public function dispatchAction($container, $user, $pass, $comefrom = "00", $datascope = "", $portalversion = "") { $request = $container->get("request"); $clientdatetime = $request->get("clientdatetime"); $appid = $request->get("appid"); //判断是否集成登录,是则同时返回OAuth2的code,用于客户端获取token $db = $this->get("we_data_access"); $db_im = $this->get("we_data_access_im"); try { //获取当前企业的认证方式:默认认证、ldap认证、ad认证、统一接口认证 $authobj = new Enterprise($db, $this->get("logger"), $container->container); // if ($comefrom == "03") { $classname = "DefaultAuth"; //业务代理登录默认采用wefafa认证 } else { $authConfig = $authobj->getUserAuth(); $classname = $authConfig["ssoauthmodule"]; if (empty($classname) || $classname == "null") { $re = array("msg" => "invalid ssoauthmodule"); $re["returncode"] = ReturnCode::$SYSERROR; return $re; } } $classname = "\\Justsy\\InterfaceBundle\\SsoAuth\\Sso" . $classname; $re = call_user_func(array($classname, 'userAuthAction'), $container->container, $request, $db, $db_im, $user, $pass, $comefrom); if ($re["returncode"] == ReturnCode::$SUCCESS) { if (!empty($appid)) { $appMgr = new \Justsy\BaseBundle\Management\App($container->container); $appinfo = $appMgr->getappinfo(array('appid' => $appid)); if (empty($appinfo)) { $re = array("msg" => "无效的应用标识号"); $re["returncode"] = ReturnCode::$SYSERROR; return $re; } $appkey = $appinfo['appkey']; $code = strtolower(MD5($appid . $appkey)); $re['auth2_code'] = $code; } $this->getLoginAppendData($re, $re["login_account"], $portalversion, $comefrom, $db, $db_im, $clientdatetime); if (!empty($re["info"])) { $einfo = $authobj->getInfo($re["info"]["eno"]); if (!empty($einfo)) { $re["info"]["ename"] = $einfo["ename"]; $re["info"]["circle_id"] = $einfo["circle_id"]; $re["info"]["circle_name"] = $einfo["circle_name"]; } } $this->setLoginDate($re["openid"], $db); } return $re; } catch (\Exception $e) { $this->get("logger")->err($e); $re = array("msg" => "invalid ssoauthmodule"); $re["returncode"] = ReturnCode::$SYSERROR; return $re; } }
public static function userAuthAction($container, $request, $dbcon, $con_im, $login_account, $password, $comefrom) { //判断是门户登录还是独立登录 if (strlen($login_account) < 32) { //独立登录模式 $classname = "\\Justsy\\InterfaceBundle\\SsoAuth\\SsoWefafaMd5Auth"; $re = call_user_func(array($classname, 'userAuthAction'), $container, $request, $dbcon, $con_im, $login_account, $password, $comefrom); return $re; } //解密token和pass $token = DES::decrypt_crv_fortoken($login_account, "cn.com.crv.ivv"); if ($token === false) { $container->get("logger")->err("decrypt token error:" . $login_account); $re["returncode"] = ReturnCode::$SYSERROR; return $re; } $pass = DES::decrypt_crv_fortoken($password, "cn.com.crv.ivv"); if ($pass === false) { $container->get("logger")->err("decrypt password error:" . $password); $re["returncode"] = ReturnCode::$SYSERROR; return $re; } $defaultPostURl = "http://cremobile.crc.com.cn:9090/conn/CrvSecurityWS/userresource/userprofile"; $cacheobj = new Enterprise($dbcon, $container->get("logger"), $container); // $authConfig = $cacheobj->getUserAuth(); $httpUrlConfig = $authConfig["ssoauthurl"]; if (empty($httpUrlConfig)) { $httpUrlConfig = $defaultPostURl; $eno = "100001"; } else { $ldapConfgiObject = json_decode($httpUrlConfig, true); $eno = $ldapConfgiObject["ENO"]; $httpUrlConfig = $ldapConfgiObject["URL"]; } try { $para = "access_token=" . $token; $container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para); $postresult = Utils::getUrlContent($httpUrlConfig . "?" . $para, null); $container->get("logger")->err("SOA Result:" . $postresult); $resultObject = json_decode($postresult, true); //$resultObject=array("empUid"=>"test101","empName"=>"TEST101"); //集成测试 if (!isset($resultObject["empUid"])) { $container->get("logger")->err("get user info error." . $postresult); $re["returncode"] = ReturnCode::$SYSERROR; return $re; } $crvuser = $resultObject["empUid"]; $email = $resultObject["email"]; $fafa_account = !empty($crvuser) ? strtolower($crvuser) : $email; $Obj = new \Justsy\BaseBundle\Login\UserProvider($container); $user = $Obj->loadUserByUsername($fafa_account, $comefrom); //�Ǽ�seesion $token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles()); $container->get("security.context")->setToken($token); $session = $request->getSession()->set('_security_' . 'secured_area', serialize($token)); $event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token); $container->get("event_dispatcher")->dispatch("security.interactive_login", $event); $re["returncode"] = ReturnCode::$SUCCESS; $re["openid"] = $user->openid; $re["login_account"] = $fafa_account; $re["ldap_uid"] = $user->ldap_uid; $re["jid"] = $user->fafa_jid; //为了避免用户修改密码后只刷新了所在服务器,im密码实时获取 $sql = "select password from users where username=?"; $iminfo = $con_im->GetData("im", $sql, array((string) $user->fafa_jid)); $re["des"] = count($iminfo["im"]["rows"]) > 0 ? $iminfo["im"]["rows"][0]["password"] : ""; } catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) { $re["returncode"] = ReturnCode::$ERROFUSERORPWD; } catch (\Exception $e) { $container->get("logger")->err($e); $re["returncode"] = ReturnCode::$SYSERROR; } return $re; }
public static function registerToPlatform($container, $type, $uid, $openid, $nickName) { $defaultPostURl = "http://10.100.20.27/CallCenter/ESB_InvokeService.ashx"; $cacheobj = new Enterprise(null, $container->get("logger"), $container); // $authConfig = $cacheobj->getUserAuth(); $httpUrlConfig = $authConfig["ssoauthurl"]; if (empty($httpUrlConfig)) { $httpUrlConfig = $defaultPostURl; $eno = "100001"; } else { $ldapConfgiObject = json_decode($httpUrlConfig, true); $eno = $ldapConfgiObject["ENO"]; $httpUrlConfig = $ldapConfgiObject["URL"]; } try { $data = array(); $data["providerLoginKey"] = $uid; $data["loginProviderName"] = $type; $data["nickName"] = $nickName; $data["openid"] = $openid; $data["isNeedSyn"] = false; $para = "ServiceName=WXSC_Account&MethodName=POST:JSON:loginWithRegisterExternal&Message=" . json_encode($data) . "&Version=1"; $container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para); $postresult = Utils::do_post_request($httpUrlConfig, $para); $container->get("logger")->err("SOA Result:" . $postresult); $resultObject = json_decode($postresult, true); return $resultObject; } catch (\Exception $e) { $container->get("logger")->err("SOA ERROR:" . $e); } }
public function createUser($container, $attributes) { $createUserRest = $container->getParameter('staff_sync_url'); $defaultPostURl = "https://sso.avicmall.com:8443"; $appcodeConfig = "fafa-app"; $appkeyConfig = "DKGHwqJ5H91noPYNYm9b8EUPQSY"; $cacheobj = new Enterprise(null, $container->get("logger"), $container); // $authConfig = $cacheobj->getUserAuth(); $httpUrlConfig = $authConfig["ssoauthurl"]; if (empty($httpUrlConfig)) { $httpUrlConfig = $defaultPostURl; $eno = "100001"; } else { $ldapConfgiObject = json_decode($httpUrlConfig, true); $eno = $ldapConfgiObject["ENO"]; $httpUrlConfig = $ldapConfgiObject["URL"]; $appcodeConfig = $ldapConfgiObject["AppCode"]; $appkeyConfig = $ldapConfgiObject["AppKey"]; } $reqHeader = SsoAvicAuth::getHeaders($appcodeConfig, $appkeyConfig); $data = array(); $data["name"] = ""; $data["attributes"] = array(array("name" => "mobile", "value" => $attributes["mobile"]), array("name" => "smart-securemobile", "value" => $attributes["mobile"]), array("name" => "userpassword", "value" => $attributes["password"]), array("name" => "smart-type", "value" => "2"), array("name" => "cn", "value" => $attributes["nick_name"])); $para = json_encode($data); $container->get("logger")->err("SOA URL:" . $createUserRest . "?" . $para); $postresult = Utils::do_post_request($createUserRest, $para, $reqHeader, $container->get("logger")); $container->get("logger")->err("SOA Result:" . $postresult); $resultObject = json_decode($postresult, true); if (!$resultObject["status"] || $resultObject["status"] == "false") { throw new \Exception($resultObject["message"]); } $resultObject["ldap_uid"] = $resultObject["key"]; $resultObject["deptid"] = "100054"; //默认部门 return $resultObject; }