Ejemplo n.º 1
0
 public function dispatchAction($container, $user, $pass, $comefrom = "00", $datascope = "", $portalversion = "")
 {
     $request = $container->get("request");
     $clientdatetime = $request->get("clientdatetime");
     $appid = $request->get("appid");
     //判断是否集成登录,是则同时返回OAuth2的code,用于客户端获取token
     $db = $this->get("we_data_access");
     $db_im = $this->get("we_data_access_im");
     try {
         //获取当前企业的认证方式:默认认证、ldap认证、ad认证、统一接口认证
         $authobj = new Enterprise($db, $this->get("logger"), $container->container);
         //
         if ($comefrom == "03") {
             $classname = "DefaultAuth";
             //业务代理登录默认采用wefafa认证
         } else {
             $authConfig = $authobj->getUserAuth();
             $classname = $authConfig["ssoauthmodule"];
             if (empty($classname) || $classname == "null") {
                 $re = array("msg" => "invalid ssoauthmodule");
                 $re["returncode"] = ReturnCode::$SYSERROR;
                 return $re;
             }
         }
         $classname = "\\Justsy\\InterfaceBundle\\SsoAuth\\Sso" . $classname;
         $re = call_user_func(array($classname, 'userAuthAction'), $container->container, $request, $db, $db_im, $user, $pass, $comefrom);
         if ($re["returncode"] == ReturnCode::$SUCCESS) {
             if (!empty($appid)) {
                 $appMgr = new \Justsy\BaseBundle\Management\App($container->container);
                 $appinfo = $appMgr->getappinfo(array('appid' => $appid));
                 if (empty($appinfo)) {
                     $re = array("msg" => "无效的应用标识号");
                     $re["returncode"] = ReturnCode::$SYSERROR;
                     return $re;
                 }
                 $appkey = $appinfo['appkey'];
                 $code = strtolower(MD5($appid . $appkey));
                 $re['auth2_code'] = $code;
             }
             $this->getLoginAppendData($re, $re["login_account"], $portalversion, $comefrom, $db, $db_im, $clientdatetime);
             if (!empty($re["info"])) {
                 $einfo = $authobj->getInfo($re["info"]["eno"]);
                 if (!empty($einfo)) {
                     $re["info"]["ename"] = $einfo["ename"];
                     $re["info"]["circle_id"] = $einfo["circle_id"];
                     $re["info"]["circle_name"] = $einfo["circle_name"];
                 }
             }
             $this->setLoginDate($re["openid"], $db);
         }
         return $re;
     } catch (\Exception $e) {
         $this->get("logger")->err($e);
         $re = array("msg" => "invalid ssoauthmodule");
         $re["returncode"] = ReturnCode::$SYSERROR;
         return $re;
     }
 }
Ejemplo n.º 2
0
 public function e($parameters)
 {
     if (count($parameters) == 0) {
         return Utils::WrapResultError("无效的eno参数");
     }
     $eno = $parameters[0];
     if (empty($eno)) {
         return Utils::WrapResultError("无效的eno参数");
     }
     $staffMgr = new Enterprise($this->conn, $this->logger, $this->container);
     $staffdata = $staffMgr->getInfo($eno);
     if (empty($staffdata)) {
         return Utils::WrapResultError("未查找到企业信息");
     }
     return Utils::WrapResultOK($staffdata);
 }
Ejemplo n.º 3
0
 public static function userAuthAction($container, $request, $dbcon, $con_im, $login_account, $password, $comefrom)
 {
     $defaultPostURl = "http://10.100.20.27/CallCenter/ESB_InvokeService.ashx";
     $cacheobj = new Enterprise($dbcon, $container->get("logger"), $container);
     //
     $authConfig = $cacheobj->getUserAuth();
     $httpUrlConfig = $authConfig["ssoauthurl"];
     if (empty($httpUrlConfig)) {
         $httpUrlConfig = $defaultPostURl;
         $eno = "100001";
     } else {
         $ldapConfgiObject = json_decode($httpUrlConfig, true);
         $eno = $ldapConfgiObject["ENO"];
         $httpUrlConfig = $ldapConfgiObject["URL"];
     }
     try {
         $data = array();
         $data["loginName"] = $login_account;
         $data["password"] = $password;
         $data["isNeedSyn"] = false;
         $para = "ServiceName=WXSC_Account&MethodName=POST:JSON:UserAuthentication&Message=" . json_encode($data) . "&Version=1";
         $container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para);
         $postresult = Utils::do_post_request($httpUrlConfig, $para);
         $container->get("logger")->err("SOA Result:" . $postresult);
         $resultObject = json_decode($postresult, true);
         if (!empty($resultObject["errcode"]) || $resultObject["isSuccess"] === false) {
             $re["returncode"] = ReturnCode::$ERROFUSERORPWD;
             return $re;
         }
         $mbuser = $resultObject["results"];
         $fafa_account = strtolower($login_account . "@fafatime.com");
         if (count($mbuser) > 0) {
             $mbuser = $mbuser[0];
             $nickName = isset($mbuser["nickName"]) ? $mbuser["nickName"] : $mbuser["phoneNumber"];
             $staff = new Staff($dbcon, $con_im, $fafa_account);
             $staffinfo = $staff->getInfo();
             if (empty($staffinfo)) {
                 //新用户:注册 激活
                 $enInfo = $cacheobj->getInfo($eno);
                 $active = new \Justsy\BaseBundle\Controller\ActiveController();
                 $active->setContainer($container);
                 $uid = strtolower($mbuser["id"]);
                 $active->doSave(array('account' => $fafa_account, 'realName' => $nickName, 'passWord' => $password, 'eno' => $eno, 'ename' => $enInfo["ename"], 'isNew' => '0', 'mailtype' => "1", 'isSendMessage' => "N", 'import' => '1'));
                 $sex_id = "1";
                 $duty = isset($mbuser["userRoles"]) ? $mbuser["userRoles"] : "";
                 $ldap_uid = isset($mbuse["id"]) ? $mbuser["id"] : "";
                 $tmp = "";
                 if (!empty($duty) && count($duty) > 0) {
                     for ($i = 0; $i < count($duty); $i++) {
                         $tmp = $duty[$i]["roleName"];
                         if ($tmp == "Designer") {
                             break;
                         }
                     }
                 }
                 if ($tmp == "Designer") {
                     $duty = "造型师";
                 } else {
                     $duty = "";
                 }
                 $sql = "update we_staff set ldap_uid=?,sex_id=?,duty=? where login_account=?";
                 $params = array($uid, (string) $sex_id, $duty, $fafa_account);
                 $dbcon->ExecSQL($sql, $params);
                 if (!empty($mbuser["phoneNumber"])) {
                     $staff->checkAndUpdate(null, $mbuser["phoneNumber"], null, null);
                 }
             } else {
                 $duty = isset($mbuser["userRoles"]) ? $mbuser["userRoles"] : "";
                 $ldap_uid = isset($mbuser["id"]) ? $mbuser["id"] : "";
                 $tmp = "";
                 if (!empty($duty) && count($duty) > 0) {
                     for ($i = 0; $i < count($duty); $i++) {
                         $tmp = $duty[$i]["roleName"];
                         if ($tmp == "Designer") {
                             break;
                         }
                     }
                 }
                 if ($tmp == "Designer") {
                     $duty = "造型师";
                 } else {
                     $duty = "";
                 }
                 //更新信息
                 $staff->checkAndUpdate($nickName, $mbuser["phoneNumber"], null, $duty, $ldap_uid);
             }
             //头像
             $headUrl = $mbuser["headPortrait"];
         }
         $Obj = new \Justsy\BaseBundle\Login\UserProvider($container);
         $user = $Obj->loadUserByUsername($fafa_account, $comefrom);
         //�Ǽ�seesion
         $token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
         $container->get("security.context")->setToken($token);
         $session = $request->getSession()->set('_security_' . 'secured_area', serialize($token));
         $event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token);
         $container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
         $re["returncode"] = ReturnCode::$SUCCESS;
         $re["openid"] = $user->openid;
         $re["login_account"] = $fafa_account;
         $re["ldap_uid"] = $user->ldap_uid;
         $re["jid"] = $user->fafa_jid;
         //为了避免用户修改密码后只刷新了所在服务器,im密码实时获取
         $sql = "select password from users where username=?";
         $iminfo = $con_im->GetData("im", $sql, array((string) $user->fafa_jid));
         $re["des"] = count($iminfo["im"]["rows"]) > 0 ? $iminfo["im"]["rows"][0]["password"] : "";
     } catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) {
         $re["returncode"] = ReturnCode::$ERROFUSERORPWD;
     } catch (\Exception $e) {
         $re["returncode"] = ReturnCode::$SYSERROR;
     }
     return $re;
 }
Ejemplo n.º 4
0
 public function swtichEno($neweno, $circleId = null)
 {
     $staffinfo = $this->getInfo();
     $enObj = new Enterprise($this->conn, $this->logger, $this->container);
     if (empty($circleId)) {
         //新的企业圈子id
         $endata = $enObj->getInfo($neweno);
         $circleId = $endata["circle_id"];
     }
     $deptinfo = new \Justsy\BaseBundle\Management\Dept($this->conn, $this->conn_im);
     $deptid = $deptinfo->getDefaultDept($neweno);
     $fafa_deptid = $deptid["fafa_deptid"];
     $deptid = $deptid["deptid"];
     $endata = $enObj->getInfo($staffinfo["eno"]);
     $sqls = array();
     $paras = array();
     $sqls[] = "update we_staff set eno=?,dept_id=? where login_account=?";
     $paras[] = array((string) $neweno, (string) $deptid, (string) $this->account);
     if ($staffinfo["eno"] == Utils::$PUBLIC_ENO) {
         $sqls[] = "insert into we_circle_staff(circle_id,login_account,nick_name)values(?,?,?)";
         $paras[] = array((string) $circleId, (string) $this->account, (string) $staffinfo["nick_name"]);
     } else {
         $oldendata = $enObj->getInfo($staffinfo["eno"]);
         $sqls[] = "update we_circle_staff set circle_id=? where login_account=? and circle_id=?";
         $paras[] = array((string) $circleId, (string) $this->account, (string) $oldendata["circle_id"]);
     }
     $sqls[] = "update we_function_onoff set eno=? where login_account=?";
     $paras[] = array((string) $neweno, (string) $this->account);
     $this->conn->ExecSQLs($sqls, $paras);
     //更新为新企业根部门
     $this->conn_im->ExecSQL("update im_employee set deptid=? where loginname=?", array((string) $fafa_deptid, (string) $staffinfo["fafa_jid"]));
     $this->conn_im->ExecSQL("call dept_emp_stat(?)", array((string) $staffinfo["fafa_jid"]));
     return true;
 }
Ejemplo n.º 5
0
 public static function tokenValidate($container, $token)
 {
     $request = $container->get("request");
     $dbcon = $container->get("we_data_access");
     $con_im = $container->get("we_data_access_im");
     $rest = "/rest/validate";
     $defaultPostURl = "https://sso.avicmall.com:8443";
     $appcodeConfig = "fafa-app";
     $appkeyConfig = "DKGHwqJ5H91noPYNYm9b8EUPQSY";
     $cacheobj = new Enterprise($dbcon, $container->get("logger"), $container);
     //
     $authConfig = $cacheobj->getUserAuth();
     $httpUrlConfig = $authConfig["ssoauthurl"];
     if (empty($httpUrlConfig)) {
         $httpUrlConfig = $defaultPostURl;
         $eno = "100001";
     } else {
         $ldapConfgiObject = json_decode($httpUrlConfig, true);
         $eno = $ldapConfgiObject["ENO"];
         $httpUrlConfig = $ldapConfgiObject["URL"];
         $appcodeConfig = $ldapConfgiObject["AppCode"];
         $appkeyConfig = $ldapConfgiObject["AppKey"];
     }
     $httpUrlConfig = $httpUrlConfig . $rest;
     try {
         $reqHeader = SsoAvicAuth::getHeaders($appcodeConfig, $appkeyConfig);
         $para = array("ticketName" => "SIAMTGT", "ticketValue" => $token);
         //$container->get("logger")->err("SOA URL:".$httpUrlConfig." Body:".json_encode($para));
         $postresult = Utils::do_post_request($httpUrlConfig, json_encode($para), $reqHeader, $container->get("logger"));
         //$container->get("logger")->err("SOA Result:".$postresult);
         $resultObject = json_decode($postresult, true);
         if (!isset($resultObject["status"])) {
             $re["returncode"] = ReturnCode::$ERROFUSERORPWD;
             $re["msg"] = "服务器异常";
             return $re;
         }
         if (!$resultObject["status"] || $resultObject["status"] == "false") {
             $re["returncode"] = ReturnCode::$ERROFUSERORPWD;
             $re["msg"] = $resultObject["message"];
             return $re;
         }
         $usertoken = $resultObject["ticketEntry"]["ticketValue"];
         $user = $resultObject["user"];
         //用户信息
         $nickName = $user["cn"];
         //获取姓名
         $phoneNumber = $user["smart-securemobile"];
         //获取手机号
         $login_account = $user["uid"];
         $eninfo = $cacheobj->getInfo($eno);
         $domain = $eninfo["edomain"];
         $domain = strpos($domain, ".") === false ? "fafatime.com" : $domain;
         $fafa_account = strtolower($login_account . "@" . $domain);
         $staff = new Staff($dbcon, $con_im, $fafa_account);
         $staffinfo = $staff->getInfo();
         if (empty($staffinfo)) {
             $password = rand(100000, 999999);
             //新用户:注册 激活
             $enInfo = $cacheobj->getInfo($eno);
             $active = new \Justsy\BaseBundle\Controller\ActiveController();
             $active->setContainer($container);
             $uid = strtolower($login_account);
             $active->doSave(array('account' => $fafa_account, 'realName' => $nickName, 'passWord' => $password, 'eno' => $eno, 'ename' => $enInfo["ename"], 'isNew' => '0', 'mailtype' => "1", 'deptid' => "100054", 'isSendMessage' => "N", 'import' => '1'));
             $sql = "update we_staff set ldap_uid=?,mobile=?,mobile_bind=? where login_account=?";
             $params = array((string) $uid, (string) $phoneNumber, (string) $phoneNumber, (string) $fafa_account);
             $dbcon->ExecSQL($sql, $params);
         } else {
             $ldap_uid = $login_account;
             //更新信息
             if ($nickName == $staffinfo["nick_name"]) {
                 $nickName = null;
             }
             if ($phoneNumber == $staffinfo["mobile"]) {
                 $phoneNumber = null;
             }
             if (!empty($nickName) || !empty($phoneNumber)) {
                 try {
                     $staff->checkAndUpdate($nickName, $phoneNumber, null, null, $ldap_uid);
                 } catch (\Exception $e) {
                     $container->get("logger")->err($e->getMessage());
                 }
             }
         }
         $Obj = new \Justsy\BaseBundle\Login\UserProvider($container);
         $user = $Obj->loadUserByUsername($fafa_account, $comefrom);
         //�Ǽ�seesion
         $token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
         $container->get("security.context")->setToken($token);
         $session = $request->getSession()->set('_security_' . 'secured_area', serialize($token));
         $event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token);
         $container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
         $re["returncode"] = ReturnCode::$SUCCESS;
         $re["openid"] = $user->openid;
         $re["login_account"] = $fafa_account;
         $re["ldap_uid"] = $user->ldap_uid;
         $re["jid"] = $user->fafa_jid;
         $re["token"] = $usertoken;
         //用户凭据
         //为了避免用户修改密码后只刷新了所在服务器,im密码实时获取
         $sql = "select password from users where username=?";
         $iminfo = $con_im->GetData("im", $sql, array((string) $user->fafa_jid));
         $re["des"] = count($iminfo["im"]["rows"]) > 0 ? $iminfo["im"]["rows"][0]["password"] : "";
     } catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) {
         $re["returncode"] = ReturnCode::$ERROFUSERORPWD;
     } catch (\Exception $e) {
         $re["msg"] = $e->getMessage();
         $re["returncode"] = ReturnCode::$SYSERROR;
     }
     return $re;
 }