获取订单数据。接口使用接口使用OAuth2.0 授权机制,保证了数据的安全性和用户隐私。
