public static function ssoAction($controller, $conn, $appid, $openid, $token, $encrypt)
{
//重新授权
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$agent = $appdata["clientid"];
if (empty($agent)) {
$resp = new Response("未正确配置认证信息的appkey项");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
//$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => self::$bind_type . "Controller"));
}
$ldap_uid = $bindinfo["bind_uid"];
$cacheKey = md5($appid . $openid);
$data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->containerObj);
$acctoken = $data["access_token"];
//获取authkey
$url = "http://openapi.exmail.qq.com:12211/openapi/mail/authkey";
$authkey = Utils::do_post_request($url, "alias=" . $ldap_uid . "&access_token=" . $acctoken);
if (empty($authkey)) {
$resp = new Response("腾讯企业邮箱登录失败");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = json_decode($authkey, true);
if (!isset($authkey)) {
$resp = new Response("腾讯企业邮箱登录失败:<br>" . json_encode($authkey));
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = $authkey["auth_key"];
$login_url = "https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=" . $agent . "&user="******"&ticket=" . $authkey;
return Utils::http_redirect($login_url);
}
public static function ssoAction($container, $conn, $appid, $openid, $token, $encrypt)
{
$da = $conn;
$sql = "select authkey,bind_uid from we_staff_account_bind a,we_staff b where a.bind_account=b.openid and a.bind_account=? and a.bind_type=?";
$ds = $da->GetData("tb", $sql, array((string) $openid, self::$bind_type));
if (count($ds["tb"]["rows"]) > 0) {
//解析autokey
$bind_uid = $ds['tb']['rows'][0]["bind_uid"];
$sql = "select appkey from we_appcenter_apps where appid=?";
$ds = $da->GetData("t", $sql, array((string) $appid));
$appkey = $ds['t']['recordcount'] > 0 ? $ds['t']['rows'][0]['appkey'] : '';
if ($encrypt == '1') {
$bind_uid = DES::decrypt2($bind_uid, $appkey);
}
$EmployeeNO = $bind_uid;
$login_url = self::$login_url;
$params = array("Channel" => "", "AccessUserID" => self::$AccessUK, "AccessPassword" => self::$AccessPK, "token" => $token, "EmployeeID" => $EmployeeNO, "AppID" => self::$AccessAppid, "InitPage" => "Home");
return array("login_url" => $login_url, "params" => $params);
//Utils::do_post_request(self::$login_url,"Channel=&AccessUserID=".self::$AccessUK."&AccessPassword="******"&token=".$token."&EmployeeID=".$EmployeeNO."&AppID=".self::$AccessAppid."&InitPage=Home");
}
$page = self::$xc_homepage;
return Utils::http_redirect($page);
}
public static function ssoAction($container, $con, $appid, $openid, $token, $encrypt)
{
$da = $con;
//$result = Utils::do_post_request("http://www.wefafa.com", array());
$sql = "select appkey from we_appcenter_apps where appid=?";
$ds = $da->GetData("t", $sql, array((string) $appid));
$result = "";
if (count($ds["t"]["rows"]) == 0) {
$result = "invalid appid";
} else {
$appkey = $ds["t"]["rows"][0]["appkey"];
$sql = "select a.authkey,b.login_account from we_staff_account_bind a,we_staff b where a.bind_account=b.openid and a.bind_account=? and a.appid=?";
$ds = $da->GetData("t", $sql, array((string) $openid, (string) $appid));
if (count($ds["t"]["rows"]) > 0) {
$row = $ds["t"]["rows"][0];
//$authkey = $row["authkey"];
//$authkey=DES::decrypt2($authkey,$appkey);
//$parameter = "";
//自动登录
$Obj = new \Justsy\BaseBundle\Login\UserProvider($container->container);
$user = $Obj->loadUserByUsername($row["login_account"]);
$token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$container->get("security.context")->setToken($token);
$session = $container->get("request")->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($container->get("request"), $token);
$container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
//$result = Utils::do_post_request("http://we.fafatime.com", array());
$weburl = "http://we.fafatime.com";
return Utils::http_redirect($weburl);
} else {
$result = "not bind";
}
}
$resp = new Response($result);
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
public static function ssoAction($container, $conn, $appid, $openid, $token, $encrypt)
{
//判断token是否过期,没有过期且有效,直接返回
$cacheKey = md5($appid . $openid);
$data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $container);
if (!empty($data) && strpos($appid, "SSO_") === false) {
//$container->get("logger")->err(json_encode($data));
$data = json_decode($data, true);
if ($data["expires_in"] > time()) {
$result = array("returncode" => "0000", "data" => $data);
if (strpos($appid, "SYS_") !== false) {
return self::responseJsonStr(json_encode($result));
} else {
return self::responseJson(json_encode($result));
}
}
}
$isLogin = null;
$app = new \Justsy\BaseBundle\Management\App($container->container);
if (strpos($appid, "SSO_") !== false) {
$isLogin = $appid;
//新浪微博集成登录
//获取微博对应的业务系统认证配置
$syspara = new \Justsy\BaseBundle\DataAccess\SysParam($container);
$appid = $syspara->GetSysParam(strtolower($appid) . "_appid");
if (empty($appid)) {
$resp = new Response("未配置微博业务系统或参数sso_sina_appid");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$appdata = $app->getbussysteminfo(array("appid" => $appid));
$appid = $isLogin;
//把appid还原成sso集成登录标识
} else {
if (strpos($appid, "SYS_") !== false) {
//业务系统直接对接
$appdata = $app->getbussysteminfo(array("appid" => substr($appid, 4)));
} else {
$appdata = $app->getappinfo(array("appid" => $appid));
}
}
if (empty($appdata)) {
return "无效的APPID";
}
$auth_url = $appdata["authorization_url"];
if (empty($auth_url)) {
//将直接采用client_credentials方式,直接获取token
return self::tokenAction($container, $conn, $appid . "," . $openid, "", $encrypt);
}
$para_name = $appdata["redirecturl_para_name"];
if (empty($para_name)) {
$para_name = "redirect_uri";
}
$auth_url .= "?response_type=code&" . $para_name . "=" . $appdata["redirection_url"];
$para_name = $appdata["clientid_para_name"];
if (empty($para_name)) {
$para_name = "client_id";
}
$auth_url .= "&" . $para_name . "=" . $appdata["clientid"];
$auth_url .= "&state=" . $appid . "," . $openid;
$container->get("logger")->err($auth_url);
return Utils::http_redirect($auth_url);
}
public function qrcodeAction($type, $code)
{
$syspara = new \Justsy\BaseBundle\DataAccess\SysParam($this->container);
$downappUrl = $syspara->GetSysParam('app_download_page');
if (empty($downappUrl)) {
return $this->responseJson("系统配置误:app_download_page");
}
return Utils::http_redirect($downappUrl);
/*$request = $this->getRequest();
$openid = $request->get("openid");
$qrcodeMgr = new \Justsy\BaseBundle\Management\QrcodeMgr($this->container);
return $qrcodeMgr->getData($openid,$type,$code);*/
}
