public static function bindAction($controller, $con, $appid, $openid, $params)
{
$re = array("returncode" => "0000");
try {
$bindinfo = $params->get("auth");
$bindinfo = explode(",", $bindinfo);
$bind_uid = $bindinfo[0];
$authkey = count($bindinfo) == 1 ? "" : DES::encrypt($bindinfo[1]);
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
//获取应用信息
//自动身份认证
$cookie_key = self::$bind_type . "_" . $openid;
$loginUrl = $appdata["authorization_url"];
if (!empty($loginUrl)) {
$authResult = Utils::do_get_request_cookie($loginUrl . "&" . http_build_query(array("uid" => $bind_uid, "upwd" => md5(DES::decrypt($authkey)))), null, null, $cookie_key);
$authResult = json_decode($authResult, true);
if (!isset($authResult["islogin"]) || $authResult["islogin"] != "1") {
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'errormsg' => '绑定的帐号或密码不正确', 'ssomodule' => self::$bind_type . "Controller"));
}
}
$app->setappbind(array("appid" => $appid, "openid" => $openid, "bind_type" => self::$bind_type, "bind_uid" => $bind_uid, "authkey" => $authkey));
} catch (\Exception $e) {
$response = new Response($e->getMessage());
$response->headers->set('Content-Type', 'text/html');
return $response;
}
return self::responseJson(json_encode($re));
}
public static function ssoAction($controller, $conn, $appid, $openid, $token, $encrypt)
{
//重新授权
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$auth_url = $appdata["authorization_url"];
if (empty($auth_url)) {
$resp = new Response("无效的配置:授权地址无效");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "K3Controller"));
} else {
$loginUrl = $appdata["authorization_url"];
$controller->get("logger")->err("================loginUrl:" . $loginUrl);
//用户身份认证
$cookie_key = "k3_" . $openid;
$authResult = Utils::do_get_request_cookie($loginUrl, "provider=credentials&UserName="******"bind_uid"] . "&Password="******"authkey"] . "&PasswordIsEncrypted=false&RememberMe=false", null, $cookie_key);
//$container->get("logger")->err("k3 login result:".$authResult);
//认证失败时要求重新绑定
$authResult = json_decode($authResult, true);
if (!isset($authResult["Result"]) || !$authResult["Result"]["ResponseStatus"]["IsSuccess"]) {
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "K3Controller"));
}
}
$result = array("returncode" => "0000", "data" => $authResult);
return self::responseJson(json_encode($result));
}
public function push_receiverlistAction()
{
$da = $this->get("we_data_access");
$da_im = $this->get('we_data_access_im');
$request = $this->getRequest();
//访问权限校验
$api = new \Justsy\OpenAPIBundle\Controller\ApiController();
$api->setContainer($this->container);
$isWeFaFaDomain = $api->checkWWWDomain();
if (!$isWeFaFaDomain) {
$token = $api->checkAccessToken($request, $da);
if (!$token) {
$re = array("returncode" => "9999");
$re["code"] = "err0105";
$re["msg"] = "参数Appid或Openid或Access_token未指定或无效.";
return $this->responseJson($request, $re);
}
}
$openid = $request->get("openid");
$staffinfo = new \Justsy\BaseBundle\Management\Staff($da, $da_im, $openid, $this->get("logger"), $this->container);
$staffdata = $staffinfo->getInfo();
if (empty($staffdata)) {
$result = Utils::WrapResultError("无效操作帐号");
return $this->responseJson($request, $result);
}
$appid = $request->get('appid');
$appmgr = new \Justsy\BaseBundle\Management\App($this->container);
$appdata = $appmgr->getappinfo(array('appid' => $appid));
if (empty($appdata)) {
$result = Utils::WrapResultError("无效应用标识");
return $this->responseJson($request, $result);
}
$data = $request->get("data");
//部门名称
if (empty($data)) {
$result = Utils::WrapResultError("无效的数据");
return $this->responseJson($request, $result);
}
$data = json_decode($data, true);
$noticeMgr = new \Justsy\BaseBundle\Management\PromptlyNotice($this->container, $staffdata, $appdata);
$result = $noticeMgr->getReceiverList($data);
return $this->responseJson($request, $result);
}
public static function rest($controller, $user, $re, $parameters, $need_params)
{
$appid = $parameters["appid"];
$openid = $user->openid;
$cookie_key = self::$bind_type . "_" . $openid;
//获取绑定的sid
$app = new \Justsy\BaseBundle\Management\App($controller);
$sessioninfo = $app->getappsession(array("appid" => $appid, "openid" => $openid));
if (empty($sessioninfo)) {
return array("status" => "fail", "msg" => "session已过期");
}
$data = $sessioninfo["access_token"];
$appinfo = $app->getappinfo(array("appid" => $appid));
$restUrl = $re["inf_url"];
$str_para = array();
if (!empty($parameters)) {
//将参数数组转化为字符串
if (is_array($parameters) && !empty($need_params)) {
for ($i = 0; $i < count($need_params); $i++) {
$pname = $need_params[$i]["paramname"];
$val = isset($parameters[$pname]) ? $parameters[$pname] : $need_params[$i]["paramvalue"];
$str_para[$pname] = $val;
}
}
}
$re = Utils::do_post_request_cookie($restUrl . "&" . http_build_query($str_para), null, null, $cookie_key);
//对data进行2次转换
$tmpObj = json_decode($re, true);
if (isset($tmpObj["data"])) {
$txt = $tmpObj["data"];
$fChar = substr($txt, 0, 1);
if ($fChar == "{" || $fChar == "[") {
$tmpObj["data"] = json_decode($txt, true);
$re = json_encode($tmpObj);
}
}
return $re;
}
public function getByDsid($user, $re, $parameters, $container)
{
if (isset($re["inf_url"]) && !empty($re["inf_url"])) {
$url = $re["inf_url"];
$is_auth = $re["is_auth"];
//接口是否需要认证,1:需要认证 0:不认证
$str_para = "";
if (empty($parameters) || $parameters == "{}") {
$parameters = $re["inf_parameter"];
}
$need_para = $re["inf_parameter"];
if (!empty($need_para) && is_string($need_para)) {
$need_para = json_decode($need_para, true);
}
$app = new \Justsy\BaseBundle\Management\App($container);
//parameters为json数据格式
if (empty($parameters)) {
throw new \Exception("参数appid不能为空!");
}
$parameters = is_array($parameters) ? $parameters : json_decode($parameters, true);
$appdata = $app->getappinfo(array("appid" => $parameters["appid"]));
$authtype = isset($appdata["authtype"]) ? $appdata["authtype"] : "";
if (!empty($authtype) && $is_auth == "1") {
$classname = dirname(dirname(dirname(dirname(__FILE__)))) . "/OpenAPIBundle/Controller/Sso" . ucfirst($authtype) . "Controller.php";
//$container->get("logger")->err("===========file_exists ".$classname);
if (file_exists($classname)) {
$classname = "\\Justsy\\OpenAPIBundle\\Controller\\Sso" . ucfirst($authtype) . "Controller";
//$container->get("logger")->err("===========load ".$classname);
$re = call_user_func(array($classname, 'rest'), $container, $user, $re, $parameters, $need_para);
//$container->get("logger")->err("===========load ".$classname." result:".json_encode($re));
return $re;
}
}
if (!empty($parameters)) {
//将参数数组转化为字符串
if (is_array($parameters) && !empty($need_para)) {
for ($i = 0; $i < count($need_para); $i++) {
$pname = $need_para[$i]["paramname"];
$val = isset($parameters[$pname]) ? $parameters[$pname] : $need_para[$i]["paramvalue"];
$str_para .= $pname . "=" . $val . "&";
}
$str_para = rtrim($str_para, "&");
}
}
$method = $re["req_action"];
$method = $method != "GET" ? "POST" : "GET";
$container->get("logger")->err("authtype:" . $authtype);
$optional_headers = null;
if ($authtype == "header") {
$userpara = $appdata["userdefined_para"];
if (!empty($userpara)) {
$optional_headers = json_decode($userpara, true);
}
} else {
if ($authtype == "basic") {
$userpara = $appdata["userdefined_para"];
if (!empty($userpara)) {
$userpara = json_decode($userpara, true);
$user = $userpara["user"];
$pass = $userpara["pass"];
$optional_headers = array("Authorization" => "Basic " . base64_encode("{$user}:{$pass}"));
}
}
}
if ($method == "GET") {
if (strpos($url, "?") === false) {
$url = $url . "?" . $str_para;
} else {
$url = $url . "&" . $str_para;
}
$container->get("logger")->err($url);
return Rest::getByURL($url);
} else {
$method = "POST";
if (strpos($url, "?") === false) {
$url = $url . "?" . $str_para;
} else {
$url = $url . "&" . $str_para;
}
$str_para = "";
}
$container->get("logger")->err($url);
//,CURLOPT_COOKIE
$http_data = Utils::do_post_request_cookie($url, null, $optional_headers, $_COOKIE, $method);
/*
$params = array('http' => array('timeout'=>3,'method' => $method,'content' => $str_para));
$ctx = stream_context_create($params);
$fp = @fopen($url, 'r', false, $ctx);
if (!$fp)
{
throw new \Exception("接口地址出错,请检查您的接口地址(".$url.")");
}
//获取数据
$http_data = @stream_get_contents($fp);
if ($http_data === false)
{
throw new \Exception("访问的接口地址(".$url.")服务器出错!");
}*/
return $http_data;
} else {
throw new \Exception("接口地址为空,请检查!");
}
}
public function bindAction($openid, $appid)
{
$da = $this->get("we_data_access");
$request = $this->get("request");
//$authcode = $request->get("auth");
/*
$bind_type= $request->get("bind_type");
$modules=SsoModules::$modules;
$isbindtype=false;
$classname='';
for($i=0;$i<count($modules);$i++){
if($modules[$i]['bind_type']==$bind_type){
$isbindtype=true;
$classname=$modules[$i]['module_code'];
}
}
if(!$isbindtype){
return $this->responseJson(array("returncode"=>"9999","msg"=>'bind_type无效'),$request->get('jsoncallback'));
}*/
$app = new \Justsy\BaseBundle\Management\App($this->container);
$appinfo = $app->getappinfo(array("appid" => $appid));
if (empty($appinfo)) {
$resp = new Response("invalid appid");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$classname = ucfirst($appinfo["authtype"]) . "Controller";
$encrypt = $request->get("encrypt");
if (empty($classname) || $classname == "null") {
//$classname = "SsoWefafaController";
//$resp = new Response($request->get('jsoncallback') ? $request->get('jsoncallback')."(".json_encode($row).");" : json_encode($row));
$resp = new Response("invalid ssomodule");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$classname = "\\Justsy\\OpenAPIBundle\\Controller\\Sso" . $classname;
try {
return call_user_func(array($classname, 'bindAction'), $this, $this->get("we_data_access"), $appid, $openid, $request);
//$resp = new Response($request->get('jsoncallback') ? $request->get('jsoncallback')."(".json_encode($re).");" : json_encode($re));
//$resp->headers->set('Content-Type', 'text/json');
//return $resp;
} catch (\Exception $e) {
$resp = new Response("invalid ssomodule");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//$bx_data=$request->get("data")
}
public function tencentexmailloginAction()
{
$request = $this->getRequest();
$param = $request->get("params");
if (empty($param)) {
$param = array();
} else {
if (is_string($param)) {
$param = json_decode($param, true);
}
}
if (!isset($param["appid"])) {
$param["appid"] = $request->get("appid");
}
$openid = $request->get("openid");
$staffObj = new \Justsy\BaseBundle\Management\Staff($this->get('we_data_access'), $this->get('we_data_access_im'), $openid, $this->get("logger"));
$user = $staffObj->getSessionUser();
$appid = $param["appid"];
//$openid = $user->openid;
//$ldap_uid = $user->ldap_uid;
//判断是否绑定
$app = new \Justsy\BaseBundle\Management\App($this->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$agent = $appdata["clientid"];
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
//$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $this->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "OAuth2"));
}
$ldap_uid = $bindinfo["bind_uid"];
$cacheKey = md5($appid . $openid);
$data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->container);
if (empty($data)) {
$this->get("logger")->err("{$appid}.{$openid}");
$resp = new Response("太长时间未操作,请重新进入应用");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$data = json_decode($data, true);
$acctoken = $data["access_token"];
//$this->get("logger")->err($acctoken);
//获取authkey
$url = "http://openapi.exmail.qq.com:12211/openapi/mail/authkey";
$authkey = Utils::do_post_request($url, "alias=" . $ldap_uid . "&access_token=" . $acctoken);
//$this->get("logger")->err($url."?"."alias=".$ldap_uid."&access_token=".$acctoken);
//$this->get("logger")->err($authkey);
if (empty($authkey)) {
$resp = new Response("腾讯企业邮箱登录失败");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = json_decode($authkey, true);
if (!isset($authkey["auth_key"])) {
if ($authkey["error"] == "invalid_token") {
Cache_Enterprise::delete(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->container);
$resp = new Response("腾讯企业邮箱登录失败:<br>token无效或已经过期,请稍后重试!");
} else {
$resp = new Response("腾讯企业邮箱登录失败:<br>" . json_encode($authkey));
}
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = $authkey["auth_key"];
$login_url = "https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=" . $agent . "&user="******"&ticket=" . $authkey;
//$this->get("logger")->err($login_url);
return Utils::http_redirect($login_url);
}
