| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203 |
- <?php
- namespace App\Service;
- use App\Log;
- use App\Models\AuthorizeCorp;
- class CorpAuthService
- {
- /**
- * 获取授权企业信息
- * */
- public static function getCorpAuthInfo($suiteId, $suiteSecret, $preAuthCode, $userId)
- {
- # 获取企业信息
- $corpData = CorpAuthService::getPermanentCode($suiteId, $suiteSecret, $preAuthCode);
- # 验证是否为正常信息
- if(isset($corpData['errcode']) && $corpData['errcode']) {
- Log::logError('永久授权码接口返回数据异常', $corpData, 'CorpAuthInfo');
- return false;
- }
- # 处理数据
- $corpid = $corpData['auth_corp_info']['corpid'];
- $insertData['corp_name'] = isset($corpData['auth_corp_info']['corp_name']) ? $corpData['auth_corp_info']['corp_name'] : null;
- $insertData['corp_type'] = isset($corpData['auth_corp_info']['corp_type']) ? $corpData['auth_corp_info']['corp_type'] : null;
- $insertData['corp_square_logo_url'] = isset($corpData['auth_corp_info']['corp_square_logo_url']) ?
- $corpData['auth_corp_info']['corp_square_logo_url'] : null;
- $insertData['corp_square_logo_url'] = isset($corpData['auth_corp_info']['corp_square_logo_url']) ? $corpData['auth_corp_info']['corp_square_logo_url'] : null;
- $insertData['corp_user_max'] = isset($corpData['auth_corp_info']['corp_user_max']) ? $corpData['auth_corp_info']['corp_user_max'] : null;
- $insertData['corp_full_name'] = isset($corpData['auth_corp_info']['corp_full_name']) ? $corpData['auth_corp_info']['corp_full_name'] : null;
- $insertData['subject_type'] = isset($corpData['auth_corp_info']['subject_type']) ? $corpData['auth_corp_info']['subject_type'] : null;
- $insertData['verified_end_time'] = isset($corpData['auth_corp_info']['verified_end_time']) ? $corpData['auth_corp_info']['verified_end_time'] : null;
- $insertData['corp_wx_qrcode'] = isset($corpData['auth_corp_info']['corp_wxqrcode']) ? $corpData['auth_corp_info']['corp_wxqrcode'] : null;
- $insertData['corp_scale'] = isset($corpData['auth_corp_info']['corp_scale']) ? $corpData['auth_corp_info']['corp_scale'] : null;
- $insertData['corp_industry'] = isset($corpData['auth_corp_info']['corp_industry']) ? $corpData['auth_corp_info']['corp_industry'] : null;
- $insertData['corp_sub_industry'] = isset($corpData['auth_corp_info']['corp_sub_industry']) ? $corpData['auth_corp_info']['corp_sub_industry'] : null;
- $insertData['access_token'] = isset($corpData['access_token']) ? $corpData['access_token'] : '';
- $insertData['expires_in'] = isset($corpData['expires_in']) ? time() + $corpData['expires_in'] : null;
- $insertData['permanent_code'] = $corpData['permanent_code'];
- $insertData['auth_info'] = isset($corpData['auth_info']) ? json_encode($corpData['auth_info']) : null;
- $insertData['auth_user_info'] = isset($corpData['auth_user_info']) ? json_encode($corpData['auth_user_info']) : null;
- $insertData['dealer_corp_info'] = isset($corpData['dealer_corp_info']) ? json_encode($corpData['dealer_corp_info']) : null;
- $insertData['register_code_info'] = isset($corpData['register_code_info']) ? json_encode($corpData['register_code_info']) : null;
- $corpData['auth_info'] = json_decode($insertData['auth_info'], true);
- $insertData['agent_id'] = isset($corpData['auth_info']['agent'][0]['agentid']) ? $corpData['auth_info']['agent'][0]['agentid'] : null;
- $insertData['is_customized_app'] = isset($corpData['auth_info']['agent'][0]['is_customized_app']) ? $corpData['auth_info']['agent'][0]['is_customized_app'] : 0;
- if($userId) {
- $insertData['admin_id'] = $userId;
- }
- $insertData['enable'] = 1;
- # 存储企业信息
- return AuthorizeCorp::updateOrCreate(['corpid' => $corpid], $insertData);
- }
- /**
- * 获取企业永久授权码
- * */
- public static function getPermanentCode($suiteId, $suiteTicket, $preAuthCode)
- {
- # 获取SuiteAccessToken
- // $suiteAccessToken = TokenService::getSuiteAccessToken($suiteId, $suiteTicket);
- $suiteAccessToken = TokenService::getAuthToken($suiteId, $suiteTicket);
- # 获取永久授权码链接
- $permanentCodeUri = config('qyWechat.get_permanent_code');
- $permanentCodeUri .= $suiteAccessToken;
- $postData = array('auth_code' => $preAuthCode);
- $response = HttpService::httpPost($permanentCodeUri, json_encode($postData));
- $responseData = json_decode($response, true);
- return $responseData;
- }
- /**
- * corpid转换
- * */
- public static function getOpenCorpid($corpid, $suiteId, $suiteSecret)
- {
- # 获取SuiteAccessToken
- $suiteAccessToken = TokenService::getAuthToken($suiteId, $suiteSecret);
- // $suiteAccessToken = TokenService::getSuiteAccessToken($suiteId, $suiteSecret);
- $requestUri = config('qyWechat.get_open_corpid');
- $requestUri .= $suiteAccessToken;
- $response = HttpService::httpPost($requestUri, json_encode(['corpid' => $corpid]));
- $responseData = json_decode($response, true);
- return $responseData;
- }
- /**
- * jsapi授权信息获取
- * */
- public static function getAuthData($corpid, $userId, $token, $timestamp, $url, &$errno)
- {
- # 验证合法性
- $authToken = get_token($corpid, $userId, $timestamp);
- if($authToken != $token) {
- Log::logError('验签失败', [
- 'corpid' => $corpid,
- 'user_id' => $userId,
- 'token' => $token,
- 'timestamp' => $timestamp,
- 'auth_token' => $authToken
- ], 'JsapiAuthData');
- $errno = 1004;
- return [];
- }
- # 获取agentId
- $agentId = AuthorizeCorp::where('corpid', $corpid)->where('enable', 1)->value('agent_id');
- if(empty($agentId)) {
- Log::logError('agentId获取失败', [
- 'corpid' => $corpid,
- 'user_id' => $userId,
- 'token' => $token,
- 'timestamp' => $timestamp,
- 'auth_token' => $authToken
- ], 'JsapiAuthData');
- $errno = 1004;
- return [];
- }
- # 获取企业jsapiTicket
- $jsapiTicket = AccessTokenService::getJsapiTicket($corpid);
- # 获取应用jsapiTicket
- $appJsapiTicket = AccessTokenService::getAppJsapiTicket($corpid);
- # 获取随机字符串和时间戳
- $nonceStr = get_random_str(16);
- $timestamp = time();
- $jsapiTicketStr = 'jsapi_ticket=' . $jsapiTicket . '&noncestr=' .$nonceStr. '×tamp='.$timestamp.'&url=' .$url;
- $appJsapiTicketStr = 'jsapi_ticket=' . $appJsapiTicket . '&noncestr=' .$nonceStr. '×tamp='.$timestamp.'&url=' .$url;
- $signature = sha1($jsapiTicketStr);
- $signatureApp = sha1($appJsapiTicketStr);
- return [
- 'corpid' => $corpid,
- 'agent_id' => $agentId,
- 'timestamp' => $timestamp,
- 'nonce_str' => $nonceStr,
- 'signature' => $signature,
- 'app_signature' => $signatureApp
- ];
- }
- /**
- * jsapi信息获取-公用
- */
- public static function getCommonAuthData($corpid, $url, &$errno)
- {
- # 获取agentId
- $agentId = AuthorizeCorp::where('corpid', $corpid)->where('enable', 1)->value('agent_id');
- if(empty($agentId)) {
- Log::logError('agentId获取失败', [
- 'corpid' => $corpid,
- 'url' => $url,
- ], 'getCommonAuthData');
- $errno = 1004;
- return [];
- }
- # 获取企业jsapiTicket
- $jsapiTicket = AccessTokenService::getJsapiTicket($corpid);
- # 获取应用jsapiTicket
- $appJsapiTicket = AccessTokenService::getAppJsapiTicket($corpid);
- # 获取随机字符串和时间戳
- $nonceStr = get_random_str(16);
- $timestamp = time();
- $jsapiTicketStr = 'jsapi_ticket=' . $jsapiTicket . '&noncestr=' .$nonceStr. '×tamp='.$timestamp.'&url=' .$url;
- $appJsapiTicketStr = 'jsapi_ticket=' . $appJsapiTicket . '&noncestr=' .$nonceStr. '×tamp='.$timestamp.'&url=' .$url;
- $signature = sha1($jsapiTicketStr);
- $signatureApp = sha1($appJsapiTicketStr);
- return [
- 'corpid' => $corpid,
- 'agent_id' => $agentId,
- 'timestamp' => $timestamp,
- 'nonce_str' => $nonceStr,
- 'signature' => $signature,
- 'app_signature' => $signatureApp
- ];
- }
- }
|
