public static function ssoAction($controller, $conn, $appid, $openid, $token, $encrypt)
{
//重新授权
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
if (empty($appdata)) {
$resp = new Response("无效的APPID");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$auth_url = $appdata["authorization_url"];
if (empty($auth_url)) {
$resp = new Response("无效的配置:授权地址无效");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//判断是否绑定
$bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid));
if (empty($bindinfo)) {
$controller->get("logger")->err("================not bind");
//重定向到绑定页面
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => self::$bind_type . "Controller"));
} else {
/*
$syspara = new \Justsy\BaseBundle\DataAccess\SysParam($controller->container);
$sysappid = $syspara->GetSysParam("sso_".strtolower(self::$bind_type)."_appid");
if(empty($sysappid))
{
$resp = new Response("未配置集成登录业务系统或参数".strtolower(self::$bind_type)."_appid");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}*/
$sysinfo = $appdata;
//$app->getbussysteminfo(array("appid"=>$sysappid));
$wwwUrl = $sysinfo["inf_url"];
$loginUrl = $sysinfo["authorization_url"];
if (empty($wwwUrl)) {
$resp = new Response("未正确配置业务系统,请检查服务地址");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
//获取seesionid
$cookie_key = self::$bind_type . "_" . $openid;
$getsessionUrl = $wwwUrl . "index.php?m=api&f=getSessionID&t=json";
$controller->get("logger")->err("getsessionUrl:" . $getsessionUrl);
$sessionre = Utils::do_get_request_cookie($getsessionUrl, null, null, $cookie_key);
$controller->get("logger")->err("session data:" . $sessionre);
$sessionre = json_decode($sessionre, true);
if ($sessionre["status"] != "success") {
$resp = new Response("获取seesion失败");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$sessionre = json_decode($sessionre["data"], true);
$sid = $sessionre["sessionID"];
//用户身份认证
$controller->get("logger")->err("================loginUrl:" . $loginUrl . "&sid=" . $sid . "&account=" . $bindinfo["bind_uid"] . "&password="******"authkey"]);
$authResult = Utils::do_post_request_cookie($loginUrl . "&sid=" . $sid . "&account=" . $bindinfo["bind_uid"] . "&password="******"authkey"], null, null, $cookie_key);
$retuenAry = array("session" => array("access_token" => $sid), "appid" => $appid, "openid" => $openid);
$controller->get("logger")->err("pms login result:" . $authResult);
//认证失败时要求重新绑定
$authResult = json_decode($authResult, true);
if (!isset($authResult["status"]) || $authResult["status"] != "success") {
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "PmsController"));
}
$app->setappsession($retuenAry);
//$re = Utils::do_post_request_cookie($wwwUrl."?m=my&f=index&t=json",null,null,$cookie_key);
//$controller->get("logger")->err("my-todo result:".$re);
}
$result = array("returncode" => "0000", "data" => $authResult);
return self::responseJson(json_encode($result));
}
public static function tokenAction($container, $con, $appid, $code, $encrypt)
{
$app = new \Justsy\BaseBundle\Management\App($container->container);
$stat_v = explode(",", $appid);
$appid = $stat_v[0];
$openid = $stat_v[1];
$isLogin = null;
if (strpos($appid, "SSO_") !== false) {
$isLogin = $appid;
//新浪微博集成登录
//获取微博对应的业务系统认证配置
$syspara = new \Justsy\BaseBundle\DataAccess\SysParam($container);
$appid = $syspara->GetSysParam(strtolower($appid) . "_appid");
if (empty($appid)) {
$resp = new Response("未配置微博业务系统或参数sso_sina_appid");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$appdata = $app->getbussysteminfo(array("appid" => $appid));
$appid = $isLogin;
//把appid还原成sso集成登录标识
} else {
if (strpos($appid, "SYS_") !== false) {
//业务系统直接对接
$appdata = $app->getbussysteminfo(array("appid" => substr($appid, 4)));
} else {
$appdata = $app->getappinfo(array("appid" => $appid));
}
}
if (empty($appdata)) {
return "无效的APPID";
}
$token_url = $appdata["token_url"];
if (empty($token_url)) {
return "无效的配置:令牌获取地址无效";
}
$token_method = $appdata["token_method"];
$token_method = empty($token_method) ? "POST" : $token_method;
$auth_url = $token_url;
$para_name = $appdata["redirecturl_para_name"];
if (empty($para_name)) {
$para_name = "redirect_uri";
}
$paraString = "";
if (empty($code)) {
$paraString .= "grant_type=client_credentials&" . $para_name . "=" . $appdata["redirection_url"];
} else {
$paraString .= "grant_type=authorization_code&" . $para_name . "=" . $appdata["redirection_url"];
}
$para_name = $appdata["clientid_para_name"];
if (empty($para_name)) {
$para_name = "client_id";
}
$paraString .= "&" . $para_name . "=" . $appdata["clientid"];
$para_name = $appdata["clientkey_para_name"];
if (empty($para_name)) {
$para_name = "client_secret";
}
$paraString .= "&" . $para_name . "=" . $appdata["clientkey"];
$paraString .= "&code=" . $code;
$paraString .= "&state=" . $appid . "," . $openid;
$container->get("logger")->err($auth_url . " -- " . $paraString);
if (strtoupper($token_method) == "POST") {
$token = Utils::do_post_request($auth_url, $paraString);
} else {
$token = Utils::do_post_request($auth_url . "?" . $paraString, null);
}
$container->get("logger")->err("token value:" . $token);
$retuenAry = array();
if (substr($token, 0, 1) == "{") {
$retuenAry = json_decode($token, true);
} else {
$rv = explode("&", $token);
for ($i = 0; $i < count($rv); $i++) {
$rv_i = explode("=", $rv[$i]);
$retuenAry[$rv_i[0]] = preg_replace("/'/is", "", $rv_i[1]);
}
}
$result = array("returncode" => "0000", "data" => null);
$para_name = $appdata["token_para_name"];
if (empty($para_name)) {
$para_name = "access_token";
}
if (isset($retuenAry[$para_name])) {
$retuenAry[$appdata["clientid_para_name"]] = $appdata["clientid"];
$retuenAry[$appdata["clientkey_para_name"]] = $appdata["clientkey"];
$result["returncode"] = "0000";
$retuenAry[$appdata["token_para_name"]] = $retuenAry[$para_name];
$app->setappsession(array("session" => $retuenAry, "openid" => $openid, "appid" => $appid));
} else {
$result["returncode"] = "9999";
}
$result["data"] = $retuenAry;
if (!empty($isLogin)) {
if (strpos($isLogin, "SSO_") !== false) {
if ($isLogin == "SSO_SINA") {
$uid = $retuenAry["uid"];
} else {
if ($isLogin == "SSO_WECHAT") {
$uid = $retuenAry["openid"];
}
}
//判断并注册用户
$staffobj = new \Justsy\BaseBundle\Management\Staff($container->get("we_data_access"), $container->get("we_data_access_im"), $uid, null, $container->container);
$re = $staffobj->createstaff(array("password" => rand(100000, 999999), "eno" => Utils::$PUBLIC_ENO, "nick_name" => $uid, "ldap_uid" => $uid, "account" => ""));
$re["data"]["des"] = DES::decrypt($re["data"]["t_code"]);
}
return self::responseLoginJson(json_encode($re));
} else {
if (strpos($appid, "SYS_") !== false) {
return self::responseJsonStr(json_encode($result));
} else {
return self::responseJson(json_encode($result));
}
}
}
