예제 #1
0
파일: Third2Auth.php 프로젝트: gtyd/jira
 protected function getAuthAccountId()
 {
     $params = $this->params ? $this->params : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_user_code_params');
     if (empty($params)) {
         throw new AuthException("未设置third_app_user_code_params参数,无法被第三方应用集成");
     } else {
         $authcode = I($params);
     }
     if (empty($authcode)) {
         $user_code = cookie('user_code@' . $this->orgcode);
         if (empty($user_code)) {
             throw new AuthException('authcode不存在');
         } else {
             return $user_code;
         }
     } else {
         $curl = $this->curl ? $this->curl : new \mysoft\http\Curl();
         $url = $this->params ? "" : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_authcode_url');
         $ret = json_decode($curl->get($url . $authcode), true);
         if (!empty($ret) && isset($ret['errcode']) && $ret['errcode'] == 0 && isset($ret['user_code'])) {
             $user_code = $ret['user_code'];
             cookie('user_code@' . $this->orgcode, $user_code, time() + 30 * 24 * 60 * 60);
             return $user_code;
         } else {
             if (empty($ret)) {
                 throw new AuthException('第三方接口未返回');
             } else {
                 throw new AuthException('第三方接口返回:' . json_encode($ret));
             }
         }
     }
 }
예제 #2
0
 public function beforeAction($action)
 {
     if (parent::beforeAction($action)) {
         if (!\Yii::$app->user->getIdentity() instanceof MicroIdentity || \Yii::$app->user->getIdentity()->orgcode != $this->orgcode) {
             try {
                 $auth = AuthFactory::getAuth($this->orgcode, $this->from);
                 if (YII_ENV == "dev" || YII_ENV == "ci") {
                     $dev_account_id = I('dev_account_id', cookie('dev_account_id@' . $this->orgcode));
                     if (!empty($dev_account_id)) {
                         cookie('dev_account_id@' . $this->orgcode, $dev_account_id);
                     }
                     $auth->setDevAccountId($dev_account_id);
                 }
                 return $auth->login();
             } catch (AuthException $e) {
                 //正式环境下,对于frontend里面抛出的异常进行捕获并友好化展示。开发环境,或者其他的异常编码向上抛出
                 if (YII_ENV != 'dev') {
                     \Yii::error($e->getMessage(), __METHOD__);
                     \Yii::$app->response->content = $this->renderPartial('@vendor/mysoft/web/views/unAuthorized/selfexception', ['msg' => $e->getMessage()]);
                     return false;
                 } else {
                     throw $e;
                 }
             }
         } else {
             //针对第三方集成的场景,将authcode自动通过跳转的方式隐藏掉
             $authparams = \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_user_code_params');
             if (!empty($authparams)) {
                 $authcode = I($authparams);
                 if (!empty($authcode)) {
                     $query = \Yii::$app->request->getQueryParams();
                     if (isset($query[$authparams])) {
                         unset($query[$authparams]);
                     }
                     \Yii::$app->response->redirect(\Yii::$app->request->getHostInfo() . \Yii::$app->params['static_host'] . '/' . \Yii::$app->request->getPathInfo() . "?" . http_build_query($query))->send();
                     return false;
                 }
             }
         }
         //首先验证租户的应用授权
         if ($this->check_access_appauth()) {
             return true;
         } else {
             $msg = '该应用还没有授权哦!';
         }
         \Yii::$app->response->content = $this->renderPartial('@vendor/mysoft/web/views/unAuthorized/unAuthorized', ['msg' => $msg]);
     }
     return false;
 }
예제 #3
0
파일: LandrayAuth.php 프로젝트: gtyd/jira
 protected function getAuthAccountId()
 {
     $cookie = $_COOKIE['LtpaToken'];
     $cookie = str_replace(' ', '+', $cookie);
     $secret = $this->secret ? $this->secret : \mysoft\pubservice\BasicParams::get($this->orgcode, 'landray_secret');
     if (empty($secret)) {
         throw new AuthException('未设置蓝凌密钥,无法支持蓝凌oa集成');
     }
     $usercode = \mysoft\third\landray\Helper::decode_sso($cookie, $secret);
     if (empty($usercode)) {
         throw new AuthException("解析username失败:" . $cookie);
     } else {
         return $usercode;
     }
 }
예제 #4
0
파일: FxtAuth.php 프로젝트: gtyd/jira
 protected function getAuthAccountId()
 {
     $params = $this->params ? $this->params : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_user_code_params');
     if (empty($params)) {
         throw new AuthException("未设置第三方应用集成标识,无法被第三方应用集成");
     } else {
         $authcode = I($params);
     }
     if (empty($authcode)) {
         $usercode = cookie('user_code@' . $this->orgcode);
         if (!empty($usercode)) {
             return $usercode;
         } else {
             throw new AuthException('authcode不存在');
         }
     } else {
         $authcode = \mysoft\helpers\AesHelper::decrypt($authcode);
         $authcode = json_decode($authcode, true);
         if (!empty($authcode) && isset($authcode['user_code']) && isset($authcode['timestamp']) && isset($authcode['orgcode'])) {
             if (time() - $authcode['timestamp'] > self::FXT_EXPIRE) {
                 throw new AuthException('authcode已经过期');
             }
             if ($authcode['orgcode'] !== $this->orgcode) {
                 throw new AuthException('租户ID不匹配');
             }
             cookie('user_code@' . $this->orgcode, $authcode['user_code'], time() + 24 * 60 * 60);
             //复兴通的cookie只存一天
             if (YII_ENV != 'unittest') {
                 $query = \Yii::$app->request->getQueryParams();
                 if (isset($query[$params])) {
                     unset($query[$params]);
                 }
                 \Yii::$app->response->redirect(\Yii::$app->request->getHostInfo() . \Yii::$app->params['static_host'] . '/' . \Yii::$app->request->getPathInfo() . "?" . http_build_query($query))->send();
                 //return false;
             }
             return $authcode['user_code'];
         } else {
             throw new AuthException('authcode解析失败');
         }
     }
 }
예제 #5
0
파일: ThirdAuth.php 프로젝트: gtyd/jira
 protected function getAuthAccountId()
 {
     $params = $this->params !== null ? $this->params : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_user_code_params');
     $secret = $this->secret !== null ? $this->secret : \mysoft\pubservice\BasicParams::get($this->orgcode, 'third_app_auth_secret');
     if (empty($params)) {
         throw new AuthException("未设置third_app_user_code_params参数,无法被第三方应用集成");
     } else {
         $usercode = I($params);
     }
     if (empty($user_code)) {
         $user_code = cookie('user_code@' . $this->orgcode);
     } else {
         if (!empty($secret)) {
             $user_code = \mysoft\helpers\AesHelper::decrypt($user_code, $secret);
         }
         cookie('user_code@' . $this->orgcode, $user_code, time() + 30 * 24 * 60 * 60);
     }
     if (empty($usercode)) {
         throw new AuthException("无法从参数{$params}中获取用户code");
     } else {
         return $usercode;
     }
 }