diff --git a/composer.json b/composer.json index 75ae005..643cfa7 100644 --- a/composer.json +++ b/composer.json @@ -42,7 +42,8 @@ "XinXiHua\\SDK\\XXHServiceProvider" ], "aliases": { - "XXH": "XinXiHua\\SDK\\Facades\\XXH" + "XXH": "XinXiHua\\SDK\\Facades\\XXH", + "OAuth": "XinXiHua\\SDK\\Facades\\OAuth" } } } diff --git a/config/xxh-sdk.php b/config/xxh-sdk.php index 2e4e7ad..74f8a22 100644 --- a/config/xxh-sdk.php +++ b/config/xxh-sdk.php @@ -108,9 +108,11 @@ 'agent' => [ 'agent_id' => env('AUTH_AGENT_ID', ''), - 'platform_url' => env('AUTH_PALTFORM_URL', 'https://oa.xinxihua.com'), + 'platform_url' => env('AUTH_PLATFORM_URL', 'https://oa.xinxihua.com'), 'gateway_url' => env('AUTH_GATEWAY_URL', 'https://oa.xinxihua.com/sso-login'), + 'oauth_url' => env('AUTH_OAUTH_URL', 'https://oa.xinxihua.com/oauth2/wechat/authorize/redirect'), 'corp_user_api' => 'auth_user', + 'corp_oauth_user_api' => 'oauth_user', 'corp_token_api' => 'corp_tokens', 'corp_info' => 'auth_corp', 'token' => env('AUTH_TOKEN', ''), diff --git a/src/XinXiHua/SDK/Auth/OauthManager.php b/src/XinXiHua/SDK/Auth/OauthManager.php new file mode 100644 index 0000000..dbbf62d --- /dev/null +++ b/src/XinXiHua/SDK/Auth/OauthManager.php @@ -0,0 +1,84 @@ +session = $app->make(Session::class); + } + + /** + * @return bool + */ + public function check() + { + return !is_null($this->oauth()); + } + + /** + * @return OauthUser|null + */ + public function oauth() + { + + if (!is_null($this->oauth)) { + return $this->oauth; + } + + if ($this->session->isStarted()) { + $oauth = json_decode($this->session->get($this->getName()), true); + $this->setOauth($oauth); + } + + return $this->oauth; + } + + public function id() + { + return $this->oauth() ? $this->oauth->oauthId : null; + } + + protected function getName() + { + return 'login_oauth_' . sha1(static::class); + } + + public function setOauth($oauth) + { + $oauthUser = new OauthUser(); + $oauthUser->oauthId = $oauth['open_id']; + $oauthUser->oauthType = $oauth['oauth_type'] ?? 'wechat'; + $this->oauth = $oauthUser; + } + + public function login($oauth) + { + $this->session->put($this->getName(), json_encode($oauth, JSON_UNESCAPED_UNICODE)); + $this->setOauth($oauth); + return $this->oauth; + + } +} \ No newline at end of file diff --git a/src/XinXiHua/SDK/Facades/OAuth.php b/src/XinXiHua/SDK/Facades/OAuth.php new file mode 100644 index 0000000..d2d8de1 --- /dev/null +++ b/src/XinXiHua/SDK/Facades/OAuth.php @@ -0,0 +1,34 @@ +name('login'); - Route::post('logout', '\XinXiHua\SDK\Http\Controllers\LoginController@logout')->name('logout'); - Route::get('callback', '\XinXiHua\SDK\Http\Controllers\LoginController@callback')->name('callback'); - Route::get('admin/login', '\XinXiHua\SDK\Http\Controllers\Admin\LoginController@login')->name('admin.login'); - Route::post('admin/logout', '\XinXiHua\SDK\Http\Controllers\Admin\LoginController@logout')->name('admin.logout'); - Route::get('admin/callback', '\XinXiHua\SDK\Http\Controllers\Admin\LoginController@callback')->name('admin.callback'); - Route::any('serve', '\XinXiHua\SDK\Http\Controllers\ServeController@serve')->name('serve'); - + self::homeRoutes(); + self::adminRoutes(); } /** @@ -74,6 +68,7 @@ public static function homeRoutes() Route::post('logout', '\XinXiHua\SDK\Http\Controllers\LoginController@logout')->name('logout'); Route::get('callback', '\XinXiHua\SDK\Http\Controllers\LoginController@callback')->name('callback'); Route::any('serve', '\XinXiHua\SDK\Http\Controllers\ServeController@serve')->name('serve'); + Route::get('oauth', '\XinXiHua\SDK\Http\Controllers\LoginController@oauth')->name('oauth'); } diff --git a/src/XinXiHua/SDK/Http/Controllers/LoginController.php b/src/XinXiHua/SDK/Http/Controllers/LoginController.php index 55fb39f..12f7a6d 100644 --- a/src/XinXiHua/SDK/Http/Controllers/LoginController.php +++ b/src/XinXiHua/SDK/Http/Controllers/LoginController.php @@ -15,6 +15,7 @@ use Illuminate\Support\Facades\Artisan; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Log; +use XinXiHua\SDK\Facades\OAuth; use XinXiHua\SDK\Facades\XXH; use XinXiHua\SDK\Services\AuthService as Service; @@ -97,7 +98,6 @@ public function login(Request $request) return redirect($gatewayUri); } - public function callback(Request $request) { @@ -137,4 +137,37 @@ public function callback(Request $request) return '登陆失败或授权码已过期'; } + public function oauth(Request $request) + { + $authCode = $request->get('auth_code'); + $corpId = $request->get('corp_id'); + + if (!$authCode || !$corpId) { + return '参数错误'; + } + + try { + + $oauth = $this->service->getOauthUser($corpId, $authCode); + if (!isset($oauth['open_id']) || empty($oauth['open_id'])) { + return '获取授权信息失败'; + } + + // 执行登录 + OAuth::login($oauth); + + // 定义跳转url + if (!empty($request->get('service', ''))) { + $request->session()->put('url.intended', base64_decode($request->get('service', ''))); + } + return redirect()->intended($this->redirectPath()); + + } catch (\Exception $exception) { + Artisan::call('cache:clear'); + Log::error($exception->getMessage(), ['exception' => $exception]); + } + + return '授权失败或授权码已过期'; + } + } \ No newline at end of file diff --git a/src/XinXiHua/SDK/Models/OauthUser.php b/src/XinXiHua/SDK/Models/OauthUser.php new file mode 100644 index 0000000..e7dc43d --- /dev/null +++ b/src/XinXiHua/SDK/Models/OauthUser.php @@ -0,0 +1,17 @@ +getIsvCorpClient($corpId); + $response = $isvCorpClient->get(config('xxh-sdk.agent.corp_oauth_user_api'), + [ + 'auth_code' => $authCode + ] + ); + Log::debug($response->getResponse()); + if ($response->isResponseSuccess()) { + $result = $response->getResponseData(); + return $result['data'] ?? []; + } + return []; + } } \ No newline at end of file diff --git a/src/XinXiHua/SDK/Support/Sign/MakeSign.php b/src/XinXiHua/SDK/Support/Sign/MakeSign.php index 8487551..91137bd 100644 --- a/src/XinXiHua/SDK/Support/Sign/MakeSign.php +++ b/src/XinXiHua/SDK/Support/Sign/MakeSign.php @@ -32,9 +32,14 @@ public function sign($key, $params) $params = $this->decodeParams($params); // 字典排序 ksort($params); - // 生成查询字符串 - $body = http_build_query($params); - return $this->generateResponseBodySignature($key, $body); + $unsignedData = ""; + foreach ($params as $paramKey => $paramValue) { + if (!empty($paramValue)) { + $unsignedData .= $paramKey . '=' . trim($paramValue) . '&'; + } + } + // 生成签名 + return $this->generateResponseBodySignature($key, rtrim($unsignedData, '&')); } catch (\Exception $exception) { } return false; diff --git a/src/XinXiHua/SDK/XXHServiceProvider.php b/src/XinXiHua/SDK/XXHServiceProvider.php index 437d03b..236900a 100644 --- a/src/XinXiHua/SDK/XXHServiceProvider.php +++ b/src/XinXiHua/SDK/XXHServiceProvider.php @@ -9,6 +9,7 @@ namespace XinXiHua\SDK; use Illuminate\Support\ServiceProvider; +use XinXiHua\SDK\Auth\OauthManager; use XinXiHua\SDK\Auth\XXHManager; class XXHServiceProvider extends ServiceProvider @@ -58,10 +59,15 @@ public function register() 'xxh-sdk' ); - // 启动信息化 + // 注册信息化 $this->app->singleton('xxh', function () { return new XXHManager($this->app); }); + // 注册 oauth + $this->app->singleton('oauth', function () { + return new OauthManager($this->app); + }); + } } \ No newline at end of file