public static function tokenAction($container, $con, $appid, $code, $encrypt)
{
$app = new \Justsy\BaseBundle\Management\App($container->container);
$stat_v = explode(",", $appid);
$appid = $stat_v[0];
$openid = $stat_v[1];
$isLogin = null;
if (strpos($appid, "SSO_") !== false) {
$isLogin = $appid;
//新浪微博集成登录
//获取微博对应的业务系统认证配置
$syspara = new \Justsy\BaseBundle\DataAccess\SysParam($container);
$appid = $syspara->GetSysParam(strtolower($appid) . "_appid");
if (empty($appid)) {
$resp = new Response("未配置微博业务系统或参数sso_sina_appid");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$appdata = $app->getbussysteminfo(array("appid" => $appid));
$appid = $isLogin;
//把appid还原成sso集成登录标识
} else {
if (strpos($appid, "SYS_") !== false) {
//业务系统直接对接
$appdata = $app->getbussysteminfo(array("appid" => substr($appid, 4)));
} else {
$appdata = $app->getappinfo(array("appid" => $appid));
}
}
if (empty($appdata)) {
return "无效的APPID";
}
$token_url = $appdata["token_url"];
if (empty($token_url)) {
return "无效的配置:令牌获取地址无效";
}
$token_method = $appdata["token_method"];
$token_method = empty($token_method) ? "POST" : $token_method;
$auth_url = $token_url;
$para_name = $appdata["redirecturl_para_name"];
if (empty($para_name)) {
$para_name = "redirect_uri";
}
$paraString = "";
if (empty($code)) {
$paraString .= "grant_type=client_credentials&" . $para_name . "=" . $appdata["redirection_url"];
} else {
$paraString .= "grant_type=authorization_code&" . $para_name . "=" . $appdata["redirection_url"];
}
$para_name = $appdata["clientid_para_name"];
if (empty($para_name)) {
$para_name = "client_id";
}
$paraString .= "&" . $para_name . "=" . $appdata["clientid"];
$para_name = $appdata["clientkey_para_name"];
if (empty($para_name)) {
$para_name = "client_secret";
}
$paraString .= "&" . $para_name . "=" . $appdata["clientkey"];
$paraString .= "&code=" . $code;
$paraString .= "&state=" . $appid . "," . $openid;
$container->get("logger")->err($auth_url . " -- " . $paraString);
if (strtoupper($token_method) == "POST") {
$token = Utils::do_post_request($auth_url, $paraString);
} else {
$token = Utils::do_post_request($auth_url . "?" . $paraString, null);
}
$container->get("logger")->err("token value:" . $token);
$retuenAry = array();
if (substr($token, 0, 1) == "{") {
$retuenAry = json_decode($token, true);
} else {
$rv = explode("&", $token);
for ($i = 0; $i < count($rv); $i++) {
$rv_i = explode("=", $rv[$i]);
$retuenAry[$rv_i[0]] = preg_replace("/'/is", "", $rv_i[1]);
}
}
$result = array("returncode" => "0000", "data" => null);
$para_name = $appdata["token_para_name"];
if (empty($para_name)) {
$para_name = "access_token";
}
if (isset($retuenAry[$para_name])) {
$retuenAry[$appdata["clientid_para_name"]] = $appdata["clientid"];
$retuenAry[$appdata["clientkey_para_name"]] = $appdata["clientkey"];
$result["returncode"] = "0000";
$retuenAry[$appdata["token_para_name"]] = $retuenAry[$para_name];
$app->setappsession(array("session" => $retuenAry, "openid" => $openid, "appid" => $appid));
} else {
$result["returncode"] = "9999";
}
$result["data"] = $retuenAry;
if (!empty($isLogin)) {
if (strpos($isLogin, "SSO_") !== false) {
if ($isLogin == "SSO_SINA") {
$uid = $retuenAry["uid"];
} else {
if ($isLogin == "SSO_WECHAT") {
$uid = $retuenAry["openid"];
}
}
//判断并注册用户
$staffobj = new \Justsy\BaseBundle\Management\Staff($container->get("we_data_access"), $container->get("we_data_access_im"), $uid, null, $container->container);
$re = $staffobj->createstaff(array("password" => rand(100000, 999999), "eno" => Utils::$PUBLIC_ENO, "nick_name" => $uid, "ldap_uid" => $uid, "account" => ""));
$re["data"]["des"] = DES::decrypt($re["data"]["t_code"]);
}
return self::responseLoginJson(json_encode($re));
} else {
if (strpos($appid, "SYS_") !== false) {
return self::responseJsonStr(json_encode($result));
} else {
return self::responseJson(json_encode($result));
}
}
}
public function ssoAction()
{
$request = $this->get("request");
$classname = $request->get("ssomodule");
$appid = $request->get("appid");
$openid = $request->get("openid");
$token = $request->get("token");
$encrypt = $request->get("encrypt");
$isLogin = null;
$app = new \Justsy\BaseBundle\Management\App($this->container);
if (strpos($appid, "SSO_") !== false) {
$isLogin = $appid;
//新浪微博集成登录
//获取微博对应的业务系统认证配置
$syspara = new \Justsy\BaseBundle\DataAccess\SysParam($this->container);
$appid = $syspara->GetSysParam(strtolower($appid) . "_appid");
if (empty($appid)) {
$resp = new Response("未配置集成登录业务系统或参数" . strtolower($isLogin) . "_appid");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$appinfo = $app->getbussysteminfo(array("appid" => $appid));
$appid = $isLogin;
//把appid还原成sso集成登录标识
} else {
if (strpos($appid, "SYS_") !== false) {
//业务系统直接对接
$appinfo = $app->getbussysteminfo(array("appid" => substr($appid, 4)));
} else {
$appinfo = $app->getappinfo(array("appid" => $appid));
}
}
if (empty($appinfo)) {
$resp = new Response("invalid appid:{$appid}");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$classname = ucfirst($appinfo["authtype"]) . "Controller";
if (empty($classname) || $classname == "null") {
//$classname = "SsoWefafaController";
//$resp = new Response($request->get('jsoncallback') ? $request->get('jsoncallback')."(".json_encode($row).");" : json_encode($row));
$resp = new Response("invalid ssomodule");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
try {
$classname = "\\Justsy\\OpenAPIBundle\\Controller\\Sso" . $classname;
return call_user_func(array($classname, 'ssoAction'), $this, $this->get("we_data_access"), $appid, $openid, $token, $encrypt);
} catch (\Exception $e) {
$this->get("logger")->err($e);
$resp = new Response("invalid ssomodule");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
}