* finish task #1975.
This commit is contained in:
wangyidong
@@ -278,7 +278,6 @@ $lang->admin->menu->mail = array('link' => 'Email|mail|index', 'subModule'
|
||||
$lang->admin->menu->clearData = array('link' => 'Reset|admin|cleardata');
|
||||
$lang->admin->menu->convert = array('link' => 'Import|convert|index', 'subModule' => 'convert');
|
||||
$lang->admin->menu->trashes = array('link' => 'Trash|action|trash', 'subModule' => 'action');
|
||||
$lang->admin->menu->sso = array('link' => 'SSO|sso|browse', 'subModule' => 'sso');
|
||||
|
||||
$lang->convert = new stdclass();
|
||||
$lang->upgrade = new stdclass();
|
||||
@@ -287,7 +286,6 @@ $lang->extension = new stdclass();
|
||||
$lang->custom = new stdclass();
|
||||
$lang->editor = new stdclass();
|
||||
$lang->mail = new stdclass();
|
||||
$lang->sso = new stdclass();
|
||||
|
||||
$lang->convert->menu = $lang->admin->menu;
|
||||
$lang->upgrade->menu = $lang->admin->menu;
|
||||
@@ -296,7 +294,6 @@ $lang->extension->menu = $lang->admin->menu;
|
||||
$lang->custom->menu = $lang->admin->menu;
|
||||
$lang->editor->menu = $lang->admin->menu;
|
||||
$lang->mail->menu = $lang->admin->menu;
|
||||
$lang->sso->menu = $lang->admin->menu;
|
||||
|
||||
/* Groups. */
|
||||
$lang->menugroup = new stdclass();
|
||||
@@ -320,7 +317,6 @@ $lang->menugroup->extension = 'admin';
|
||||
$lang->menugroup->custom = 'admin';
|
||||
$lang->menugroup->editor = 'admin';
|
||||
$lang->menugroup->mail = 'admin';
|
||||
$lang->menugroup->sso = 'admin';
|
||||
|
||||
/* Error info. */
|
||||
$lang->error = new stdclass();
|
||||
|
||||
@@ -111,7 +111,6 @@ $lang->admin->menuOrder[15] = 'custom';
|
||||
$lang->admin->menuOrder[20] = 'editor';
|
||||
$lang->admin->menuOrder[25] = 'mail';
|
||||
$lang->admin->menuOrder[30] = 'custom';
|
||||
$lang->admin->menuOrder[35] = 'sso';
|
||||
$lang->admin->menuOrder[40] = 'convert';
|
||||
$lang->admin->menuOrder[45] = 'trashes';
|
||||
$lang->convert->menuOrder = $lang->admin->menuOrder;
|
||||
@@ -122,4 +121,3 @@ $lang->custom->menuOrder = $lang->admin->menuOrder;
|
||||
$lang->editor->menuOrder = $lang->admin->menuOrder;
|
||||
$lang->mail->menuOrder = $lang->admin->menuOrder;
|
||||
$lang->custom->menuOrder = $lang->admin->menuOrder;
|
||||
$lang->sso->menuOrder = $lang->admin->menuOrder;
|
||||
|
||||
@@ -279,7 +279,6 @@ $lang->admin->menu->mail = array('link' => '发信|mail|index', 'subModule'
|
||||
$lang->admin->menu->clearData = array('link' => '重置禅道|admin|cleardata');
|
||||
$lang->admin->menu->convert = array('link' => '导入|convert|index', 'subModule' => 'convert');
|
||||
$lang->admin->menu->trashes = array('link' => '回收站|action|trash', 'subModule' => 'action');
|
||||
$lang->admin->menu->sso = array('link' => '单点登录|sso|browse', 'subModule' => 'sso');
|
||||
|
||||
$lang->convert = new stdclass();
|
||||
$lang->upgrade = new stdclass();
|
||||
@@ -288,7 +287,6 @@ $lang->extension = new stdclass();
|
||||
$lang->custom = new stdclass();
|
||||
$lang->editor = new stdclass();
|
||||
$lang->mail = new stdclass();
|
||||
$lang->sso = new stdclass();
|
||||
|
||||
$lang->convert->menu = $lang->admin->menu;
|
||||
$lang->upgrade->menu = $lang->admin->menu;
|
||||
@@ -297,7 +295,6 @@ $lang->extension->menu = $lang->admin->menu;
|
||||
$lang->custom->menu = $lang->admin->menu;
|
||||
$lang->editor->menu = $lang->admin->menu;
|
||||
$lang->mail->menu = $lang->admin->menu;
|
||||
$lang->sso->menu = $lang->admin->menu;
|
||||
|
||||
/* 菜单分组。*/
|
||||
$lang->menugroup = new stdclass();
|
||||
@@ -321,7 +318,6 @@ $lang->menugroup->extension = 'admin';
|
||||
$lang->menugroup->custom = 'admin';
|
||||
$lang->menugroup->editor = 'admin';
|
||||
$lang->menugroup->mail = 'admin';
|
||||
$lang->menugroup->sso = 'admin';
|
||||
|
||||
/* 错误提示信息。*/
|
||||
$lang->error = new stdclass();
|
||||
|
||||
@@ -278,7 +278,6 @@ $lang->admin->menu->mail = array('link' => '發信|mail|index', 'subModule'
|
||||
$lang->admin->menu->clearData = array('link' => '重置禪道|admin|cleardata');
|
||||
$lang->admin->menu->convert = array('link' => '導入|convert|index', 'subModule' => 'convert');
|
||||
$lang->admin->menu->trashes = array('link' => '資源回收筒|action|trash', 'subModule' => 'action');
|
||||
$lang->admin->menu->sso = array('link' => '單點登錄|sso|browse', 'subModule' => 'sso');
|
||||
|
||||
$lang->convert = new stdclass();
|
||||
$lang->upgrade = new stdclass();
|
||||
@@ -287,7 +286,6 @@ $lang->extension = new stdclass();
|
||||
$lang->custom = new stdclass();
|
||||
$lang->editor = new stdclass();
|
||||
$lang->mail = new stdclass();
|
||||
$lang->sso = new stdclass();
|
||||
|
||||
$lang->convert->menu = $lang->admin->menu;
|
||||
$lang->upgrade->menu = $lang->admin->menu;
|
||||
@@ -296,7 +294,6 @@ $lang->extension->menu = $lang->admin->menu;
|
||||
$lang->custom->menu = $lang->admin->menu;
|
||||
$lang->editor->menu = $lang->admin->menu;
|
||||
$lang->mail->menu = $lang->admin->menu;
|
||||
$lang->sso->menu = $lang->admin->menu;
|
||||
|
||||
/* 菜單分組。*/
|
||||
$lang->menugroup = new stdclass();
|
||||
@@ -320,7 +317,6 @@ $lang->menugroup->extension = 'admin';
|
||||
$lang->menugroup->custom = 'admin';
|
||||
$lang->menugroup->editor = 'admin';
|
||||
$lang->menugroup->mail = 'admin';
|
||||
$lang->menugroup->sso = 'admin';
|
||||
|
||||
/* 錯誤提示信息。*/
|
||||
$lang->error = new stdclass();
|
||||
|
||||
@@ -147,7 +147,6 @@ class commonModel extends model
|
||||
if($module == 'user' and strpos('login|logout|deny', $method) !== false) return true;
|
||||
if($module == 'api' and $method == 'getsessionid') return true;
|
||||
if($module == 'misc' and $method == 'ping') return true;
|
||||
if($module == 'sso' and strpos('auth|depts|users', $method) !== false) return true;
|
||||
|
||||
if($this->loadModel('user')->isLogon())
|
||||
{
|
||||
|
||||
@@ -52,7 +52,6 @@ $lang->moduleOrder[150] = 'tree';
|
||||
$lang->moduleOrder[155] = 'api';
|
||||
$lang->moduleOrder[160] = 'file';
|
||||
$lang->moduleOrder[165] = 'misc';
|
||||
$lang->moduleOrder[170] = 'sso';
|
||||
|
||||
$lang->resource = new stdclass();
|
||||
|
||||
@@ -661,18 +660,6 @@ $lang->resource->admin->checkDB = 'checkDB';
|
||||
$lang->admin->methodOrder[0] = 'index';
|
||||
$lang->admin->methodOrder[5] = 'checkDB';
|
||||
|
||||
/* SSO. */
|
||||
$lang->resource->sso = new stdclass();
|
||||
$lang->resource->sso->browse = 'browse';
|
||||
$lang->resource->sso->create = 'create';
|
||||
$lang->resource->sso->edit = 'edit';
|
||||
$lang->resource->sso->delete = 'delete';
|
||||
|
||||
$lang->sso->methodOrder[0] = 'browse';
|
||||
$lang->sso->methodOrder[5] = 'create';
|
||||
$lang->sso->methodOrder[10] = 'edit';
|
||||
$lang->sso->methodOrder[15] = 'delete';
|
||||
|
||||
/* Extension. */
|
||||
$lang->resource->extension = new stdclass();
|
||||
$lang->resource->extension->browse = 'browse';
|
||||
@@ -916,10 +903,6 @@ $lang->changelog['4.3.beta'][] = 'testcase-import';
|
||||
$lang->changelog['4.3.beta'][] = 'testcase-showImport';
|
||||
$lang->changelog['4.3.beta'][] = 'testcase-confirmChange';
|
||||
$lang->changelog['4.3.beta'][] = 'mail-reset';
|
||||
$lang->changelog['4.3.beta'][] = 'sso-browse';
|
||||
$lang->changelog['4.3.beta'][] = 'sso-create';
|
||||
$lang->changelog['4.3.beta'][] = 'sso-edit';
|
||||
$lang->changelog['4.3.beta'][] = 'sso-delete';
|
||||
$lang->changelog['4.3.beta'][] = 'api-debug';
|
||||
$lang->changelog['4.3.beta'][] = 'action-editComment';
|
||||
|
||||
|
||||
@@ -1,6 +0,0 @@
|
||||
<?php
|
||||
$config->sso = new stdclass();
|
||||
$config->sso->create = new stdclass();
|
||||
$config->sso->create->requiredFields = 'title,code,key,ip';
|
||||
$config->sso->edit = new stdclass();
|
||||
$config->sso->edit->requiredFields = 'title,key,ip';
|
||||
@@ -1,165 +0,0 @@
|
||||
<?php
|
||||
class sso extends control
|
||||
{
|
||||
/**
|
||||
* Browse all auths.
|
||||
*
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function browse()
|
||||
{
|
||||
$this->view->title = $this->lang->sso->common . $this->lang->colon . $this->lang->sso->browse;
|
||||
$this->view->position[] = $this->lang->sso->common;
|
||||
$this->view->position[] = $this->lang->sso->browse;
|
||||
$this->view->auths = $this->sso->getAuths();
|
||||
$this->display();
|
||||
}
|
||||
|
||||
/**
|
||||
* Create auth.
|
||||
*
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function create()
|
||||
{
|
||||
if(!empty($_POST))
|
||||
{
|
||||
if(!$this->post->title) die(js::alert($this->lang->sso->error->title));
|
||||
if(!$this->post->code) die(js::alert($this->lang->sso->error->code));
|
||||
if(!$this->post->ip) die(js::alert($this->lang->sso->error->ip));
|
||||
|
||||
$this->sso->createAuth();
|
||||
if(dao::isError()) die(js::error(dao::getError()));
|
||||
die(js::locate(inlink('browse'), 'parent'));
|
||||
}
|
||||
$this->view->title = $this->lang->sso->common . $this->lang->colon . $this->lang->sso->create;
|
||||
$this->view->position[] = $this->lang->sso->common;
|
||||
$this->view->position[] = $this->lang->sso->create;
|
||||
$this->view->key = $this->sso->createKey();
|
||||
$this->display();
|
||||
}
|
||||
|
||||
/**
|
||||
* Edit auth.
|
||||
*
|
||||
* @param string $code
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function edit($code)
|
||||
{
|
||||
if(!empty($_POST))
|
||||
{
|
||||
if(!$this->post->title) die(js::alert($this->lang->sso->error->title));
|
||||
if(!$this->post->ip) die(js::alert($this->lang->sso->error->ip));
|
||||
|
||||
$this->sso->updateAuth($code);
|
||||
if(dao::isError()) die(js::error(dao::getError()));
|
||||
die(js::locate(inlink('browse'), 'parent'));
|
||||
}
|
||||
|
||||
$this->view->title = $this->lang->sso->common . $this->lang->colon . $this->lang->sso->edit;
|
||||
$this->view->position[] = $this->lang->sso->common;
|
||||
$this->view->position[] = $this->lang->sso->edit;
|
||||
|
||||
$this->view->auth = $this->sso->getAuth($code);
|
||||
$this->view->code = $code;
|
||||
$this->display();
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete auth.
|
||||
*
|
||||
* @param string $code
|
||||
* @param string $confirm
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function delete($code, $confirm = 'no')
|
||||
{
|
||||
if($confirm == 'no')
|
||||
{
|
||||
die(js::confirm($this->lang->sso->confirmDelete, inlink('delete', "code=$code&confirm=yes")));
|
||||
}
|
||||
else
|
||||
{
|
||||
$this->sso->deleteAuth($code);
|
||||
die(js::locate(inlink('browse'), 'parent'));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Auth user.
|
||||
*
|
||||
* @param string $app
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function auth($app)
|
||||
{
|
||||
$user = $this->sso->identify($app);
|
||||
if($user)
|
||||
{
|
||||
$dept = $this->loadModel('dept')->getByID($user->dept);
|
||||
$user->deptName = $dept ? $dept->name : '';
|
||||
|
||||
$response['status'] = 'success';
|
||||
$response['data'] = json_encode($user);
|
||||
$this->send($response);
|
||||
}
|
||||
|
||||
$response['status'] = 'fail';
|
||||
$response['data'] = 'auth failed.';
|
||||
$this->send($response);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all departments.
|
||||
*
|
||||
* @param string $app
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function depts($app)
|
||||
{
|
||||
if($this->post->key) $key = $this->post->key;
|
||||
if($this->get->key) $key = $this->get->key;
|
||||
if($this->sso->checkIP($app) and $this->sso->getAppKey($app) == $key)
|
||||
{
|
||||
$depts = $this->sso->getAllDepts();
|
||||
$response['status'] = 'success';
|
||||
$response['data'] = json_encode($depts);
|
||||
$this->send($response);
|
||||
}
|
||||
|
||||
$response['status'] = 'fail';
|
||||
$response['data'] = 'key error';
|
||||
$this->send($response);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all users.
|
||||
*
|
||||
* @param string $app
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function users($app)
|
||||
{
|
||||
if($this->post->key) $key = $this->post->key;
|
||||
if($this->get->key) $key = $this->get->key;
|
||||
if($this->sso->checkIP($app) and $this->sso->getAppKey($app) == $key)
|
||||
{
|
||||
$depts = $this->sso->getAllUsers();
|
||||
$response['status'] = 'success';
|
||||
$response['data'] = json_encode($depts);
|
||||
$this->send($response);
|
||||
}
|
||||
|
||||
$response['status'] = 'fail';
|
||||
$response['data'] = 'key error';
|
||||
$this->send($response);
|
||||
}
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
.instruction {margin-top:5px; margin-left: 20px; padding:20px 30px;}
|
||||
@@ -1,11 +0,0 @@
|
||||
function createKey()
|
||||
{
|
||||
var chars = '0123456789abcdefghiklmnopqrstuvwxyz'.split('');
|
||||
var key = '';
|
||||
for(var i=0; i < 32; i++)
|
||||
{
|
||||
key += chars[Math.floor(Math.random() * chars.length)];
|
||||
}
|
||||
$('#key').val(key);
|
||||
return false;
|
||||
}
|
||||
@@ -1,43 +0,0 @@
|
||||
<?php
|
||||
$lang->sso->common = 'SSO';
|
||||
$lang->sso->browse = 'App list';
|
||||
$lang->sso->create = 'Create App';
|
||||
$lang->sso->edit = 'Edit App';
|
||||
$lang->sso->delete = 'Delete App';
|
||||
$lang->sso->code = 'Code';
|
||||
$lang->sso->title = 'Name';
|
||||
$lang->sso->key = 'Key';
|
||||
$lang->sso->ip = 'IP list';
|
||||
$lang->sso->createKey = 'New one';
|
||||
|
||||
$lang->sso->confirmDelete = 'Are you sure to delete this App?';
|
||||
|
||||
$lang->sso->note = new stdClass();
|
||||
$lang->sso->note->title = 'app name';
|
||||
$lang->sso->note->code = 'app code';
|
||||
$lang->sso->note->ip = "Use comma between two IPs, and support IP segment, for example 192.168.1.*";
|
||||
|
||||
$lang->sso->error = new stdClass();
|
||||
$lang->sso->error->title = 'Please input name';
|
||||
$lang->sso->error->code = 'Please input code';
|
||||
$lang->sso->error->key = 'Please input key';
|
||||
$lang->sso->error->ip = 'Please input IP';
|
||||
|
||||
$lang->sso->instruction = <<<EOT
|
||||
<p><strong>Example</strong>:Name is 'Test'", Code is 'test', Key is '20c8eb0d522d2e1a09d4ea18e4df3a59',IP list is "192.168.11.*,127.0.0.1"。</p>
|
||||
<p><strong>1.User Auth</strong></p>
|
||||
<p>Application request API of user auth, check if the account and password is correct, to realize single sign-on (SSO).</p>
|
||||
<p>The API is from sso module, auth method. POST data is account and encrypted string [md5(md5(password) + key)]. Return user info(json) if success, return fail if fail.</p>
|
||||
<p>Example: url is 'http:://www.demo.com/sso-auth-test',POST string is 'account=admin&authcode=c44c577432230ad8e67160d3f9f0b91c'.</p>
|
||||
<p> Note: 'test' is App code, 'c44c577432230ad8e67160d3f9f0b91' is md5(md5('123456') + '20c8eb0d522d2e1a09d4ea18e4df3a59')</p>
|
||||
<p><strong>2.Get User List</strong></p>
|
||||
<p>Application request API of user list, get all user info of zentao.</p>
|
||||
<p>The API if from sso module, users method. POST data is key. Return user list (json) if success, return fail if fail.</p>
|
||||
<p>Example:url is 'http:://www.demo.com/sso-users-test', POST string is 'key=20c8eb0d522d2e1a09d4ea18e4df3a59'.</p>
|
||||
<p> Note: 'test' is App code, '20c8eb0d522d2e1a09d4ea18e4df3a59' is App key.</p>
|
||||
<p><strong>3.Get Dept List</strong></p>
|
||||
<p>Application request API of dept list, get all dept info of zentao.</p>
|
||||
<p>The API if from sso module, depts method. POST data is key. Return dept list (json) if success, return fail if fail.</p>
|
||||
<p>Example:url is 'http:://www.demo.com/sso-depts-test', POST string is 'key=20c8eb0d522d2e1a09d4ea18e4df3a59'.</p>
|
||||
<p> Note: 'test' is App code, '20c8eb0d522d2e1a09d4ea18e4df3a59' is App key.</p>
|
||||
EOT;
|
||||
@@ -1,43 +0,0 @@
|
||||
<?php
|
||||
$lang->sso->common = '单点登录';
|
||||
$lang->sso->browse = '应用列表';
|
||||
$lang->sso->create = '添加应用';
|
||||
$lang->sso->edit = '编辑应用';
|
||||
$lang->sso->delete = '删除应用';
|
||||
$lang->sso->code = '代号';
|
||||
$lang->sso->title = '名称';
|
||||
$lang->sso->key = '密钥';
|
||||
$lang->sso->ip = 'IP列表';
|
||||
$lang->sso->createKey = '重新生成密钥';
|
||||
|
||||
$lang->sso->confirmDelete = '您确定删除该应用吗?';
|
||||
|
||||
$lang->sso->note = new stdClass();
|
||||
$lang->sso->note->title = '授权应用名称';
|
||||
$lang->sso->note->code = '授权应用代号';
|
||||
$lang->sso->note->ip = "允许该应用使用这些ip访问,多个ip使用逗号隔开。支持IP段,如192.168.1.*";
|
||||
|
||||
$lang->sso->error = new stdClass();
|
||||
$lang->sso->error->title = '名称不能为空';
|
||||
$lang->sso->error->code = '代号不能为空';
|
||||
$lang->sso->error->key = '密钥不能为空';
|
||||
$lang->sso->error->ip = 'IP列表不能为空';
|
||||
|
||||
$lang->sso->instruction = <<<EOT
|
||||
<p><strong>示例应用</strong>:名称为"测试",代号为"test",密钥为"20c8eb0d522d2e1a09d4ea18e4df3a59",IP列表为"192.168.11.*,127.0.0.1"。</p>
|
||||
<p><strong>1.用户验证</strong></p>
|
||||
<p>授权应用请求禅道的用户验证API,检查用户在该应用输入的用户名和密码是否正确,实现单点登录。</p>
|
||||
<p>API地址为sso模块的auth方法,POST数据为登录用户的用户名account和密码与密钥形成的加密字符串md5(md5(password) + key),成功则返回用户信息(json格式),失败则返回fail。</p>
|
||||
<p>示例:请求地址 http:://www.demo.com/sso-auth-test,POST字符串 account=admin&authcode=c44c577432230ad8e67160d3f9f0b91c。</p>
|
||||
<p> 注:test为应用代号,c44c577432230ad8e67160d3f9f0b91为md5(md5('123456') + '20c8eb0d522d2e1a09d4ea18e4df3a59')</p>
|
||||
<p><strong>2.获取用户列表</strong></p>
|
||||
<p>授权应用访问禅道的用户列表API,获取禅道所有用户信息。</p>
|
||||
<p>API地址为sso模块的users方法,POST数据为应用密钥,成功返回用户列表(json格式),失败返回fail。</p>
|
||||
<p>示例:请求地址 http:://www.demo.com/sso-users-test,POST字符串 key=20c8eb0d522d2e1a09d4ea18e4df3a59。</p>
|
||||
<p> 注:test为应用代号,20c8eb0d522d2e1a09d4ea18e4df3a59为应用密钥</p>
|
||||
<p><strong>3.获取部门列表</strong></p>
|
||||
<p>授权应用访问禅道的部门列表API,获取禅道所有部门信息。</p>
|
||||
<p>API地址为sso模块的depts方法,POST数据为应用密钥,成功返回用户列表(json格式),失败返回fail。</p>
|
||||
<p>示例:请求地址 http:://www.demo.com/sso-depts-test,POST字符串 key=20c8eb0d522d2e1a09d4ea18e4df3a59。</p>
|
||||
<p> 注:test为应用代号,20c8eb0d522d2e1a09d4ea18e4df3a59为应用密钥</p>
|
||||
EOT;
|
||||
@@ -1,43 +0,0 @@
|
||||
<?php
|
||||
$lang->sso->common = '單點登錄';
|
||||
$lang->sso->browse = '應用列表';
|
||||
$lang->sso->create = '添加應用';
|
||||
$lang->sso->edit = '編輯應用';
|
||||
$lang->sso->delete = '刪除應用';
|
||||
$lang->sso->code = '代號';
|
||||
$lang->sso->title = '名稱';
|
||||
$lang->sso->key = '密鑰';
|
||||
$lang->sso->ip = 'IP列表';
|
||||
$lang->sso->createKey = '重新生成密鑰';
|
||||
|
||||
$lang->sso->confirmDelete = '您確定刪除該應用嗎?';
|
||||
|
||||
$lang->sso->note = new stdClass();
|
||||
$lang->sso->note->title = '授權應用名稱';
|
||||
$lang->sso->note->code = '授權應用代號';
|
||||
$lang->sso->note->ip = "允許該應用使用這些ip訪問,多個ip使用逗號隔開。支持IP段,如192.168.1.*";
|
||||
|
||||
$lang->sso->error = new stdClass();
|
||||
$lang->sso->error->title = '名稱不能為空';
|
||||
$lang->sso->error->code = '代號不能為空';
|
||||
$lang->sso->error->key = '密鑰不能為空';
|
||||
$lang->sso->error->ip = 'IP列表不能為空';
|
||||
|
||||
$lang->sso->instruction = <<<EOT
|
||||
<p><strong>示例應用</strong>:名稱為"測試",代號為"test",密鑰為"20c8eb0d522d2e1a09d4ea18e4df3a59",IP列表為"192.168.11.*,127.0.0.1"。</p>
|
||||
<p><strong>1.用戶驗證</strong></p>
|
||||
<p>授權應用請求禪道的用戶驗證API,檢查用戶在該應用輸入的用戶名和密碼是否正確,實現單點登錄。</p>
|
||||
<p>API地址為sso模組的auth方法,POST數據為登錄用戶的用戶名account和密碼與密鑰形成的加密字元串md5(md5(password) + key),成功則返回用戶信息(json格式),失敗則返回fail。</p>
|
||||
<p>示例:請求地址 http:://www.demo.com/sso-auth-test,POST字元串 account=admin&authcode=c44c577432230ad8e67160d3f9f0b91c。</p>
|
||||
<p> 註:test為應用代號,c44c577432230ad8e67160d3f9f0b91為md5(md5('123456') + '20c8eb0d522d2e1a09d4ea18e4df3a59')</p>
|
||||
<p><strong>2.獲取用戶列表</strong></p>
|
||||
<p>授權應用訪問禪道的用戶列表API,獲取禪道所有用戶信息。</p>
|
||||
<p>API地址為sso模組的users方法,POST數據為應用密鑰,成功返回用戶列表(json格式),失敗返回fail。</p>
|
||||
<p>示例:請求地址 http:://www.demo.com/sso-users-test,POST字元串 key=20c8eb0d522d2e1a09d4ea18e4df3a59。</p>
|
||||
<p> 註:test為應用代號,20c8eb0d522d2e1a09d4ea18e4df3a59為應用密鑰</p>
|
||||
<p><strong>3.獲取部門列表</strong></p>
|
||||
<p>授權應用訪問禪道的部門列表API,獲取禪道所有部門信息。</p>
|
||||
<p>API地址為sso模組的depts方法,POST數據為應用密鑰,成功返回用戶列表(json格式),失敗返回fail。</p>
|
||||
<p>示例:請求地址 http:://www.demo.com/sso-depts-test,POST字元串 key=20c8eb0d522d2e1a09d4ea18e4df3a59。</p>
|
||||
<p> 註:test為應用代號,20c8eb0d522d2e1a09d4ea18e4df3a59為應用密鑰</p>
|
||||
EOT;
|
||||
@@ -1,177 +0,0 @@
|
||||
<?php
|
||||
class ssoModel extends model
|
||||
{
|
||||
/**
|
||||
* Get all auths.
|
||||
*
|
||||
* @access public
|
||||
* @return object
|
||||
*/
|
||||
public function getAuths()
|
||||
{
|
||||
$auths = clone $this->config->sso;
|
||||
unset($auths->create);
|
||||
unset($auths->edit);
|
||||
return $auths;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get auth by code.
|
||||
*
|
||||
* @param string $code
|
||||
* @access public
|
||||
* @return object
|
||||
*/
|
||||
public function getAuth($code)
|
||||
{
|
||||
return $this->config->sso->$code;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create auth.
|
||||
*
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function createAuth()
|
||||
{
|
||||
$auth = fixer::input('post')->get();
|
||||
$items = new stdClass();
|
||||
$items->{$this->post->code} = $auth;
|
||||
$this->loadModel('setting')->setItems("system.sso", $items);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update auth.
|
||||
*
|
||||
* @param int $code
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function updateAuth($code)
|
||||
{
|
||||
$auth = fixer::input('post')->get();
|
||||
$items = new stdClass();
|
||||
$items->$code = $auth;
|
||||
$this->loadModel('setting')->setItems("system.sso", $items);
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete auth.
|
||||
*
|
||||
* @param string $code
|
||||
* @access public
|
||||
* @return void
|
||||
*/
|
||||
public function deleteAuth($code)
|
||||
{
|
||||
$this->loadModel('setting')->deleteItems("owner=system&module=sso§ion=$code");
|
||||
}
|
||||
|
||||
/**
|
||||
* Get key of app.
|
||||
*
|
||||
* @param string $app
|
||||
* @access public
|
||||
* @return object
|
||||
*/
|
||||
public function getAppKey($app)
|
||||
{
|
||||
return $this->config->sso->$app->key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check ip if is allowed.
|
||||
*
|
||||
* @param string $app
|
||||
* @access public
|
||||
* @return bool
|
||||
*/
|
||||
public function checkIP($app)
|
||||
{
|
||||
$ipParts = explode('.', $_SERVER['REMOTE_ADDR']);
|
||||
$allowIPs = explode(',', $this->config->sso->$app->ip);
|
||||
|
||||
foreach($allowIPs as $allowIP)
|
||||
{
|
||||
$allowIPParts = explode('.', $allowIP);
|
||||
foreach($allowIPParts as $key => $allowIPPart)
|
||||
{
|
||||
if($allowIPPart == '*') $allowIPParts[$key] = $ipParts[$key];
|
||||
}
|
||||
if(implode('.', $allowIPParts) == $_SERVER['REMOTE_ADDR']) return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Identify user.
|
||||
*
|
||||
* @param string $app
|
||||
* @access public
|
||||
* @return bool | object
|
||||
*/
|
||||
public function identify($app)
|
||||
{
|
||||
if(!$this->checkIP($app)) return false;
|
||||
|
||||
$key = $this->getAppKey($app);
|
||||
|
||||
$account = '';
|
||||
$authcode = '';
|
||||
if($this->post->account) $account = $this->post->account;
|
||||
if($this->get->account) $account = $this->get->account;
|
||||
if($this->post->authcode) $authcode = $this->post->authcode;
|
||||
if($this->get->authcode) $authcode = $this->get->authcode;
|
||||
|
||||
if(!$account or !$authcode or !$key) return false;
|
||||
|
||||
$user = $this->dao->select('*')->from(TABLE_USER)
|
||||
->where('account')->eq($account)
|
||||
->andWhere('deleted')->eq(0)
|
||||
->fetch();
|
||||
|
||||
if($user)
|
||||
{
|
||||
$code = md5($user->password . $key);
|
||||
if($code == $authcode) return $user;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a key.
|
||||
*
|
||||
* @access public
|
||||
* @return string
|
||||
*/
|
||||
public function createKey()
|
||||
{
|
||||
return md5(rand());
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all departments.
|
||||
*
|
||||
* @access public
|
||||
* @return object
|
||||
*/
|
||||
public function getAllDepts()
|
||||
{
|
||||
return $this->dao->select('*')->from(TABLE_DEPT)->fetchAll();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all users.
|
||||
*
|
||||
* @access public
|
||||
* @return object
|
||||
*/
|
||||
public function getAllUsers()
|
||||
{
|
||||
return $this->dao->select('*')->from(TABLE_USER)
|
||||
->where('deleted')->eq(0)
|
||||
->fetchAll();
|
||||
}
|
||||
}
|
||||
@@ -1,36 +0,0 @@
|
||||
<?php include '../../common/view/header.html.php';?>
|
||||
<div class='container'>
|
||||
<div id='titlebar'>
|
||||
<div class='heading'><i class='icon-globe'></i> <?php echo $lang->sso->browse;?></div>
|
||||
<div class='actions'><?php common::printIcon('sso', 'create');?></div>
|
||||
</div>
|
||||
|
||||
<table class='table table-fixed tablesorter'>
|
||||
<thead>
|
||||
<tr class='colhead'>
|
||||
<th class='w-100px'><?php echo $lang->sso->title;?></th>
|
||||
<th class='w-80px'><?php echo $lang->sso->code;?></th>
|
||||
<th width='350'><?php echo $lang->sso->key;?></th>
|
||||
<th><?php echo $lang->sso->ip;?></th>
|
||||
<th class='w-100px'><?php echo $lang->actions;?></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php foreach($auths as $code => $auth):?>
|
||||
<tr class='text-left'>
|
||||
<td><?php echo $auth->title?></td>
|
||||
<td><?php echo $code?></td>
|
||||
<td><?php echo $auth->key?></td>
|
||||
<td><?php echo $auth->ip?></td>
|
||||
<td class='text-center'>
|
||||
<?php
|
||||
common::printIcon('sso', 'edit', "code=$code", '', 'list');
|
||||
common::printIcon('sso', 'delete', "code=$code", '', 'list', '', 'hiddenwin');
|
||||
?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach;?>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
<?php include '../../common/view/footer.html.php';?>
|
||||
@@ -1,46 +0,0 @@
|
||||
<?php include '../../common/view/header.html.php';?>
|
||||
<div class='container'>
|
||||
<div id='titlebar'>
|
||||
<div class='heading'>
|
||||
<span class='prefix'><?php echo html::icon('globe');?></span>
|
||||
<strong><?php echo $lang->sso->common;?></strong>
|
||||
<small class='text-muted'> <?php echo $lang->sso->create;?> <?php echo html::icon('plus');?></small>
|
||||
</div>
|
||||
</div>
|
||||
<div class='row'>
|
||||
<div class='col-md-6'>
|
||||
<form class='form-condensed' method='post' target='hiddenwin' id='dataform'>
|
||||
<table class='table table-form'>
|
||||
<tr>
|
||||
<th class='w-80px'><?php echo $lang->sso->title;?></th>
|
||||
<td><?php echo html::input('title', '', "class='form-control' placeholder='{$lang->sso->note->title}'");?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th><?php echo $lang->sso->code;?></th>
|
||||
<td><?php echo html::input('code', '', "class='form-control' placeholder='{$lang->sso->note->code}'");?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th><?php echo $lang->sso->key;?></th>
|
||||
<td>
|
||||
<div class='input-group'>
|
||||
<?php echo html::input('key', $key, "class='form-control' readonly='readonly'");?>
|
||||
<span class='input-group-btn'><?php echo html::a('javascript:void(0)', $lang->sso->createKey, '', 'onclick="createKey()" class="btn"')?></span>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th><?php echo $lang->sso->ip;?></th>
|
||||
<td><?php echo html::input('ip', '', "class='form-control' placeholder='{$lang->sso->note->ip}'");?></td>
|
||||
</tr>
|
||||
<tr><td></td><td><?php echo html::submitButton() . html::backButton();?></td></tr>
|
||||
</table>
|
||||
</form>
|
||||
</div>
|
||||
<div class='col-md-6'>
|
||||
<div class='article-content instruction alert'>
|
||||
<?php echo $lang->sso->instruction;?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php include '../../common/view/footer.html.php';?>
|
||||
@@ -1,37 +0,0 @@
|
||||
<?php include '../../common/view/header.html.php';?>
|
||||
<div class='container mw-700px'>
|
||||
<div id='titlebar'>
|
||||
<div class='heading'>
|
||||
<span class='prefix'><?php echo html::icon('globe');?></span>
|
||||
<strong><?php echo $lang->sso->common;?></strong>
|
||||
<small class='text-muted'> <?php echo $lang->sso->edit;?> <?php echo html::icon('pencil');?></small>
|
||||
</div>
|
||||
</div>
|
||||
<form class='form-condensed' method='post' target='hiddenwin' id='dataform'>
|
||||
<table class='table table-form'>
|
||||
<tr>
|
||||
<th class='w-90px'><?php echo $lang->sso->title;?></th>
|
||||
<td><?php echo html::input('title', $auth->title, "class='form-control'");?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th><?php echo $lang->sso->code;?></th>
|
||||
<td><?php echo $code;?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th><?php echo $lang->sso->key;?></th>
|
||||
<td>
|
||||
<div class='input-group'>
|
||||
<?php echo html::input('key', $auth->key, "class='form-control' readonly='readonly'");?>
|
||||
<span class='input-group-btn'><?php echo html::a('javascript:void(0)', $lang->sso->createKey, '', 'onclick="createKey()" class="btn"')?></span>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th><?php echo $lang->sso->ip;?></th>
|
||||
<td><?php echo html::input('ip', $auth->ip, "class='form-control'");?></td>
|
||||
</tr>
|
||||
<tr><td colspan='2' class='text-center'><?php echo html::submitButton() . html::backButton();?></td></tr>
|
||||
</table>
|
||||
</form>
|
||||
</div>
|
||||
<?php include '../../common/view/footer.html.php';?>
|
||||
Reference in New Issue
Block a user