public static function ssoAction($controller, $conn, $appid, $openid, $token, $encrypt)
{
//重新授权
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$agent = $appdata["clientid"];
if (empty($agent)) {
$resp = new Response("未正确配置认证信息的appkey项");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
//$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => self::$bind_type . "Controller"));
}
$ldap_uid = $bindinfo["bind_uid"];
$cacheKey = md5($appid . $openid);
$data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->containerObj);
$acctoken = $data["access_token"];
//获取authkey
$url = "http://openapi.exmail.qq.com:12211/openapi/mail/authkey";
$authkey = Utils::do_post_request($url, "alias=" . $ldap_uid . "&access_token=" . $acctoken);
if (empty($authkey)) {
$resp = new Response("腾讯企业邮箱登录失败");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = json_decode($authkey, true);
if (!isset($authkey)) {
$resp = new Response("腾讯企业邮箱登录失败:<br>" . json_encode($authkey));
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = $authkey["auth_key"];
$login_url = "https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=" . $agent . "&user="******"&ticket=" . $authkey;
return Utils::http_redirect($login_url);
}
public static function bindBatAction($controller, $con, $appid, $eno, $encrypt, $params)
{
$re = array('s' => '1', 'm' => '');
try {
$openids = $params->get("openids");
if ($openids == 'all') {
$sql = "select openid from we_staff where eno=? and auth_level!='J'";
$param = array($eno);
$ds = $con->getdata('info', $sql, $param);
$rows = $ds['info']['rows'];
foreach ($rows as $row) {
$openidArr[] = $row['openid'];
}
} else {
$openidArr = explode(',', $openids);
}
$sql = "select appkey from we_appcenter_apps where appid=?";
$ds = $con->GetData("t", $sql, array((string) $appid));
$appkey = '';
if (count($ds["t"]["rows"]) > 0) {
$appkey = $ds["t"]["rows"][0]["appkey"];
}
$sqls = [];
$paras = [];
for ($i = 0; $i < count($openidArr); $i++) {
$sql = "select mobile,nick_name,birthday,sex_id,login_account from we_staff where openid=?";
$params = array($openidArr[$i]);
$ds = $con->getdata('info', $sql, $params);
if ($ds['info']['recordcount'] > 0) {
$pam_account = array();
$pam_account['login_name'] = $ds['info']['rows'][0]['login_account'];
$pam_account['login_password'] = '******';
$pam_account['psw_confirm'] = '123456';
$auth = array('userid' => $pam_account['login_name'], 'passwd' => $pam_account['login_password']);
$auth = json_encode($auth);
//$auth=DES::encrypt2($auth,'_sddb74+');
$auth = DES::encrypt2($auth, $appkey);
$pam_account = json_encode($pam_account);
$pam_account = DES::encrypt2($pam_account, 'ecstore');
$addr = "";
$name = $ds['info']['rows'][0]['nick_name'];
$phone = $ds['info']['rows'][0]['phone'];
$qq = "";
$zipcode = "";
$birthday = $ds['info']['rows'][0]['birthday'];
$gender = $ds['info']['rows'][0]['sex_id'] == '女' ? 'female' : 'male';
$data = "pam_account={$pam_account}&addr={$addr}&name={$name}&phone={$phone}&qq={$qq}&zipcode={$zipcode}&birthday={$birthday}&gender={$gender}";
$result = Utils::do_post_request(self::$bind_url . "&" . $data);
$result = json_decode($result, true);
if ($result['rsp'] != 'fail') {
$sql = "delete from we_staff_account_bind where bind_account=? and bind_type=? and appid=?";
$params = array($openidArr[$i], self::$bind_type, $appid);
array_push($sqls, $sql);
array_push($paras, $params);
$sql = "insert into we_staff_account_bind(bind_account,appid,bind_uid,authkey,bind_type,bind_created)values(?,?,?,?,?,now())";
$params = array($openidArr[$i], (string) $appid, $ds['info']['rows'][0]['login_account'], (string) $auth, self::$bind_type);
array_push($sqls, $sql);
array_push($paras, $params);
}
}
}
if (count($sqls) > 0) {
if (!$con->ExecSQLs($sqls, $paras)) {
$re = array('s' => '0', 'm' => '操作失败');
}
}
} catch (\Exception $e) {
$re = array('s' => '0', 'm' => $e->getMessage());
}
return $re;
}
public function removeRemindTaskAction()
{
//判断请求域。是wefafa或子域则不验证授权令牌
$isWeFaFaDomain = $this->checkWWWDomain();
$res = $this->get("request");
$da = $this->get("we_data_access");
if (!$isWeFaFaDomain) {
$token = $this->checkAccessToken($res, $da);
if (!$token) {
$response = new Response("{\"returncode\" : \"9999\",\"code\":\"err1015\",\"msg\":\"参数Appid或Openid或Access_token未指定或无效.\"}");
$response->headers->set('Content-Type', 'text/html');
return $response;
}
}
$busid = trim($res->get("ID"));
$regUrl = $this->container->getParameter("FAFA_REG_JID_URL");
$regUrlOrg = $regUrl . "/service.yaws";
$data = "removeRemind=1&busid={$busid}";
//$this->get("logger")->alert("SEND API URL:$regUrlOrg?$data");
$re = Utils::do_post_request($regUrlOrg, $data);
//$this->get("logger")->alert("SEND API Result:$re");
$response = new Response("{\"returncode\" : \"0000\"}");
$response->headers->set('Content-Type', 'text/html');
}
public function weibocallbackAction()
{
$request = $this->get("request");
$o = new SaeTOAuthV2(Utils::$WB_AKEY, Utils::$WB_SKEY);
$login_type = $request->get('_wefafa_t');
$code_url = $o->getAuthorizeURL("http://we.fafatime.com/api/weibo/callback?_wefafa_t=" . $login_type);
$keys = array();
$keys['code'] = $request->get('code');
$keys['redirect_uri'] = "http://we.fafatime.com";
try {
$token = $o->getAccessToken('code', $keys);
$c = new SaeTClientV2(Utils::$WB_AKEY, Utils::$WB_SKEY, $token["access_token"]);
$info = $c->show_user_by_id($token["uid"]);
if (!empty($info["error"])) {
$this->get("logger")->err(json_encode($info));
}
$province = Utils::do_post_request("http://api.t.sina.com.cn/provinces.json", "");
//查询当前用户的已获取粉丝列表
//$mgr = new SinaWeiboMgr($this->get('we_data_access'),$token["uid"],$token["access_token"]);
//$myfans = $mgr->getlist();
//$wangbin_fans = $c->followers_by_id("2793358674");
$accountbind = new \Justsy\BaseBundle\Management\StaffAccountBind($this->get('we_data_access'), null, $this->get('logger'));
$bind = $accountbind->GetBind_By_Uid($login_type, $token["uid"], empty($info["error"]) ? $info : null);
//判断是否绑定帐号,没有则跳转到绑定页面,已绑定则获取对应wefafa帐号自动登录
$_SESSION["uid"] = $token["uid"];
//$_SESSION["weibo_account"]= $info["uid"];
$_SESSION["token"] = $token["access_token"];
return $this->render('JustsyBaseBundle:Login:weibo_auth.html.twig', array('code' => $keys['code'], 'token' => $token["access_token"], "uid" => $token["uid"], "info" => $info, "code_url" => $code_url, "province" => $province, "isbind" => empty($bind) ? "0" : "1", "error" => empty($info["error"]) ? "" : "帐号异常,无法调用微博API!", "error_msg" => empty($info["error"]) ? "" : $info["error"]));
} catch (\Exception $e) {
$this->get("logger")->err($e);
}
return $this->render('JustsyBaseBundle:Login:default.html.twig', array('code_url' => $code_url));
}
public static function registerToPlatform($container, $type, $uid, $openid, $nickName)
{
$defaultPostURl = "http://10.100.20.27/CallCenter/ESB_InvokeService.ashx";
$cacheobj = new Enterprise(null, $container->get("logger"), $container);
//
$authConfig = $cacheobj->getUserAuth();
$httpUrlConfig = $authConfig["ssoauthurl"];
if (empty($httpUrlConfig)) {
$httpUrlConfig = $defaultPostURl;
$eno = "100001";
} else {
$ldapConfgiObject = json_decode($httpUrlConfig, true);
$eno = $ldapConfgiObject["ENO"];
$httpUrlConfig = $ldapConfgiObject["URL"];
}
try {
$data = array();
$data["providerLoginKey"] = $uid;
$data["loginProviderName"] = $type;
$data["nickName"] = $nickName;
$data["openid"] = $openid;
$data["isNeedSyn"] = false;
$para = "ServiceName=WXSC_Account&MethodName=POST:JSON:loginWithRegisterExternal&Message=" . json_encode($data) . "&Version=1";
$container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para);
$postresult = Utils::do_post_request($httpUrlConfig, $para);
$container->get("logger")->err("SOA Result:" . $postresult);
$resultObject = json_decode($postresult, true);
return $resultObject;
} catch (\Exception $e) {
$container->get("logger")->err("SOA ERROR:" . $e);
}
}
public static function rest($controller, $user, $re, $parameters, $need_params)
{
$api_parameter = "";
$appid = $parameters["appid"];
$openid = $user->openid;
$cacheKey = md5($appid . $openid);
$data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $controller);
if ($data == null) {
throw new \Exception("token 已过期,请重新获取");
}
if (isset($data["expires_in"]) && (int) $data["expires_in"] < time()) {
throw new \Exception("token 已过期,请重新获取");
}
$access_token = json_decode($data, true);
$str_para = array();
if (!empty($parameters)) {
//将参数数组转化为字符串
if (is_array($parameters) && !empty($need_params)) {
for ($i = 0; $i < count($need_params); $i++) {
$pname = $need_params[$i]["paramname"];
if (!empty($access_token) && isset($access_token[$pname])) {
//先从授权结果中匹配
$val = $access_token[$key];
} else {
$val = isset($parameters[$pname]) ? $parameters[$pname] : $need_params[$i]["paramvalue"];
}
$str_para[$pname] = $val;
}
}
}
$restUrl = $re["inf_url"];
if (strpos($restUrl, "?") === false) {
$restUrl = $restUrl . "?" . http_build_query($str_para);
} else {
$restUrl = $restUrl . "&" . http_build_query($str_para);
}
$controller->get("logger")->err("===============restUrl:" . $restUrl);
$re = Utils::do_post_request($restUrl, null, null);
return $re;
}
public function createUser($container, $attributes)
{
$createUserRest = $container->getParameter('staff_sync_url');
$defaultPostURl = "https://sso.avicmall.com:8443";
$appcodeConfig = "fafa-app";
$appkeyConfig = "DKGHwqJ5H91noPYNYm9b8EUPQSY";
$cacheobj = new Enterprise(null, $container->get("logger"), $container);
//
$authConfig = $cacheobj->getUserAuth();
$httpUrlConfig = $authConfig["ssoauthurl"];
if (empty($httpUrlConfig)) {
$httpUrlConfig = $defaultPostURl;
$eno = "100001";
} else {
$ldapConfgiObject = json_decode($httpUrlConfig, true);
$eno = $ldapConfgiObject["ENO"];
$httpUrlConfig = $ldapConfgiObject["URL"];
$appcodeConfig = $ldapConfgiObject["AppCode"];
$appkeyConfig = $ldapConfgiObject["AppKey"];
}
$reqHeader = SsoAvicAuth::getHeaders($appcodeConfig, $appkeyConfig);
$data = array();
$data["name"] = "";
$data["attributes"] = array(array("name" => "mobile", "value" => $attributes["mobile"]), array("name" => "smart-securemobile", "value" => $attributes["mobile"]), array("name" => "userpassword", "value" => $attributes["password"]), array("name" => "smart-type", "value" => "2"), array("name" => "cn", "value" => $attributes["nick_name"]));
$para = json_encode($data);
$container->get("logger")->err("SOA URL:" . $createUserRest . "?" . $para);
$postresult = Utils::do_post_request($createUserRest, $para, $reqHeader, $container->get("logger"));
$container->get("logger")->err("SOA Result:" . $postresult);
$resultObject = json_decode($postresult, true);
if (!$resultObject["status"] || $resultObject["status"] == "false") {
throw new \Exception($resultObject["message"]);
}
$resultObject["ldap_uid"] = $resultObject["key"];
$resultObject["deptid"] = "100054";
//默认部门
return $resultObject;
}
public function tencentexmailloginAction()
{
$request = $this->getRequest();
$param = $request->get("params");
if (empty($param)) {
$param = array();
} else {
if (is_string($param)) {
$param = json_decode($param, true);
}
}
if (!isset($param["appid"])) {
$param["appid"] = $request->get("appid");
}
$openid = $request->get("openid");
$staffObj = new \Justsy\BaseBundle\Management\Staff($this->get('we_data_access'), $this->get('we_data_access_im'), $openid, $this->get("logger"));
$user = $staffObj->getSessionUser();
$appid = $param["appid"];
//$openid = $user->openid;
//$ldap_uid = $user->ldap_uid;
//判断是否绑定
$app = new \Justsy\BaseBundle\Management\App($this->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$agent = $appdata["clientid"];
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
//$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $this->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "OAuth2"));
}
$ldap_uid = $bindinfo["bind_uid"];
$cacheKey = md5($appid . $openid);
$data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->container);
if (empty($data)) {
$this->get("logger")->err("{$appid}.{$openid}");
$resp = new Response("太长时间未操作,请重新进入应用");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$data = json_decode($data, true);
$acctoken = $data["access_token"];
//$this->get("logger")->err($acctoken);
//获取authkey
$url = "http://openapi.exmail.qq.com:12211/openapi/mail/authkey";
$authkey = Utils::do_post_request($url, "alias=" . $ldap_uid . "&access_token=" . $acctoken);
//$this->get("logger")->err($url."?"."alias=".$ldap_uid."&access_token=".$acctoken);
//$this->get("logger")->err($authkey);
if (empty($authkey)) {
$resp = new Response("腾讯企业邮箱登录失败");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = json_decode($authkey, true);
if (!isset($authkey["auth_key"])) {
if ($authkey["error"] == "invalid_token") {
Cache_Enterprise::delete(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->container);
$resp = new Response("腾讯企业邮箱登录失败:<br>token无效或已经过期,请稍后重试!");
} else {
$resp = new Response("腾讯企业邮箱登录失败:<br>" . json_encode($authkey));
}
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = $authkey["auth_key"];
$login_url = "https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=" . $agent . "&user="******"&ticket=" . $authkey;
//$this->get("logger")->err($login_url);
return Utils::http_redirect($login_url);
}
