public static function ssoAction($controller, $conn, $appid, $openid, $token, $encrypt) { //重新授权 $app = new \Justsy\BaseBundle\Management\App($controller->container); $appdata = $app->getappinfo(array("appid" => $appid)); if (empty($appdata)) { $resp = new Response("无效的APPID"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $agent = $appdata["clientid"]; if (empty($agent)) { $resp = new Response("未正确配置认证信息的appkey项"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } //判断是否绑定 $bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid)); if (empty($bindinfo)) { //$controller->get("logger")->err("================not bind"); //重定向到绑定页面 return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => self::$bind_type . "Controller")); } $ldap_uid = $bindinfo["bind_uid"]; $cacheKey = md5($appid . $openid); $data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->containerObj); $acctoken = $data["access_token"]; //获取authkey $url = "http://openapi.exmail.qq.com:12211/openapi/mail/authkey"; $authkey = Utils::do_post_request($url, "alias=" . $ldap_uid . "&access_token=" . $acctoken); if (empty($authkey)) { $resp = new Response("腾讯企业邮箱登录失败"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $authkey = json_decode($authkey, true); if (!isset($authkey)) { $resp = new Response("腾讯企业邮箱登录失败:<br>" . json_encode($authkey)); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $authkey = $authkey["auth_key"]; $login_url = "https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=" . $agent . "&user="******"&ticket=" . $authkey; return Utils::http_redirect($login_url); }
public static function bindBatAction($controller, $con, $appid, $eno, $encrypt, $params) { $re = array('s' => '1', 'm' => ''); try { $openids = $params->get("openids"); if ($openids == 'all') { $sql = "select openid from we_staff where eno=? and auth_level!='J'"; $param = array($eno); $ds = $con->getdata('info', $sql, $param); $rows = $ds['info']['rows']; foreach ($rows as $row) { $openidArr[] = $row['openid']; } } else { $openidArr = explode(',', $openids); } $sql = "select appkey from we_appcenter_apps where appid=?"; $ds = $con->GetData("t", $sql, array((string) $appid)); $appkey = ''; if (count($ds["t"]["rows"]) > 0) { $appkey = $ds["t"]["rows"][0]["appkey"]; } $sqls = []; $paras = []; for ($i = 0; $i < count($openidArr); $i++) { $sql = "select mobile,nick_name,birthday,sex_id,login_account from we_staff where openid=?"; $params = array($openidArr[$i]); $ds = $con->getdata('info', $sql, $params); if ($ds['info']['recordcount'] > 0) { $pam_account = array(); $pam_account['login_name'] = $ds['info']['rows'][0]['login_account']; $pam_account['login_password'] = '******'; $pam_account['psw_confirm'] = '123456'; $auth = array('userid' => $pam_account['login_name'], 'passwd' => $pam_account['login_password']); $auth = json_encode($auth); //$auth=DES::encrypt2($auth,'_sddb74+'); $auth = DES::encrypt2($auth, $appkey); $pam_account = json_encode($pam_account); $pam_account = DES::encrypt2($pam_account, 'ecstore'); $addr = ""; $name = $ds['info']['rows'][0]['nick_name']; $phone = $ds['info']['rows'][0]['phone']; $qq = ""; $zipcode = ""; $birthday = $ds['info']['rows'][0]['birthday']; $gender = $ds['info']['rows'][0]['sex_id'] == '女' ? 'female' : 'male'; $data = "pam_account={$pam_account}&addr={$addr}&name={$name}&phone={$phone}&qq={$qq}&zipcode={$zipcode}&birthday={$birthday}&gender={$gender}"; $result = Utils::do_post_request(self::$bind_url . "&" . $data); $result = json_decode($result, true); if ($result['rsp'] != 'fail') { $sql = "delete from we_staff_account_bind where bind_account=? and bind_type=? and appid=?"; $params = array($openidArr[$i], self::$bind_type, $appid); array_push($sqls, $sql); array_push($paras, $params); $sql = "insert into we_staff_account_bind(bind_account,appid,bind_uid,authkey,bind_type,bind_created)values(?,?,?,?,?,now())"; $params = array($openidArr[$i], (string) $appid, $ds['info']['rows'][0]['login_account'], (string) $auth, self::$bind_type); array_push($sqls, $sql); array_push($paras, $params); } } } if (count($sqls) > 0) { if (!$con->ExecSQLs($sqls, $paras)) { $re = array('s' => '0', 'm' => '操作失败'); } } } catch (\Exception $e) { $re = array('s' => '0', 'm' => $e->getMessage()); } return $re; }
public function removeRemindTaskAction() { //判断请求域。是wefafa或子域则不验证授权令牌 $isWeFaFaDomain = $this->checkWWWDomain(); $res = $this->get("request"); $da = $this->get("we_data_access"); if (!$isWeFaFaDomain) { $token = $this->checkAccessToken($res, $da); if (!$token) { $response = new Response("{\"returncode\" : \"9999\",\"code\":\"err1015\",\"msg\":\"参数Appid或Openid或Access_token未指定或无效.\"}"); $response->headers->set('Content-Type', 'text/html'); return $response; } } $busid = trim($res->get("ID")); $regUrl = $this->container->getParameter("FAFA_REG_JID_URL"); $regUrlOrg = $regUrl . "/service.yaws"; $data = "removeRemind=1&busid={$busid}"; //$this->get("logger")->alert("SEND API URL:$regUrlOrg?$data"); $re = Utils::do_post_request($regUrlOrg, $data); //$this->get("logger")->alert("SEND API Result:$re"); $response = new Response("{\"returncode\" : \"0000\"}"); $response->headers->set('Content-Type', 'text/html'); }
public function weibocallbackAction() { $request = $this->get("request"); $o = new SaeTOAuthV2(Utils::$WB_AKEY, Utils::$WB_SKEY); $login_type = $request->get('_wefafa_t'); $code_url = $o->getAuthorizeURL("http://we.fafatime.com/api/weibo/callback?_wefafa_t=" . $login_type); $keys = array(); $keys['code'] = $request->get('code'); $keys['redirect_uri'] = "http://we.fafatime.com"; try { $token = $o->getAccessToken('code', $keys); $c = new SaeTClientV2(Utils::$WB_AKEY, Utils::$WB_SKEY, $token["access_token"]); $info = $c->show_user_by_id($token["uid"]); if (!empty($info["error"])) { $this->get("logger")->err(json_encode($info)); } $province = Utils::do_post_request("http://api.t.sina.com.cn/provinces.json", ""); //查询当前用户的已获取粉丝列表 //$mgr = new SinaWeiboMgr($this->get('we_data_access'),$token["uid"],$token["access_token"]); //$myfans = $mgr->getlist(); //$wangbin_fans = $c->followers_by_id("2793358674"); $accountbind = new \Justsy\BaseBundle\Management\StaffAccountBind($this->get('we_data_access'), null, $this->get('logger')); $bind = $accountbind->GetBind_By_Uid($login_type, $token["uid"], empty($info["error"]) ? $info : null); //判断是否绑定帐号,没有则跳转到绑定页面,已绑定则获取对应wefafa帐号自动登录 $_SESSION["uid"] = $token["uid"]; //$_SESSION["weibo_account"]= $info["uid"]; $_SESSION["token"] = $token["access_token"]; return $this->render('JustsyBaseBundle:Login:weibo_auth.html.twig', array('code' => $keys['code'], 'token' => $token["access_token"], "uid" => $token["uid"], "info" => $info, "code_url" => $code_url, "province" => $province, "isbind" => empty($bind) ? "0" : "1", "error" => empty($info["error"]) ? "" : "帐号异常,无法调用微博API!", "error_msg" => empty($info["error"]) ? "" : $info["error"])); } catch (\Exception $e) { $this->get("logger")->err($e); } return $this->render('JustsyBaseBundle:Login:default.html.twig', array('code_url' => $code_url)); }
public static function registerToPlatform($container, $type, $uid, $openid, $nickName) { $defaultPostURl = "http://10.100.20.27/CallCenter/ESB_InvokeService.ashx"; $cacheobj = new Enterprise(null, $container->get("logger"), $container); // $authConfig = $cacheobj->getUserAuth(); $httpUrlConfig = $authConfig["ssoauthurl"]; if (empty($httpUrlConfig)) { $httpUrlConfig = $defaultPostURl; $eno = "100001"; } else { $ldapConfgiObject = json_decode($httpUrlConfig, true); $eno = $ldapConfgiObject["ENO"]; $httpUrlConfig = $ldapConfgiObject["URL"]; } try { $data = array(); $data["providerLoginKey"] = $uid; $data["loginProviderName"] = $type; $data["nickName"] = $nickName; $data["openid"] = $openid; $data["isNeedSyn"] = false; $para = "ServiceName=WXSC_Account&MethodName=POST:JSON:loginWithRegisterExternal&Message=" . json_encode($data) . "&Version=1"; $container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para); $postresult = Utils::do_post_request($httpUrlConfig, $para); $container->get("logger")->err("SOA Result:" . $postresult); $resultObject = json_decode($postresult, true); return $resultObject; } catch (\Exception $e) { $container->get("logger")->err("SOA ERROR:" . $e); } }
public static function rest($controller, $user, $re, $parameters, $need_params) { $api_parameter = ""; $appid = $parameters["appid"]; $openid = $user->openid; $cacheKey = md5($appid . $openid); $data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $controller); if ($data == null) { throw new \Exception("token 已过期,请重新获取"); } if (isset($data["expires_in"]) && (int) $data["expires_in"] < time()) { throw new \Exception("token 已过期,请重新获取"); } $access_token = json_decode($data, true); $str_para = array(); if (!empty($parameters)) { //将参数数组转化为字符串 if (is_array($parameters) && !empty($need_params)) { for ($i = 0; $i < count($need_params); $i++) { $pname = $need_params[$i]["paramname"]; if (!empty($access_token) && isset($access_token[$pname])) { //先从授权结果中匹配 $val = $access_token[$key]; } else { $val = isset($parameters[$pname]) ? $parameters[$pname] : $need_params[$i]["paramvalue"]; } $str_para[$pname] = $val; } } } $restUrl = $re["inf_url"]; if (strpos($restUrl, "?") === false) { $restUrl = $restUrl . "?" . http_build_query($str_para); } else { $restUrl = $restUrl . "&" . http_build_query($str_para); } $controller->get("logger")->err("===============restUrl:" . $restUrl); $re = Utils::do_post_request($restUrl, null, null); return $re; }
public function createUser($container, $attributes) { $createUserRest = $container->getParameter('staff_sync_url'); $defaultPostURl = "https://sso.avicmall.com:8443"; $appcodeConfig = "fafa-app"; $appkeyConfig = "DKGHwqJ5H91noPYNYm9b8EUPQSY"; $cacheobj = new Enterprise(null, $container->get("logger"), $container); // $authConfig = $cacheobj->getUserAuth(); $httpUrlConfig = $authConfig["ssoauthurl"]; if (empty($httpUrlConfig)) { $httpUrlConfig = $defaultPostURl; $eno = "100001"; } else { $ldapConfgiObject = json_decode($httpUrlConfig, true); $eno = $ldapConfgiObject["ENO"]; $httpUrlConfig = $ldapConfgiObject["URL"]; $appcodeConfig = $ldapConfgiObject["AppCode"]; $appkeyConfig = $ldapConfgiObject["AppKey"]; } $reqHeader = SsoAvicAuth::getHeaders($appcodeConfig, $appkeyConfig); $data = array(); $data["name"] = ""; $data["attributes"] = array(array("name" => "mobile", "value" => $attributes["mobile"]), array("name" => "smart-securemobile", "value" => $attributes["mobile"]), array("name" => "userpassword", "value" => $attributes["password"]), array("name" => "smart-type", "value" => "2"), array("name" => "cn", "value" => $attributes["nick_name"])); $para = json_encode($data); $container->get("logger")->err("SOA URL:" . $createUserRest . "?" . $para); $postresult = Utils::do_post_request($createUserRest, $para, $reqHeader, $container->get("logger")); $container->get("logger")->err("SOA Result:" . $postresult); $resultObject = json_decode($postresult, true); if (!$resultObject["status"] || $resultObject["status"] == "false") { throw new \Exception($resultObject["message"]); } $resultObject["ldap_uid"] = $resultObject["key"]; $resultObject["deptid"] = "100054"; //默认部门 return $resultObject; }
public function tencentexmailloginAction() { $request = $this->getRequest(); $param = $request->get("params"); if (empty($param)) { $param = array(); } else { if (is_string($param)) { $param = json_decode($param, true); } } if (!isset($param["appid"])) { $param["appid"] = $request->get("appid"); } $openid = $request->get("openid"); $staffObj = new \Justsy\BaseBundle\Management\Staff($this->get('we_data_access'), $this->get('we_data_access_im'), $openid, $this->get("logger")); $user = $staffObj->getSessionUser(); $appid = $param["appid"]; //$openid = $user->openid; //$ldap_uid = $user->ldap_uid; //判断是否绑定 $app = new \Justsy\BaseBundle\Management\App($this->container); $appdata = $app->getappinfo(array("appid" => $appid)); if (empty($appdata)) { $resp = new Response("无效的APPID"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $agent = $appdata["clientid"]; //判断是否绑定 $bindinfo = $app->getappbind(array("appid" => $appid, "openid" => $openid)); if (empty($bindinfo)) { //$controller->get("logger")->err("================not bind"); //重定向到绑定页面 return $this->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'ssomodule' => "OAuth2")); } $ldap_uid = $bindinfo["bind_uid"]; $cacheKey = md5($appid . $openid); $data = Cache_Enterprise::get(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->container); if (empty($data)) { $this->get("logger")->err("{$appid}.{$openid}"); $resp = new Response("太长时间未操作,请重新进入应用"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $data = json_decode($data, true); $acctoken = $data["access_token"]; //$this->get("logger")->err($acctoken); //获取authkey $url = "http://openapi.exmail.qq.com:12211/openapi/mail/authkey"; $authkey = Utils::do_post_request($url, "alias=" . $ldap_uid . "&access_token=" . $acctoken); //$this->get("logger")->err($url."?"."alias=".$ldap_uid."&access_token=".$acctoken); //$this->get("logger")->err($authkey); if (empty($authkey)) { $resp = new Response("腾讯企业邮箱登录失败"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $authkey = json_decode($authkey, true); if (!isset($authkey["auth_key"])) { if ($authkey["error"] == "invalid_token") { Cache_Enterprise::delete(Cache_Enterprise::$EN_OAUTH2, $cacheKey, $this->container); $resp = new Response("腾讯企业邮箱登录失败:<br>token无效或已经过期,请稍后重试!"); } else { $resp = new Response("腾讯企业邮箱登录失败:<br>" . json_encode($authkey)); } $resp->headers->set('Content-Type', 'text/html'); return $resp; } $authkey = $authkey["auth_key"]; $login_url = "https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=" . $agent . "&user="******"&ticket=" . $authkey; //$this->get("logger")->err($login_url); return Utils::http_redirect($login_url); }