public function dispatchAction($container, $user, $pass, $comefrom = "00", $datascope = "", $portalversion = "")
{
$request = $container->get("request");
$clientdatetime = $request->get("clientdatetime");
$appid = $request->get("appid");
//判断是否集成登录,是则同时返回OAuth2的code,用于客户端获取token
$db = $this->get("we_data_access");
$db_im = $this->get("we_data_access_im");
try {
//获取当前企业的认证方式:默认认证、ldap认证、ad认证、统一接口认证
$authobj = new Enterprise($db, $this->get("logger"), $container->container);
//
if ($comefrom == "03") {
$classname = "DefaultAuth";
//业务代理登录默认采用wefafa认证
} else {
$authConfig = $authobj->getUserAuth();
$classname = $authConfig["ssoauthmodule"];
if (empty($classname) || $classname == "null") {
$re = array("msg" => "invalid ssoauthmodule");
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
}
$classname = "\\Justsy\\InterfaceBundle\\SsoAuth\\Sso" . $classname;
$re = call_user_func(array($classname, 'userAuthAction'), $container->container, $request, $db, $db_im, $user, $pass, $comefrom);
if ($re["returncode"] == ReturnCode::$SUCCESS) {
if (!empty($appid)) {
$appMgr = new \Justsy\BaseBundle\Management\App($container->container);
$appinfo = $appMgr->getappinfo(array('appid' => $appid));
if (empty($appinfo)) {
$re = array("msg" => "无效的应用标识号");
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
$appkey = $appinfo['appkey'];
$code = strtolower(MD5($appid . $appkey));
$re['auth2_code'] = $code;
}
$this->getLoginAppendData($re, $re["login_account"], $portalversion, $comefrom, $db, $db_im, $clientdatetime);
if (!empty($re["info"])) {
$einfo = $authobj->getInfo($re["info"]["eno"]);
if (!empty($einfo)) {
$re["info"]["ename"] = $einfo["ename"];
$re["info"]["circle_id"] = $einfo["circle_id"];
$re["info"]["circle_name"] = $einfo["circle_name"];
}
}
$this->setLoginDate($re["openid"], $db);
}
return $re;
} catch (\Exception $e) {
$this->get("logger")->err($e);
$re = array("msg" => "invalid ssoauthmodule");
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
}
public function e($parameters)
{
if (count($parameters) == 0) {
return Utils::WrapResultError("无效的eno参数");
}
$eno = $parameters[0];
if (empty($eno)) {
return Utils::WrapResultError("无效的eno参数");
}
$staffMgr = new Enterprise($this->conn, $this->logger, $this->container);
$staffdata = $staffMgr->getInfo($eno);
if (empty($staffdata)) {
return Utils::WrapResultError("未查找到企业信息");
}
return Utils::WrapResultOK($staffdata);
}
public static function userAuthAction($container, $request, $dbcon, $con_im, $login_account, $password, $comefrom)
{
$defaultPostURl = "http://10.100.20.27/CallCenter/ESB_InvokeService.ashx";
$cacheobj = new Enterprise($dbcon, $container->get("logger"), $container);
//
$authConfig = $cacheobj->getUserAuth();
$httpUrlConfig = $authConfig["ssoauthurl"];
if (empty($httpUrlConfig)) {
$httpUrlConfig = $defaultPostURl;
$eno = "100001";
} else {
$ldapConfgiObject = json_decode($httpUrlConfig, true);
$eno = $ldapConfgiObject["ENO"];
$httpUrlConfig = $ldapConfgiObject["URL"];
}
try {
$data = array();
$data["loginName"] = $login_account;
$data["password"] = $password;
$data["isNeedSyn"] = false;
$para = "ServiceName=WXSC_Account&MethodName=POST:JSON:UserAuthentication&Message=" . json_encode($data) . "&Version=1";
$container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para);
$postresult = Utils::do_post_request($httpUrlConfig, $para);
$container->get("logger")->err("SOA Result:" . $postresult);
$resultObject = json_decode($postresult, true);
if (!empty($resultObject["errcode"]) || $resultObject["isSuccess"] === false) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
return $re;
}
$mbuser = $resultObject["results"];
$fafa_account = strtolower($login_account . "@fafatime.com");
if (count($mbuser) > 0) {
$mbuser = $mbuser[0];
$nickName = isset($mbuser["nickName"]) ? $mbuser["nickName"] : $mbuser["phoneNumber"];
$staff = new Staff($dbcon, $con_im, $fafa_account);
$staffinfo = $staff->getInfo();
if (empty($staffinfo)) {
//新用户:注册 激活
$enInfo = $cacheobj->getInfo($eno);
$active = new \Justsy\BaseBundle\Controller\ActiveController();
$active->setContainer($container);
$uid = strtolower($mbuser["id"]);
$active->doSave(array('account' => $fafa_account, 'realName' => $nickName, 'passWord' => $password, 'eno' => $eno, 'ename' => $enInfo["ename"], 'isNew' => '0', 'mailtype' => "1", 'isSendMessage' => "N", 'import' => '1'));
$sex_id = "1";
$duty = isset($mbuser["userRoles"]) ? $mbuser["userRoles"] : "";
$ldap_uid = isset($mbuse["id"]) ? $mbuser["id"] : "";
$tmp = "";
if (!empty($duty) && count($duty) > 0) {
for ($i = 0; $i < count($duty); $i++) {
$tmp = $duty[$i]["roleName"];
if ($tmp == "Designer") {
break;
}
}
}
if ($tmp == "Designer") {
$duty = "造型师";
} else {
$duty = "";
}
$sql = "update we_staff set ldap_uid=?,sex_id=?,duty=? where login_account=?";
$params = array($uid, (string) $sex_id, $duty, $fafa_account);
$dbcon->ExecSQL($sql, $params);
if (!empty($mbuser["phoneNumber"])) {
$staff->checkAndUpdate(null, $mbuser["phoneNumber"], null, null);
}
} else {
$duty = isset($mbuser["userRoles"]) ? $mbuser["userRoles"] : "";
$ldap_uid = isset($mbuser["id"]) ? $mbuser["id"] : "";
$tmp = "";
if (!empty($duty) && count($duty) > 0) {
for ($i = 0; $i < count($duty); $i++) {
$tmp = $duty[$i]["roleName"];
if ($tmp == "Designer") {
break;
}
}
}
if ($tmp == "Designer") {
$duty = "造型师";
} else {
$duty = "";
}
//更新信息
$staff->checkAndUpdate($nickName, $mbuser["phoneNumber"], null, $duty, $ldap_uid);
}
//头像
$headUrl = $mbuser["headPortrait"];
}
$Obj = new \Justsy\BaseBundle\Login\UserProvider($container);
$user = $Obj->loadUserByUsername($fafa_account, $comefrom);
//�Ǽ�seesion
$token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$container->get("security.context")->setToken($token);
$session = $request->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token);
$container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$re["returncode"] = ReturnCode::$SUCCESS;
$re["openid"] = $user->openid;
$re["login_account"] = $fafa_account;
$re["ldap_uid"] = $user->ldap_uid;
$re["jid"] = $user->fafa_jid;
//为了避免用户修改密码后只刷新了所在服务器,im密码实时获取
$sql = "select password from users where username=?";
$iminfo = $con_im->GetData("im", $sql, array((string) $user->fafa_jid));
$re["des"] = count($iminfo["im"]["rows"]) > 0 ? $iminfo["im"]["rows"][0]["password"] : "";
} catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
} catch (\Exception $e) {
$re["returncode"] = ReturnCode::$SYSERROR;
}
return $re;
}
public function swtichEno($neweno, $circleId = null)
{
$staffinfo = $this->getInfo();
$enObj = new Enterprise($this->conn, $this->logger, $this->container);
if (empty($circleId)) {
//新的企业圈子id
$endata = $enObj->getInfo($neweno);
$circleId = $endata["circle_id"];
}
$deptinfo = new \Justsy\BaseBundle\Management\Dept($this->conn, $this->conn_im);
$deptid = $deptinfo->getDefaultDept($neweno);
$fafa_deptid = $deptid["fafa_deptid"];
$deptid = $deptid["deptid"];
$endata = $enObj->getInfo($staffinfo["eno"]);
$sqls = array();
$paras = array();
$sqls[] = "update we_staff set eno=?,dept_id=? where login_account=?";
$paras[] = array((string) $neweno, (string) $deptid, (string) $this->account);
if ($staffinfo["eno"] == Utils::$PUBLIC_ENO) {
$sqls[] = "insert into we_circle_staff(circle_id,login_account,nick_name)values(?,?,?)";
$paras[] = array((string) $circleId, (string) $this->account, (string) $staffinfo["nick_name"]);
} else {
$oldendata = $enObj->getInfo($staffinfo["eno"]);
$sqls[] = "update we_circle_staff set circle_id=? where login_account=? and circle_id=?";
$paras[] = array((string) $circleId, (string) $this->account, (string) $oldendata["circle_id"]);
}
$sqls[] = "update we_function_onoff set eno=? where login_account=?";
$paras[] = array((string) $neweno, (string) $this->account);
$this->conn->ExecSQLs($sqls, $paras);
//更新为新企业根部门
$this->conn_im->ExecSQL("update im_employee set deptid=? where loginname=?", array((string) $fafa_deptid, (string) $staffinfo["fafa_jid"]));
$this->conn_im->ExecSQL("call dept_emp_stat(?)", array((string) $staffinfo["fafa_jid"]));
return true;
}
public static function tokenValidate($container, $token)
{
$request = $container->get("request");
$dbcon = $container->get("we_data_access");
$con_im = $container->get("we_data_access_im");
$rest = "/rest/validate";
$defaultPostURl = "https://sso.avicmall.com:8443";
$appcodeConfig = "fafa-app";
$appkeyConfig = "DKGHwqJ5H91noPYNYm9b8EUPQSY";
$cacheobj = new Enterprise($dbcon, $container->get("logger"), $container);
//
$authConfig = $cacheobj->getUserAuth();
$httpUrlConfig = $authConfig["ssoauthurl"];
if (empty($httpUrlConfig)) {
$httpUrlConfig = $defaultPostURl;
$eno = "100001";
} else {
$ldapConfgiObject = json_decode($httpUrlConfig, true);
$eno = $ldapConfgiObject["ENO"];
$httpUrlConfig = $ldapConfgiObject["URL"];
$appcodeConfig = $ldapConfgiObject["AppCode"];
$appkeyConfig = $ldapConfgiObject["AppKey"];
}
$httpUrlConfig = $httpUrlConfig . $rest;
try {
$reqHeader = SsoAvicAuth::getHeaders($appcodeConfig, $appkeyConfig);
$para = array("ticketName" => "SIAMTGT", "ticketValue" => $token);
//$container->get("logger")->err("SOA URL:".$httpUrlConfig." Body:".json_encode($para));
$postresult = Utils::do_post_request($httpUrlConfig, json_encode($para), $reqHeader, $container->get("logger"));
//$container->get("logger")->err("SOA Result:".$postresult);
$resultObject = json_decode($postresult, true);
if (!isset($resultObject["status"])) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
$re["msg"] = "服务器异常";
return $re;
}
if (!$resultObject["status"] || $resultObject["status"] == "false") {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
$re["msg"] = $resultObject["message"];
return $re;
}
$usertoken = $resultObject["ticketEntry"]["ticketValue"];
$user = $resultObject["user"];
//用户信息
$nickName = $user["cn"];
//获取姓名
$phoneNumber = $user["smart-securemobile"];
//获取手机号
$login_account = $user["uid"];
$eninfo = $cacheobj->getInfo($eno);
$domain = $eninfo["edomain"];
$domain = strpos($domain, ".") === false ? "fafatime.com" : $domain;
$fafa_account = strtolower($login_account . "@" . $domain);
$staff = new Staff($dbcon, $con_im, $fafa_account);
$staffinfo = $staff->getInfo();
if (empty($staffinfo)) {
$password = rand(100000, 999999);
//新用户:注册 激活
$enInfo = $cacheobj->getInfo($eno);
$active = new \Justsy\BaseBundle\Controller\ActiveController();
$active->setContainer($container);
$uid = strtolower($login_account);
$active->doSave(array('account' => $fafa_account, 'realName' => $nickName, 'passWord' => $password, 'eno' => $eno, 'ename' => $enInfo["ename"], 'isNew' => '0', 'mailtype' => "1", 'deptid' => "100054", 'isSendMessage' => "N", 'import' => '1'));
$sql = "update we_staff set ldap_uid=?,mobile=?,mobile_bind=? where login_account=?";
$params = array((string) $uid, (string) $phoneNumber, (string) $phoneNumber, (string) $fafa_account);
$dbcon->ExecSQL($sql, $params);
} else {
$ldap_uid = $login_account;
//更新信息
if ($nickName == $staffinfo["nick_name"]) {
$nickName = null;
}
if ($phoneNumber == $staffinfo["mobile"]) {
$phoneNumber = null;
}
if (!empty($nickName) || !empty($phoneNumber)) {
try {
$staff->checkAndUpdate($nickName, $phoneNumber, null, null, $ldap_uid);
} catch (\Exception $e) {
$container->get("logger")->err($e->getMessage());
}
}
}
$Obj = new \Justsy\BaseBundle\Login\UserProvider($container);
$user = $Obj->loadUserByUsername($fafa_account, $comefrom);
//�Ǽ�seesion
$token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$container->get("security.context")->setToken($token);
$session = $request->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token);
$container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$re["returncode"] = ReturnCode::$SUCCESS;
$re["openid"] = $user->openid;
$re["login_account"] = $fafa_account;
$re["ldap_uid"] = $user->ldap_uid;
$re["jid"] = $user->fafa_jid;
$re["token"] = $usertoken;
//用户凭据
//为了避免用户修改密码后只刷新了所在服务器,im密码实时获取
$sql = "select password from users where username=?";
$iminfo = $con_im->GetData("im", $sql, array((string) $user->fafa_jid));
$re["des"] = count($iminfo["im"]["rows"]) > 0 ? $iminfo["im"]["rows"][0]["password"] : "";
} catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
} catch (\Exception $e) {
$re["msg"] = $e->getMessage();
$re["returncode"] = ReturnCode::$SYSERROR;
}
return $re;
}