protected function getAuthAccountId() { $params = $this->params ? $this->params : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_user_code_params'); if (empty($params)) { throw new AuthException("未设置third_app_user_code_params参数,无法被第三方应用集成"); } else { $authcode = I($params); } if (empty($authcode)) { $user_code = cookie('user_code@' . $this->orgcode); if (empty($user_code)) { throw new AuthException('authcode不存在'); } else { return $user_code; } } else { $curl = $this->curl ? $this->curl : new \mysoft\http\Curl(); $url = $this->params ? "" : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_authcode_url'); $ret = json_decode($curl->get($url . $authcode), true); if (!empty($ret) && isset($ret['errcode']) && $ret['errcode'] == 0 && isset($ret['user_code'])) { $user_code = $ret['user_code']; cookie('user_code@' . $this->orgcode, $user_code, time() + 30 * 24 * 60 * 60); return $user_code; } else { if (empty($ret)) { throw new AuthException('第三方接口未返回'); } else { throw new AuthException('第三方接口返回:' . json_encode($ret)); } } } }
public function beforeAction($action) { if (parent::beforeAction($action)) { if (!\Yii::$app->user->getIdentity() instanceof MicroIdentity || \Yii::$app->user->getIdentity()->orgcode != $this->orgcode) { try { $auth = AuthFactory::getAuth($this->orgcode, $this->from); if (YII_ENV == "dev" || YII_ENV == "ci") { $dev_account_id = I('dev_account_id', cookie('dev_account_id@' . $this->orgcode)); if (!empty($dev_account_id)) { cookie('dev_account_id@' . $this->orgcode, $dev_account_id); } $auth->setDevAccountId($dev_account_id); } return $auth->login(); } catch (AuthException $e) { //正式环境下,对于frontend里面抛出的异常进行捕获并友好化展示。开发环境,或者其他的异常编码向上抛出 if (YII_ENV != 'dev') { \Yii::error($e->getMessage(), __METHOD__); \Yii::$app->response->content = $this->renderPartial('@vendor/mysoft/web/views/unAuthorized/selfexception', ['msg' => $e->getMessage()]); return false; } else { throw $e; } } } else { //针对第三方集成的场景,将authcode自动通过跳转的方式隐藏掉 $authparams = \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_user_code_params'); if (!empty($authparams)) { $authcode = I($authparams); if (!empty($authcode)) { $query = \Yii::$app->request->getQueryParams(); if (isset($query[$authparams])) { unset($query[$authparams]); } \Yii::$app->response->redirect(\Yii::$app->request->getHostInfo() . \Yii::$app->params['static_host'] . '/' . \Yii::$app->request->getPathInfo() . "?" . http_build_query($query))->send(); return false; } } } //首先验证租户的应用授权 if ($this->check_access_appauth()) { return true; } else { $msg = '该应用还没有授权哦!'; } \Yii::$app->response->content = $this->renderPartial('@vendor/mysoft/web/views/unAuthorized/unAuthorized', ['msg' => $msg]); } return false; }
protected function getAuthAccountId() { $cookie = $_COOKIE['LtpaToken']; $cookie = str_replace(' ', '+', $cookie); $secret = $this->secret ? $this->secret : \mysoft\pubservice\BasicParams::get($this->orgcode, 'landray_secret'); if (empty($secret)) { throw new AuthException('未设置蓝凌密钥,无法支持蓝凌oa集成'); } $usercode = \mysoft\third\landray\Helper::decode_sso($cookie, $secret); if (empty($usercode)) { throw new AuthException("解析username失败:" . $cookie); } else { return $usercode; } }
protected function getAuthAccountId() { $params = $this->params ? $this->params : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_user_code_params'); if (empty($params)) { throw new AuthException("未设置第三方应用集成标识,无法被第三方应用集成"); } else { $authcode = I($params); } if (empty($authcode)) { $usercode = cookie('user_code@' . $this->orgcode); if (!empty($usercode)) { return $usercode; } else { throw new AuthException('authcode不存在'); } } else { $authcode = \mysoft\helpers\AesHelper::decrypt($authcode); $authcode = json_decode($authcode, true); if (!empty($authcode) && isset($authcode['user_code']) && isset($authcode['timestamp']) && isset($authcode['orgcode'])) { if (time() - $authcode['timestamp'] > self::FXT_EXPIRE) { throw new AuthException('authcode已经过期'); } if ($authcode['orgcode'] !== $this->orgcode) { throw new AuthException('租户ID不匹配'); } cookie('user_code@' . $this->orgcode, $authcode['user_code'], time() + 24 * 60 * 60); //复兴通的cookie只存一天 if (YII_ENV != 'unittest') { $query = \Yii::$app->request->getQueryParams(); if (isset($query[$params])) { unset($query[$params]); } \Yii::$app->response->redirect(\Yii::$app->request->getHostInfo() . \Yii::$app->params['static_host'] . '/' . \Yii::$app->request->getPathInfo() . "?" . http_build_query($query))->send(); //return false; } return $authcode['user_code']; } else { throw new AuthException('authcode解析失败'); } } }
protected function getAuthAccountId() { $params = $this->params !== null ? $this->params : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_user_code_params'); $secret = $this->secret !== null ? $this->secret : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_auth_secret'); if (empty($params)) { throw new AuthException("未设置third_app_user_code_params参数,无法被第三方应用集成"); } else { $usercode = I($params); } if (empty($user_code)) { $user_code = cookie('user_code@' . $this->orgcode); } else { if (!empty($secret)) { $user_code = \mysoft\helpers\AesHelper::decrypt($user_code, $secret); } cookie('user_code@' . $this->orgcode, $user_code, time() + 30 * 24 * 60 * 60); } if (empty($usercode)) { throw new AuthException("无法从参数{$params}中获取用户code"); } else { return $usercode; } }