package oauth import ( "context" "dashoo.cn/common_definition/auth" "dashoo.cn/micro_libary/db" "dashoo.cn/micro_libary/micro_srv" dautils "dashoo.cn/micro_libary/utils" "dashoo.cn/sso_libary/utils" "encoding/json" "errors" "fmt" "github.com/gogf/gf/crypto/gmd5" "github.com/gogf/gf/encoding/gbase64" "github.com/gogf/gf/encoding/gjson" "github.com/gogf/gf/frame/g" "github.com/gogf/gf/os/glog" "github.com/gogf/gf/os/gtime" "github.com/gogf/gf/util/gconv" "github.com/gogf/gf/util/grand" "github.com/mssola/user_agent" "github.com/smallnest/rpcx/client" "github.com/smallnest/rpcx/share" ) var OssService *OssServiceImpl var authService client.XClient type UserService struct { db.ServiceBase } func NewService(tenant string) (UserService, error) { var service UserService err := service.Init(tenant, "base_user") return service, err } func init() { OssService = NewOssService() authService = micro_srv.InitMicroSrvClient("Auth", "micro_srv.auth") } type OssServiceImpl struct { } func NewOssService() *OssServiceImpl { return &OssServiceImpl{} } const ( S_CHECKIAM = "S_XXX_IAM_checkiamService_S" S_ACCESSTOKEN = "S_XXX_IAM_accessToken_S" S_PROFILE = "S_XXX_IAM_profile_S" ) // GetCheckiam 心跳检测 正常反馈OK func (s *OssServiceImpl) GetCheckiam(ctx context.Context) (response string, err error) { client := utils.UHttp.HttpClient(utils.MIMEPOSTForm, Config.System, S_CHECKIAM) var args = CheckiamReq{} args.ClientId = Config.ClientId args.ClientSecret = Config.ClientSecret args.NonceStr = grand.S(8, false) args.OauthTimestamp = gtime.TimestampMilli() sign, err := utils.USign.Encryption(args, Config.EncrySUffIx) if err != nil { } args.Sign = sign resp, err := client.Post(Config.AccessTokenUrl, utils.UStruct.Struct2Map(args)) if err != nil { defer resp.Close() return response, err } response = resp.ReadAllString() fmt.Println(response, err) if err != nil { return response, err } return response, err } // GetAccessToken 单点登录获取token func (s *OssServiceImpl) GetAccessToken(ctx context.Context, code string) (response map[string]interface{}, err error) { client := utils.UHttp.HttpClient(utils.MIMEPOSTForm, Config.System, S_ACCESSTOKEN) var args = AccessTokenArgs{} args.ClientId = Config.ClientId args.ClientSecret = Config.ClientSecret args.NonceStr = grand.S(8, false) args.OauthTimestamp = gtime.TimestampMilli() args.Code = code args.GrantType = "authorization_code" args.RedirectUri = Config.RedirectUri sign, err := utils.USign.Encryption(args, Config.EncrySUffIx) if err != nil { } args.Sign = sign resp, err := client.Post(Config.AccessTokenUrl, utils.UStruct.Struct2Map(args)) if err != nil { defer resp.Close() return response, err } responseData := resp.ReadAllString() response, err = utils.UStruct.String2Map(responseData) if err != nil { return response, err } else if gconv.Int(response["status"]) != 200 { return response, errors.New(gconv.String(response["msg"])) } return response, err } // GetUserInfo 获取用户信息 func (s *OssServiceImpl) GetUserInfo(ctx context.Context, token string) (response map[string]interface{}, err error) { client := utils.UHttp.HttpClient(utils.MIMEPOSTForm, Config.System, S_PROFILE) var args = ProfileResq{} args.ClientId = Config.ClientId args.ClientSecret = Config.ClientSecret args.NonceStr = grand.S(8, false) args.OauthTimestamp = gtime.TimestampMilli() args.AccessToken = token //sign, err = utils.USign.EncryptionString(sign) sign, err := utils.USign.Encryption(args, Config.EncrySUffIx) if err != nil { return response, err } args.Sign = sign resp, err := client.Post(Config.ResourceUrl, utils.UStruct.Struct2Map(args)) if err != nil { defer resp.Close() return response, err } responseData := resp.ReadAllString() response, err = utils.UStruct.String2Map(responseData) if err != nil { return response, err } else if gconv.Int(response["status"]) != 200 { return response, errors.New(gconv.String(response["msg"])) } return response, err } // 从context中获取ClientIP和UserAgent func GetBrowserInfo(ctx context.Context) (clientIP string, userAgent string, err error) { reqMeta := ctx.Value(share.ReqMetaDataKey).(map[string]string) clientIP, ok := reqMeta["clientIP"] if !ok { return "", "", errors.New("BrowserInfo获取失败") } userAgent, ok = reqMeta["userAgent"] if !ok { return "", "", errors.New("BrowserInfo获取失败") } userAgent, err = gbase64.DecodeToString(userAgent) return } // 获取大数登陆token func (s *OssServiceImpl) GetToken(ctx context.Context, record map[string]interface{}, tenant string) (interface{}, error) { var userInfo UserInfo //userInfo.Id = 907 server, _ := NewService(tenant) glog.Info("单点登陆用户信息", record) userInfo.Uuid, _ = gmd5.Encrypt(gconv.String(record["id"])) //gconv.String(record["Uuid"]) // //userInfo.DeptId = "1" //gconv.String(record["DepartmentId"]) // 部门Id server.DB.Model("base_user").Where("uuid", userInfo.Uuid).Fields("Id,Uuid,UserName,RealName,DepartmentId as DeptId").Scan(&userInfo) userRoles, _ := server.DB.Model("base_user_role").Fields("RoleIds").Where("UserId", userInfo.Id).Value() userInfo.Roles = userRoles.String() // 角色 dataByte, _ := json.Marshal(userInfo) rsp := &auth.Response{} err := authService.Call(ctx, "GetToken", &auth.Request{ Tenant: tenant, UserKey: userInfo.UserName, Uuid: userInfo.Uuid, Data: string(dataByte), }, rsp) jsonData, _ := gjson.DecodeToJson(rsp.Data) cIP, userAgent, _ := GetBrowserInfo(ctx) gMap := g.Map{} ua := user_agent.New(userAgent) if err != nil { gMap["Status"] = 0 gMap["LoginName"] = userInfo.UserName gMap["IpAddr"] = cIP gMap["LoginLocation"] = dautils.GetCityByIp(cIP) gMap["Browser"], _ = ua.Browser() gMap["Os"] = ua.OS() gMap["Msg"] = "单点登陆失败" gMap["LoginTime"] = gtime.Now() gMap["Module"] = "系统后台" } else { gMap["Status"] = 1 gMap["LoginName"] = userInfo.UserName gMap["IpAddr"] = cIP gMap["LoginLocation"] = dautils.GetCityByIp(cIP) gMap["Browser"], _ = ua.Browser() gMap["Os"] = ua.OS() gMap["Msg"] = "单点登录成功" gMap["LoginTime"] = gtime.Now() gMap["Module"] = "系统后台" } glog.Info("jsonData", jsonData) if err != nil { return nil, err } go server.DB.Model("base_login_log").Data(gMap).Insert() return jsonData, nil }