public static function ssoAction($controller, $conn, $appid, $openid, $token, $encrypt)
{
//重新授权
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$auth_url = $appdata["authorization_url"];
if (empty($auth_url)) {
$resp = new Response("无效的配置:授权地址无效");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "K3Controller"));
} else {
$loginUrl = $appdata["authorization_url"];
$controller->get("logger")->err("================loginUrl:" . $loginUrl);
//用户身份认证
$cookie_key = "k3_" . $openid;
$authResult = Utils::do_get_request_cookie($loginUrl, "provider=credentials&UserName="******"bind_uid"] . "&Password="******"authkey"] . "&PasswordIsEncrypted=false&RememberMe=false", null, $cookie_key);
//$container->get("logger")->err("k3 login result:".$authResult);
//认证失败时要求重新绑定
$authResult = json_decode($authResult, true);
if (!isset($authResult["Result"]) || !$authResult["Result"]["ResponseStatus"]["IsSuccess"]) {
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "K3Controller"));
}
}
$result = array("returncode" => "0000", "data" => $authResult);
return self::responseJson(json_encode($result));
}
public static function rest($controller, $user, $re, $parameters, $need_params)
{
$appid = $parameters["appid"];
$openid = $user->openid;
$cookie_key = self::$bind_type . "_" . $openid;
$restUrl = $re["inf_url"];
$str_para = array();
$app = new \Justsy\BaseBundle\Management\App($controller);
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (!empty($parameters)) {
//将参数数组转化为字符串
if (is_array($parameters) && !empty($need_params)) {
$parameters["uid"] = $bindinfo["bind_uid"];
for ($i = 0; $i < count($need_params); $i++) {
$pname = $need_params[$i]["paramname"];
$val = isset($parameters[$pname]) ? $parameters[$pname] : $need_params[$i]["paramvalue"];
$str_para[$pname] = $val;
}
}
}
if (strpos($restUrl, "?") === false) {
$restUrl = $restUrl . "?" . http_build_query($str_para);
} else {
$restUrl = $restUrl . "&" . http_build_query($str_para);
}
$controller->get("logger")->err("===============restUrl:" . $restUrl);
$re = Utils::do_post_request_cookie($restUrl, null, null, $cookie_key);
//session过期时自动登录
/*$sessionActive = true;
if(!$sessionActive)
{
$appinfo = $app->getappinfo(array("appid"=>$appid));
$loginUrl = $appdata["authorization_url"];
//登录
$authResult = Utils::do_get_request_cookie($loginUrl."&".http_build_query(array("uid"=>$bindinfo["bind_uid"],"upwd"=>md5(DES::decrypt($bindinfo["authkey"])))),
null,
null,
$cookie_key);
//重新提交
$re = Utils::do_post_request_cookie($restUrl."&".http_build_query($str_para),null,null,$cookie_key);
}*/
return $re;
}
public static function ssoAction($controller, $conn, $appid, $openid, $token, $encrypt)
{
//重新授权
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$auth_url = $appdata["authorization_url"];
if (empty($auth_url)) {
$resp = new Response("无效的配置:授权地址无效");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => self::$bind_type . "Controller"));
} else {
/*
$syspara = new \Justsy\BaseBundle\DataAccess\SysParam($controller->container);
$sysappid = $syspara->GetSysParam("sso_".strtolower(self::$bind_type)."_appid");
if(empty($sysappid))
{
$resp = new Response("未配置集成登录业务系统或参数".strtolower(self::$bind_type)."_appid");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}*/
$sysinfo = $appdata;
//$app->getbussysteminfo(array("appid"=>$sysappid));
$wwwUrl = $sysinfo["inf_url"];
$loginUrl = $sysinfo["authorization_url"];
if (empty($wwwUrl)) {
$resp = new Response("未正确配置业务系统,请检查服务地址");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//获取seesionid
$cookie_key = self::$bind_type . "_" . $openid;
$getsessionUrl = $wwwUrl . "index.php?m=api&f=getSessionID&t=json";
$controller->get("logger")->err("getsessionUrl:" . $getsessionUrl);
$sessionre = Utils::do_get_request_cookie($getsessionUrl, null, null, $cookie_key);
$controller->get("logger")->err("session data:" . $sessionre);
$sessionre = json_decode($sessionre, true);
if ($sessionre["status"] != "success") {
$resp = new Response("获取seesion失败");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$sessionre = json_decode($sessionre["data"], true);
$sid = $sessionre["sessionID"];
//用户身份认证
$controller->get("logger")->err("================loginUrl:" . $loginUrl . "&sid=" . $sid . "&account=" . $bindinfo["bind_uid"] . "&password="******"authkey"]);
$authResult = Utils::do_post_request_cookie($loginUrl . "&sid=" . $sid . "&account=" . $bindinfo["bind_uid"] . "&password="******"authkey"], null, null, $cookie_key);
$retuenAry = array("session" => array("access_token" => $sid), "appid" => $appid, "openid" => $openid);
$controller->get("logger")->err("pms login result:" . $authResult);
//认证失败时要求重新绑定
$authResult = json_decode($authResult, true);
if (!isset($authResult["status"]) || $authResult["status"] != "success") {
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "PmsController"));
}
$app->setappsession($retuenAry);
//$re = Utils::do_post_request_cookie($wwwUrl."?m=my&f=index&t=json",null,null,$cookie_key);
//$controller->get("logger")->err("my-todo result:".$re);
}
$result = array("returncode" => "0000", "data" => $authResult);
return self::responseJson(json_encode($result));
}
public function tencentexmailloginAction()
{
$request = $this->getRequest();
$param = $request->get("params");
if (empty($param)) {
$param = array();
} else {
if (is_string($param)) {
$param = json_decode($param, true);
}
}
if (!isset($param["appid"])) {
$param["appid"] = $request->get("appid");
}
$openid = $request->get("openid");
$staffObj = new \Justsy\BaseBundle\Management\Staff($this->get('we_data_access'), $this->get('we_data_access_im'), $openid, $this->get("logger"));
$user = $staffObj->getSessionUser();
$appid = $param["appid"];
//$openid = $user->openid;
//$ldap_uid = $user->ldap_uid;
//判断是否绑定
$app = new \Justsy\BaseBundle\Management\App($this->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$agent = $appdata["clientid"];
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
//$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $this->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "OAuth2"));
}
$ldap_uid = $bindinfo["bind_uid"];
$cacheKey = md5($appid . $openid);
$data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->container);
if (empty($data)) {
$this->get("logger")->err("{$appid}.{$openid}");
$resp = new Response("太长时间未操作,请重新进入应用");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$data = json_decode($data, true);
$acctoken = $data["access_token"];
//$this->get("logger")->err($acctoken);
//获取authkey
$url = "http://openapi.exmail.qq.com:12211/openapi/mail/authkey";
$authkey = Utils::do_post_request($url, "alias=" . $ldap_uid . "&access_token=" . $acctoken);
//$this->get("logger")->err($url."?"."alias=".$ldap_uid."&access_token=".$acctoken);
//$this->get("logger")->err($authkey);
if (empty($authkey)) {
$resp = new Response("腾讯企业邮箱登录失败");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = json_decode($authkey, true);
if (!isset($authkey["auth_key"])) {
if ($authkey["error"] == "invalid_token") {
Cache_Enterprise::delete(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->container);
$resp = new Response("腾讯企业邮箱登录失败:<br>token无效或已经过期,请稍后重试!");
} else {
$resp = new Response("腾讯企业邮箱登录失败:<br>" . json_encode($authkey));
}
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$authkey = $authkey["auth_key"];
$login_url = "https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=" . $agent . "&user="******"&ticket=" . $authkey;
//$this->get("logger")->err($login_url);
return Utils::http_redirect($login_url);
}
