zxf
/
sso_libary


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216
							package oauth

import (
	"context"
	"dashoo.cn/common_definition/auth"
	"dashoo.cn/micro_libary/db"
	"dashoo.cn/micro_libary/micro_srv"
	dautils "dashoo.cn/micro_libary/utils"
	"dashoo.cn/sso_libary/utils"
	"encoding/json"
	"errors"
	"fmt"
	"github.com/gogf/gf/crypto/gmd5"
	"github.com/gogf/gf/encoding/gbase64"
	"github.com/gogf/gf/encoding/gjson"
	"github.com/gogf/gf/frame/g"
	"github.com/gogf/gf/os/glog"
	"github.com/gogf/gf/os/gtime"
	"github.com/gogf/gf/util/gconv"
	"github.com/gogf/gf/util/grand"
	"github.com/mssola/user_agent"
	"github.com/smallnest/rpcx/client"
	"github.com/smallnest/rpcx/share"
)

var OssService *OssServiceImpl

var authService client.XClient

type UserService struct {
	db.ServiceBase
}

func NewService(tenant string) (UserService, error) {
	var service UserService
	err := service.Init(tenant, "base_user")
	return service, err
}
func init() {
	OssService = NewOssService()
	authService = micro_srv.InitMicroSrvClient("Auth", "micro_srv.auth")

}

type OssServiceImpl struct {
}

func NewOssService() *OssServiceImpl {
	return &OssServiceImpl{}
}

const (
	S_CHECKIAM    = "S_XXX_IAM_checkiamService_S"
	S_ACCESSTOKEN = "S_XXX_IAM_accessToken_S"
	S_PROFILE     = "S_XXX_IAM_profile_S"
)

// GetCheckiam 心跳检测 正常反馈OK
func (s *OssServiceImpl) GetCheckiam(ctx context.Context) (response string, err error) {
	client := utils.UHttp.HttpClient(utils.MIMEPOSTForm, Config.System, S_CHECKIAM)
	var args = CheckiamReq{}
	args.ClientId = Config.ClientId
	args.ClientSecret = Config.ClientSecret
	args.NonceStr = grand.S(8, false)
	args.OauthTimestamp = gtime.TimestampMilli()
	sign, err := utils.USign.Encryption(args, Config.EncrySUffIx)
	if err != nil {
	}
	args.Sign = sign
	resp, err := client.Post(Config.AccessTokenUrl, utils.UStruct.Struct2Map(args))
	if err != nil {
		defer resp.Close()
		return response, err
	}
	response = resp.ReadAllString()
	fmt.Println(response, err)
	if err != nil {
		return response, err
	}
	return response, err
}

// GetAccessToken 单点登录获取token
func (s *OssServiceImpl) GetAccessToken(ctx context.Context, code string) (response map[string]interface{}, err error) {
	client := utils.UHttp.HttpClient(utils.MIMEPOSTForm, Config.System, S_ACCESSTOKEN)
	var args = AccessTokenArgs{}
	args.ClientId = Config.ClientId
	args.ClientSecret = Config.ClientSecret
	args.NonceStr = grand.S(8, false)
	args.OauthTimestamp = gtime.TimestampMilli()
	args.Code = code
	args.GrantType = "authorization_code"
	args.RedirectUri = Config.RedirectUri
	sign, err := utils.USign.Encryption(args, Config.EncrySUffIx)
	if err != nil {
	}
	args.Sign = sign
	resp, err := client.Post(Config.AccessTokenUrl, utils.UStruct.Struct2Map(args))
	if err != nil {
		defer resp.Close()
		return response, err
	}
	responseData := resp.ReadAllString()
	response, err = utils.UStruct.String2Map(responseData)
	if err != nil {
		return response, err
	} else if gconv.Int(response["status"]) != 200 {
		return response, errors.New(gconv.String(response["msg"]))
	}
	return response, err
}

// GetUserInfo 获取用户信息
func (s *OssServiceImpl) GetUserInfo(ctx context.Context, token string) (response map[string]interface{}, err error) {
	client := utils.UHttp.HttpClient(utils.MIMEPOSTForm, Config.System, S_PROFILE)

	var args = ProfileResq{}
	args.ClientId = Config.ClientId
	args.ClientSecret = Config.ClientSecret
	args.NonceStr = grand.S(8, false)
	args.OauthTimestamp = gtime.TimestampMilli()
	args.AccessToken = token

	//sign, err = utils.USign.EncryptionString(sign)
	sign, err := utils.USign.Encryption(args, Config.EncrySUffIx)

	if err != nil {
		return response, err
	}
	args.Sign = sign
	resp, err := client.Post(Config.ResourceUrl, utils.UStruct.Struct2Map(args))
	if err != nil {
		defer resp.Close()
		return response, err
	}
	responseData := resp.ReadAllString()
	response, err = utils.UStruct.String2Map(responseData)
	if err != nil {
		return response, err
	} else if gconv.Int(response["status"]) != 200 {
		return response, errors.New(gconv.String(response["msg"]))
	}
	return response, err
}

// 从context中获取ClientIP和UserAgent
func GetBrowserInfo(ctx context.Context) (clientIP string, userAgent string, err error) {
	reqMeta := ctx.Value(share.ReqMetaDataKey).(map[string]string)
	clientIP, ok := reqMeta["clientIP"]
	if !ok {
		return "", "", errors.New("BrowserInfo获取失败")
	}

	userAgent, ok = reqMeta["userAgent"]
	if !ok {
		return "", "", errors.New("BrowserInfo获取失败")
	}
	userAgent, err = gbase64.DecodeToString(userAgent)
	return
}

// 获取大数登陆token
func (s *OssServiceImpl) GetToken(ctx context.Context, record map[string]interface{}, tenant string) (interface{}, error) {
	var userInfo UserInfo
	//userInfo.Id = 907
	server, _ := NewService(tenant)
	glog.Info("单点登陆用户信息", record)
	userInfo.Uuid, _ = gmd5.Encrypt(gconv.String(record["id"])) //gconv.String(record["Uuid"])  //
	//userInfo.DeptId = "1"                          //gconv.String(record["DepartmentId"])  //  部门Id
	server.DB.Model("base_user").Where("uuid", userInfo.Uuid).Fields("Id,Uuid,UserName,RealName,DepartmentId as DeptId").Scan(&userInfo)
	userRoles, _ := server.DB.Model("base_user_role").Fields("RoleIds").Where("UserId", userInfo.Id).Value()

	userInfo.Roles = userRoles.String() // 角色
	dataByte, _ := json.Marshal(userInfo)
	rsp := &auth.Response{}
	err := authService.Call(ctx, "GetToken", &auth.Request{
		Tenant:  tenant,
		UserKey: userInfo.UserName,
		Uuid:    userInfo.Uuid,
		Data:    string(dataByte),
	}, rsp)

	jsonData, _ := gjson.DecodeToJson(rsp.Data)
	cIP, userAgent, _ := GetBrowserInfo(ctx)
	gMap := g.Map{}
	ua := user_agent.New(userAgent)
	if err != nil {
		gMap["Status"] = 0
		gMap["LoginName"] = userInfo.UserName
		gMap["IpAddr"] = cIP
		gMap["LoginLocation"] = dautils.GetCityByIp(cIP)
		gMap["Browser"], _ = ua.Browser()
		gMap["Os"] = ua.OS()
		gMap["Msg"] = "单点登陆失败"
		gMap["LoginTime"] = gtime.Now()
		gMap["Module"] = "系统后台"
	} else {
		gMap["Status"] = 1
		gMap["LoginName"] = userInfo.UserName
		gMap["IpAddr"] = cIP
		gMap["LoginLocation"] = dautils.GetCityByIp(cIP)
		gMap["Browser"], _ = ua.Browser()
		gMap["Os"] = ua.OS()
		gMap["Msg"] = "单点登录成功"
		gMap["LoginTime"] = gtime.Now()
		gMap["Module"] = "系统后台"
	}
	glog.Info("jsonData", jsonData)
	if err != nil {
		return nil, err
	}

	go server.DB.Model("base_login_log").Data(gMap).Insert()

	return jsonData, nil
}