eta_bridge/services/xiangyu/auth.go

package xiangyu

import (
	"encoding/json"
	"errors"
	"eta/eta_bridge/global"
	"fmt"
	"io"
	"net/http"
	"strings"
)

// ErrResp
// @Description: 错误信息返回
type ErrResp struct {
	ErrCode string `json:"errcode" description:"失败编码 1001:缺少参数client_id, 2001:缺少参数access_token, 2006:缺少参数uid, 2002:参数access _token，不正确或过期, 1005:参数client_id非法"`
	Msg     string `json:"msg" description:"失败信息"`
}

// GetTokenResp
// @Description: 获取token返回
type GetTokenResp struct {
	ErrResp
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	Uid          string `json:"uid"`
	ExpiresIn    int    `json:"expires_in"`
}

// GetToken
// @Description: 获取token信息
// @author: Roc
// @datetime 2024-01-23 15:40:56
// @param code string
// @return resp *GetTokenResp
// @return err error
func GetToken(code string) (resp *GetTokenResp, err error) {
	urlPath := fmt.Sprintf(`/idp/oauth2/getToken?client_id=%s&grant_type=authorization_code&code=%s&client_secret=%s`, global.CONFIG.Xiangyu.SystemCode, code, global.CONFIG.Xiangyu.UserKey)

	if err != nil {
		return
	}
	result, err := HttpPostAuth(urlPath, ``, "application/json")
	if err != nil {
		return
	}

	//  解析响应结果
	err = json.Unmarshal(result, &resp)
	if err != nil {
		return
	}

	if resp.AccessToken == "" {
		err = errors.New(fmt.Sprintf("响应代码：%s，错误信息：%s", resp.ErrCode, resp.Msg))
		return
	}

	return
}

// UserInfoResp
// @Description: 用户信息
type UserInfoResp struct {
	ErrResp

	Country     string `json:"country"`
	SorgId      string `json:"sorgId"`
	UpdateDate  string `json:"updateDate"`
	Mail        string `json:"mail"`
	Gender      string `json:"gender"`
	LoginType   string `json:"loginType"`
	Nation      string `json:"nation"`
	DisplayName string `json:"displayName" description:"姓名"`
	Uid         string `json:"uid" description:"唯一标识"`
	LoginName   string `json:"loginName" description:"登录账号"`
	//PositionNumber          string   `json:"positionNumber"`
	//Title                   string   `json:"title"`
	//LoginInterceptFlagTwo   int           `json:"loginInterceptFlagTwo"`
	//LoginInterceptFlagFour  int           `json:"loginInterceptFlagFour"`
	//EmployeeNumber          string   `json:"employeeNumber"`
	//ChangePwdAt             string        `json:"changePwdAt"`
	////SpRoleList              []interface{} `json:"spRoleList"`
	//PwdPolicy               string        `json:"pwdPolicy"`
	//LoginInterceptFlagFive  int           `json:"loginInterceptFlagFive"`
	//LoginInterceptFlagThree int           `json:"loginInterceptFlagThree"`
	//IdentityNumber          string  `json:"identityNumber"`
	//IdentityType            string   `json:"identityType"`
	//SecAccValid             int           `json:"secAccValid"`
	//PinyinShortName         string   `json:"pinyinShortName"`
	//OrgNumber               string   `json:"orgNumber"`
	//WechatNo                string   `json:"wechatNo"`
	//OrgNamePath             string        `json:"orgNamePath"`
	//PasswordModifyRequired  int           `json:"passwordModifyRequired"`
	//BirthDay                string        `json:"birthDay"`
	//GivenName               string   `json:"givenName"`
	//Mobile                  string        `json:"mobile"`
	//LoginInterceptFlagOne   int           `json:"loginInterceptFlagOne"`
	//CertSn                  interface{}   `json:"certSn"`
	//EmployeeType            interface{}   `json:"employeeType"`
	//OrgCodePath             interface{}   `json:"orgCodePath"`
	//OtpKey                  interface{}   `json:"otpKey"`
	//PositionStatus          interface{}   `json:"positionStatus"`
	//DepartmentNumber        interface{}   `json:"departmentNumber"`
	//CertDn                  interface{}   `json:"certDn"`
	//SpNameList              []string      `json:"spNameList"`
	//IsPassRemind            int           `json:"isPassRemind"`
}

// GetUserInfo
// @Description: 获取用户信息
// @author: Roc
// @datetime 2024-01-23 15:49:38
// @param token string
// @return resp *UserInfoResp
// @return err error
func GetUserInfo(token string) (resp *UserInfoResp, err error) {
	urlPath := fmt.Sprintf(`/idp/oauth2/getUserInfo?client_id=%s&access_token=%s`, global.CONFIG.Xiangyu.SystemCode, token)

	if err != nil {
		return
	}
	result, err := HttpGetAuth(urlPath)
	if err != nil {
		return
	}

	//  解析响应结果
	err = json.Unmarshal(result, &resp)
	if err != nil {
		return
	}

	if resp.ErrCode != "" {
		err = errors.New(fmt.Sprintf("响应代码：%s，错误信息：%s", resp.ErrCode, resp.Msg))
		return
	}

	return
}

// CheckTokenResp
// @Description: 校验token是否有效的返回
type CheckTokenResp struct {
	ErrResp
	Result bool `json:"result" description:"校验结果，true 有效"`
}

// CheckToken
// @Description: 校验token是否有效
// @author: Roc
// @datetime 2024-01-23 15:54:16
// @param token string
// @return isOk bool
// @return err error
func CheckToken(token string) (isOk bool, err error) {
	urlPath := fmt.Sprintf(`/idp/oauth2/checkTokenValid?&access_token=%s`, token)

	if err != nil {
		return
	}
	result, err := HttpGetAuth(urlPath)
	if err != nil {
		return
	}

	var resp *CheckTokenResp
	//  解析响应结果
	err = json.Unmarshal(result, &resp)
	if err != nil {
		return
	}

	if resp.ErrCode != "" {
		err = errors.New(fmt.Sprintf("响应代码：%s，错误信息：%s", resp.ErrCode, resp.Msg))
		return
	}

	if resp.Result {
		isOk = true
	}

	return
}

// GetTokenInfo
// @Description: 查询授权信息
// @author: Roc
// @datetime 2024-01-23 15:57:04
// @param token string
// @return resp *GetTokenResp
// @return err error
func GetTokenInfo(token string) (resp *GetTokenResp, err error) {
	urlPath := fmt.Sprintf(`/idp/oauth2/getTokenInfo?&access_token=%s`, token)

	if err != nil {
		return
	}
	result, err := HttpGetAuth(urlPath)
	if err != nil {
		return
	}

	//  解析响应结果
	err = json.Unmarshal(result, &resp)
	if err != nil {
		return
	}

	if resp.ErrCode != "" {
		err = errors.New(fmt.Sprintf("响应代码：%s，错误信息：%s", resp.ErrCode, resp.Msg))
		return
	}

	return
}

// RefreshToken
// @Description: 刷新token
// @author: Roc
// @datetime 2024-01-23 16:02:03
// @param refreshToken string
// @return resp *GetTokenResp
// @return err error
func RefreshToken(refreshToken string) (resp *GetTokenResp, err error) {
	urlPath := fmt.Sprintf(`/idp/oauth2/refreshToken?client_id=%s&grant_type=refresh_token&client_secret=%s&refresh_token=%s`, global.CONFIG.Xiangyu.SystemCode, global.CONFIG.Xiangyu.UserKey, refreshToken)

	if err != nil {
		return
	}
	result, err := HttpPostAuth(urlPath, ``, "application/json")
	if err != nil {
		return
	}

	//  解析响应结果
	err = json.Unmarshal(result, &resp)
	if err != nil {
		return
	}

	if resp.ErrCode != "" {
		err = errors.New(fmt.Sprintf("响应代码：%s，错误信息：%s", resp.ErrCode, resp.Msg))
		return
	}

	return
}

// RevokeToken
// @Description: token销毁
// @author: Roc
// @datetime 2024-01-23 16:06:52
// @param token string
// @return isOk bool
// @return err error
func RevokeToken(token string) (isOk bool, err error) {
	urlPath := fmt.Sprintf(`/idp/oauth2/revokeToken?&access_token=%s`, token)

	if err != nil {
		return
	}
	result, err := HttpGetAuth(urlPath)
	if err != nil {
		return
	}

	var resp *CheckTokenResp
	//  解析响应结果
	err = json.Unmarshal(result, &resp)
	if err != nil {
		return
	}

	if resp.ErrCode != "" {
		err = errors.New(fmt.Sprintf("响应代码：%s，错误信息：%s", resp.ErrCode, resp.Msg))
		return
	}

	if resp.Result {
		isOk = true
	}

	return
}

// HttpPostAuth
// @Description: post请求
// @author: Roc
// @datetime 2024-01-23 16:20:10
// @param urlPath string
// @param postData string
// @param params ...string
// @return []byte
// @return error
func HttpPostAuth(urlPath, postData string, params ...string) ([]byte, error) {
	if global.CONFIG.Xiangyu.UserAuthHost == `` {
		return nil, errors.New("统一用户同步接口地址为空")
	}
	// 请求地址
	postUrl := global.CONFIG.Xiangyu.UserAuthHost + urlPath

	body := io.NopCloser(strings.NewReader(postData))
	client := &http.Client{}
	req, err := http.NewRequest("POST", postUrl, body)
	if err != nil {
		return nil, err
	}
	contentType := "application/x-www-form-urlencoded;charset=utf-8"
	if len(params) > 0 && params[0] != "" {
		contentType = params[0]
	}
	req.Header.Set("content-Type", contentType)
	resp, err := client.Do(req)
	if err != nil {
		return nil, err
	}
	defer resp.Body.Close()
	result, err := io.ReadAll(resp.Body)
	if err != nil {
		return nil, err
	}

	// 日志记录
	global.FILE_LOG.Debug("统一认证:地址：" + postUrl + ";\n请求参数：" + postData + ";\n返回参数:" + string(result))

	//  解析返回参数，判断是否是json
	if !json.Valid(result) {
		err = errors.New("返回参数不是json格式")
	}

	return result, err
}

// HttpGetAuth
// @Description: get请求
// @author: Roc
// @datetime 2024-01-23 16:20:16
// @param urlPath string
// @return []byte
// @return error
func HttpGetAuth(urlPath string) ([]byte, error) {
	if global.CONFIG.Xiangyu.UserAuthHost == `` {
		return nil, errors.New("统一用户同步接口地址为空")
	}
	// 请求地址
	getUrl := global.CONFIG.Xiangyu.UserAuthHost + urlPath
	client := &http.Client{}
	req, err := http.NewRequest("GET", getUrl, nil)
	if err != nil {
		return nil, err
	}
	resp, err := client.Do(req)
	if err != nil {
		return nil, err
	}
	defer resp.Body.Close()
	result, err := io.ReadAll(resp.Body)
	if err != nil {
		return nil, err
	}

	// 日志记录
	global.FILE_LOG.Debug("统一认证:地址：" + getUrl + ";\n返回参数:" + string(result))

	//  解析返回参数，判断是否是json
	if !json.Valid(result) {
		err = errors.New("返回参数不是json格式")
	}

	return result, err
}