public static function ssoAction($controller, $conn, $appid, $openid, $token, $encrypt) { //重新授权 $app = new \Justsy\BaseBundle\Management\App($controller->container); $appdata = $app->getappinfo(array("appid" => $appid)); if (empty($appdata)) { $resp = new Response("无效的APPID"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $auth_url = $appdata["authorization_url"]; if (empty($auth_url)) { $resp = new Response("无效的配置:授权地址无效"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } //判断是否绑定 $bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid)); if (empty($bindinfo)) { $controller->get("logger")->err("================not bind"); //重定向到绑定页面 return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => self::$bind_type . "Controller")); } else { /* $syspara = new \Justsy\BaseBundle\DataAccess\SysParam($controller->container); $sysappid = $syspara->GetSysParam("sso_".strtolower(self::$bind_type)."_appid"); if(empty($sysappid)) { $resp = new Response("未配置集成登录业务系统或参数".strtolower(self::$bind_type)."_appid"); $resp->headers->set('Content-Type', 'text/html'); return $resp; }*/ $sysinfo = $appdata; //$app->getbussysteminfo(array("appid"=>$sysappid)); $wwwUrl = $sysinfo["inf_url"]; $loginUrl = $sysinfo["authorization_url"]; if (empty($wwwUrl)) { $resp = new Response("未正确配置业务系统,请检查服务地址"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } //获取seesionid $cookie_key = self::$bind_type . "_" . $openid; $getsessionUrl = $wwwUrl . "index.php?m=api&f=getSessionID&t=json"; $controller->get("logger")->err("getsessionUrl:" . $getsessionUrl); $sessionre = Utils::do_get_request_cookie($getsessionUrl, null, null, $cookie_key); $controller->get("logger")->err("session data:" . $sessionre); $sessionre = json_decode($sessionre, true); if ($sessionre["status"] != "success") { $resp = new Response("获取seesion失败"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $sessionre = json_decode($sessionre["data"], true); $sid = $sessionre["sessionID"]; //用户身份认证 $controller->get("logger")->err("================loginUrl:" . $loginUrl . "&sid=" . $sid . "&account=" . $bindinfo["bind_uid"] . "&password="******"authkey"]); $authResult = Utils::do_post_request_cookie($loginUrl . "&sid=" . $sid . "&account=" . $bindinfo["bind_uid"] . "&password="******"authkey"], null, null, $cookie_key); $retuenAry = array("session" => array("access_token" => $sid), "appid" => $appid, "openid" => $openid); $controller->get("logger")->err("pms login result:" . $authResult); //认证失败时要求重新绑定 $authResult = json_decode($authResult, true); if (!isset($authResult["status"]) || $authResult["status"] != "success") { return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "PmsController")); } $app->setappsession($retuenAry); //$re = Utils::do_post_request_cookie($wwwUrl."?m=my&f=index&t=json",null,null,$cookie_key); //$controller->get("logger")->err("my-todo result:".$re); } $result = array("returncode" => "0000", "data" => $authResult); return self::responseJson(json_encode($result)); }
public static function tokenAction($container, $con, $appid, $code, $encrypt) { $app = new \Justsy\BaseBundle\Management\App($container->container); $stat_v = explode(",", $appid); $appid = $stat_v[0]; $openid = $stat_v[1]; $isLogin = null; if (strpos($appid, "SSO_") !== false) { $isLogin = $appid; //新浪微博集成登录 //获取微博对应的业务系统认证配置 $syspara = new \Justsy\BaseBundle\DataAccess\SysParam($container); $appid = $syspara->GetSysParam(strtolower($appid) . "_appid"); if (empty($appid)) { $resp = new Response("未配置微博业务系统或参数sso_sina_appid"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $appdata = $app->getbussysteminfo(array("appid" => $appid)); $appid = $isLogin; //把appid还原成sso集成登录标识 } else { if (strpos($appid, "SYS_") !== false) { //业务系统直接对接 $appdata = $app->getbussysteminfo(array("appid" => substr($appid, 4))); } else { $appdata = $app->getappinfo(array("appid" => $appid)); } } if (empty($appdata)) { return "无效的APPID"; } $token_url = $appdata["token_url"]; if (empty($token_url)) { return "无效的配置:令牌获取地址无效"; } $token_method = $appdata["token_method"]; $token_method = empty($token_method) ? "POST" : $token_method; $auth_url = $token_url; $para_name = $appdata["redirecturl_para_name"]; if (empty($para_name)) { $para_name = "redirect_uri"; } $paraString = ""; if (empty($code)) { $paraString .= "grant_type=client_credentials&" . $para_name . "=" . $appdata["redirection_url"]; } else { $paraString .= "grant_type=authorization_code&" . $para_name . "=" . $appdata["redirection_url"]; } $para_name = $appdata["clientid_para_name"]; if (empty($para_name)) { $para_name = "client_id"; } $paraString .= "&" . $para_name . "=" . $appdata["clientid"]; $para_name = $appdata["clientkey_para_name"]; if (empty($para_name)) { $para_name = "client_secret"; } $paraString .= "&" . $para_name . "=" . $appdata["clientkey"]; $paraString .= "&code=" . $code; $paraString .= "&state=" . $appid . "," . $openid; $container->get("logger")->err($auth_url . " -- " . $paraString); if (strtoupper($token_method) == "POST") { $token = Utils::do_post_request($auth_url, $paraString); } else { $token = Utils::do_post_request($auth_url . "?" . $paraString, null); } $container->get("logger")->err("token value:" . $token); $retuenAry = array(); if (substr($token, 0, 1) == "{") { $retuenAry = json_decode($token, true); } else { $rv = explode("&", $token); for ($i = 0; $i < count($rv); $i++) { $rv_i = explode("=", $rv[$i]); $retuenAry[$rv_i[0]] = preg_replace("/'/is", "", $rv_i[1]); } } $result = array("returncode" => "0000", "data" => null); $para_name = $appdata["token_para_name"]; if (empty($para_name)) { $para_name = "access_token"; } if (isset($retuenAry[$para_name])) { $retuenAry[$appdata["clientid_para_name"]] = $appdata["clientid"]; $retuenAry[$appdata["clientkey_para_name"]] = $appdata["clientkey"]; $result["returncode"] = "0000"; $retuenAry[$appdata["token_para_name"]] = $retuenAry[$para_name]; $app->setappsession(array("session" => $retuenAry, "openid" => $openid, "appid" => $appid)); } else { $result["returncode"] = "9999"; } $result["data"] = $retuenAry; if (!empty($isLogin)) { if (strpos($isLogin, "SSO_") !== false) { if ($isLogin == "SSO_SINA") { $uid = $retuenAry["uid"]; } else { if ($isLogin == "SSO_WECHAT") { $uid = $retuenAry["openid"]; } } //判断并注册用户 $staffobj = new \Justsy\BaseBundle\Management\Staff($container->get("we_data_access"), $container->get("we_data_access_im"), $uid, null, $container->container); $re = $staffobj->createstaff(array("password" => rand(100000, 999999), "eno" => Utils::$PUBLIC_ENO, "nick_name" => $uid, "ldap_uid" => $uid, "account" => "")); $re["data"]["des"] = DES::decrypt($re["data"]["t_code"]); } return self::responseLoginJson(json_encode($re)); } else { if (strpos($appid, "SYS_") !== false) { return self::responseJsonStr(json_encode($result)); } else { return self::responseJson(json_encode($result)); } } }