public function dispatchAction($container, $user, $pass, $comefrom = "00", $datascope = "", $portalversion = "")
{
$request = $container->get("request");
$clientdatetime = $request->get("clientdatetime");
$appid = $request->get("appid");
//判断是否集成登录,是则同时返回OAuth2的code,用于客户端获取token
$db = $this->get("we_data_access");
$db_im = $this->get("we_data_access_im");
try {
//获取当前企业的认证方式:默认认证、ldap认证、ad认证、统一接口认证
$authobj = new Enterprise($db, $this->get("logger"), $container->container);
//
if ($comefrom == "03") {
$classname = "DefaultAuth";
//业务代理登录默认采用wefafa认证
} else {
$authConfig = $authobj->getUserAuth();
$classname = $authConfig["ssoauthmodule"];
if (empty($classname) || $classname == "null") {
$re = array("msg" => "invalid ssoauthmodule");
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
}
$classname = "\\Justsy\\InterfaceBundle\\SsoAuth\\Sso" . $classname;
$re = call_user_func(array($classname, 'userAuthAction'), $container->container, $request, $db, $db_im, $user, $pass, $comefrom);
if ($re["returncode"] == ReturnCode::$SUCCESS) {
if (!empty($appid)) {
$appMgr = new \Justsy\BaseBundle\Management\App($container->container);
$appinfo = $appMgr->getappinfo(array('appid' => $appid));
if (empty($appinfo)) {
$re = array("msg" => "无效的应用标识号");
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
$appkey = $appinfo['appkey'];
$code = strtolower(MD5($appid . $appkey));
$re['auth2_code'] = $code;
}
$this->getLoginAppendData($re, $re["login_account"], $portalversion, $comefrom, $db, $db_im, $clientdatetime);
if (!empty($re["info"])) {
$einfo = $authobj->getInfo($re["info"]["eno"]);
if (!empty($einfo)) {
$re["info"]["ename"] = $einfo["ename"];
$re["info"]["circle_id"] = $einfo["circle_id"];
$re["info"]["circle_name"] = $einfo["circle_name"];
}
}
$this->setLoginDate($re["openid"], $db);
}
return $re;
} catch (\Exception $e) {
$this->get("logger")->err($e);
$re = array("msg" => "invalid ssoauthmodule");
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
}
public function getEnterpriseCardAction()
{
$da = $this->get('we_data_access');
$user = $this->get('security.context')->getToken()->getUser();
$request = $this->getRequest();
$eno = $request->get('eno');
$enterprise = new Enterprise($da, $this->get('logger'), $this->container);
$row = $enterprise->getInfoByEno($user->getUserName(), $eno);
//获取关注成员
$atten = $enterprise->getAtten($eno);
//获取标签
$tag = new \Justsy\BaseBundle\Management\UserTag($da, $this->get("logger"));
$tags = $tag->getentag($eno);
return $this->render("JustsyBaseBundle:Enterprise:enterprise_card.html.twig", array('row' => $row, 'atten' => $atten, 'tag' => $tags));
}
public function e($parameters)
{
if (count($parameters) == 0) {
return Utils::WrapResultError("无效的eno参数");
}
$eno = $parameters[0];
if (empty($eno)) {
return Utils::WrapResultError("无效的eno参数");
}
$staffMgr = new Enterprise($this->conn, $this->logger, $this->container);
$staffdata = $staffMgr->getInfo($eno);
if (empty($staffdata)) {
return Utils::WrapResultError("未查找到企业信息");
}
return Utils::WrapResultOK($staffdata);
}
public static function userAuthAction($container, $request, $dbcon, $con_im, $login_account, $password, $comefrom)
{
//判断是门户登录还是独立登录
if (strlen($login_account) < 32) {
//独立登录模式
$classname = "\\Justsy\\InterfaceBundle\\SsoAuth\\SsoWefafaMd5Auth";
$re = call_user_func(array($classname, 'userAuthAction'), $container, $request, $dbcon, $con_im, $login_account, $password, $comefrom);
return $re;
}
//解密token和pass
$token = DES::decrypt_crv_fortoken($login_account, "cn.com.crv.ivv");
if ($token === false) {
$container->get("logger")->err("decrypt token error:" . $login_account);
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
$pass = DES::decrypt_crv_fortoken($password, "cn.com.crv.ivv");
if ($pass === false) {
$container->get("logger")->err("decrypt password error:" . $password);
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
$defaultPostURl = "http://cremobile.crc.com.cn:9090/conn/CrvSecurityWS/userresource/userprofile";
$cacheobj = new Enterprise($dbcon, $container->get("logger"), $container);
//
$authConfig = $cacheobj->getUserAuth();
$httpUrlConfig = $authConfig["ssoauthurl"];
if (empty($httpUrlConfig)) {
$httpUrlConfig = $defaultPostURl;
$eno = "100001";
} else {
$ldapConfgiObject = json_decode($httpUrlConfig, true);
$eno = $ldapConfgiObject["ENO"];
$httpUrlConfig = $ldapConfgiObject["URL"];
}
try {
$para = "access_token=" . $token;
$container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para);
$postresult = Utils::getUrlContent($httpUrlConfig . "?" . $para, null);
$container->get("logger")->err("SOA Result:" . $postresult);
$resultObject = json_decode($postresult, true);
//$resultObject=array("empUid"=>"test101","empName"=>"TEST101"); //集成测试
if (!isset($resultObject["empUid"])) {
$container->get("logger")->err("get user info error." . $postresult);
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
$crvuser = $resultObject["empUid"];
$email = $resultObject["email"];
$fafa_account = !empty($crvuser) ? strtolower($crvuser) : $email;
$Obj = new \Justsy\BaseBundle\Login\UserProvider($container);
$user = $Obj->loadUserByUsername($fafa_account, $comefrom);
//�Ǽ�seesion
$token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$container->get("security.context")->setToken($token);
$session = $request->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token);
$container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$re["returncode"] = ReturnCode::$SUCCESS;
$re["openid"] = $user->openid;
$re["login_account"] = $fafa_account;
$re["ldap_uid"] = $user->ldap_uid;
$re["jid"] = $user->fafa_jid;
//为了避免用户修改密码后只刷新了所在服务器,im密码实时获取
$sql = "select password from users where username=?";
$iminfo = $con_im->GetData("im", $sql, array((string) $user->fafa_jid));
$re["des"] = count($iminfo["im"]["rows"]) > 0 ? $iminfo["im"]["rows"][0]["password"] : "";
} catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
} catch (\Exception $e) {
$container->get("logger")->err($e);
$re["returncode"] = ReturnCode::$SYSERROR;
}
return $re;
}
public static function registerToPlatform($container, $type, $uid, $openid, $nickName)
{
$defaultPostURl = "http://10.100.20.27/CallCenter/ESB_InvokeService.ashx";
$cacheobj = new Enterprise(null, $container->get("logger"), $container);
//
$authConfig = $cacheobj->getUserAuth();
$httpUrlConfig = $authConfig["ssoauthurl"];
if (empty($httpUrlConfig)) {
$httpUrlConfig = $defaultPostURl;
$eno = "100001";
} else {
$ldapConfgiObject = json_decode($httpUrlConfig, true);
$eno = $ldapConfgiObject["ENO"];
$httpUrlConfig = $ldapConfgiObject["URL"];
}
try {
$data = array();
$data["providerLoginKey"] = $uid;
$data["loginProviderName"] = $type;
$data["nickName"] = $nickName;
$data["openid"] = $openid;
$data["isNeedSyn"] = false;
$para = "ServiceName=WXSC_Account&MethodName=POST:JSON:loginWithRegisterExternal&Message=" . json_encode($data) . "&Version=1";
$container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para);
$postresult = Utils::do_post_request($httpUrlConfig, $para);
$container->get("logger")->err("SOA Result:" . $postresult);
$resultObject = json_decode($postresult, true);
return $resultObject;
} catch (\Exception $e) {
$container->get("logger")->err("SOA ERROR:" . $e);
}
}
public function getFriendBaseinfoList()
{
$jid = "";
if ($this->userInfo != null) {
$jid = $this->userInfo->fafa_jid;
$eno = $this->userInfo->eno;
} else {
$userInfo = $this->getInfo();
$jid = $userInfo["fafa_jid"];
$eno = $userInfo["eno"];
}
$paras = array();
$domain = $this->container->getParameter('edomain');
$sql = "select jid from rosterusers where username=? and subscription='B' and jid not in(?,?,?,?,?)";
$paras[] = (string) $jid;
$paras[] = "admin-" . $eno . "@" . $domain;
$paras[] = "sale-" . $eno . "@" . $domain;
$paras[] = "front-" . $eno . "@" . $domain;
$paras[] = "service-" . $eno . "@" . $domain;
$paras[] = "guest-" . $eno . "@" . $domain;
$ds = $this->conn_im->getData("t", $sql, $paras);
$list = array();
if ($ds && count($ds["t"]["rows"]) > 0) {
for ($i = 0; $i < count($ds["t"]["rows"]); $i++) {
$list[] = $ds["t"]["rows"][$i]["jid"];
}
}
if (count($list) > 0) {
$FILE_WEBSERVER_URL = $this->container->getParameter('FILE_WEBSERVER_URL');
$sql = "select eno,'' eshortname,login_account,nick_name,concat('" . $FILE_WEBSERVER_URL . "',photo_path) photo_path,fafa_jid,concat('" . $FILE_WEBSERVER_URL . "',photo_path_small) photo_path_small,concat('" . $FILE_WEBSERVER_URL . "',photo_path_big) photo_path_big from we_staff where fafa_jid in('" . implode("','", $list) . "')";
$ds = $this->conn->getData("t", $sql, array());
$list = array();
if ($ds && count($ds["t"]["rows"]) > 0) {
$enMgr = new Enterprise($this->conn, $this->logger, $this->container);
//判断是否同一企业,不在同一企业时,加上企业简称一起返回
for ($i = 0; $i < count($ds["t"]["rows"]); $i++) {
$t_eno = $ds["t"]["rows"][$i]["eno"];
if ($eno == $t_eno) {
continue;
}
//获取企业简称.在朋友圈发动态@好友时使用。
$endata = $enMgr->getinfo($t_eno);
if (!empty($endata)) {
$ds["t"]["rows"][$i]["eshortname"] = $endata["eshortname"];
//$ds["t"]["rows"][$i]["nick_name"] = $ds["t"]["rows"][$i]["nick_name"]."{".$endata["eshortname"]."}";
}
}
return $ds["t"]["rows"];
}
}
return null;
}
public function createUser($container, $attributes)
{
$createUserRest = $container->getParameter('staff_sync_url');
$defaultPostURl = "https://sso.avicmall.com:8443";
$appcodeConfig = "fafa-app";
$appkeyConfig = "DKGHwqJ5H91noPYNYm9b8EUPQSY";
$cacheobj = new Enterprise(null, $container->get("logger"), $container);
//
$authConfig = $cacheobj->getUserAuth();
$httpUrlConfig = $authConfig["ssoauthurl"];
if (empty($httpUrlConfig)) {
$httpUrlConfig = $defaultPostURl;
$eno = "100001";
} else {
$ldapConfgiObject = json_decode($httpUrlConfig, true);
$eno = $ldapConfgiObject["ENO"];
$httpUrlConfig = $ldapConfgiObject["URL"];
$appcodeConfig = $ldapConfgiObject["AppCode"];
$appkeyConfig = $ldapConfgiObject["AppKey"];
}
$reqHeader = SsoAvicAuth::getHeaders($appcodeConfig, $appkeyConfig);
$data = array();
$data["name"] = "";
$data["attributes"] = array(array("name" => "mobile", "value" => $attributes["mobile"]), array("name" => "smart-securemobile", "value" => $attributes["mobile"]), array("name" => "userpassword", "value" => $attributes["password"]), array("name" => "smart-type", "value" => "2"), array("name" => "cn", "value" => $attributes["nick_name"]));
$para = json_encode($data);
$container->get("logger")->err("SOA URL:" . $createUserRest . "?" . $para);
$postresult = Utils::do_post_request($createUserRest, $para, $reqHeader, $container->get("logger"));
$container->get("logger")->err("SOA Result:" . $postresult);
$resultObject = json_decode($postresult, true);
if (!$resultObject["status"] || $resultObject["status"] == "false") {
throw new \Exception($resultObject["message"]);
}
$resultObject["ldap_uid"] = $resultObject["key"];
$resultObject["deptid"] = "100054";
//默认部门
return $resultObject;
}
