移动云单点登录 #28225

app/controllers/ecloud_controller.rb

@@ -16,8 +16,8 @@ require 'digest'
 
 class EcloudController < ApplicationController
 
-  before_filter :save_para
-  before_filter :check_sign_key, only: [:ps_new, :ps_update, :bs_new, :bs_update]
+  before_action :save_para
+  before_action :check_sign_key, only: [:ps_new, :ps_update, :bs_new, :bs_update]
 
 
   def index
@@ -239,57 +239,60 @@ class EcloudController < ApplicationController
   end
 
   def ecloud_login_callback
+    if params[:test]
+      user_info = decode '{"userid":2147,"custid":2104,"custcode":"E0002018042810010054","custtype":2,"status":2,"username":"15111030087@QW_er","useralias":"15111030087","isadmin":true,"entprise":"04**004","departments":"","departmentnames":"","mobile":"15365386520","email":"15111030087@139.com"}'
+    else
+      res = request_ecloud_authorization
 
-    unless params["test"] == 'true'
-      #获取code
-      logger.info "oauth2 login_callback: #{params}"
-
-      raise "没有code" unless params[:code]
-
-      url = "#{SERVER_URL}/oauth2/authorization?grant_type=authorization_code" +
-          "&client_id=#{CLIENT_ID}&scope=&redirect_uri=&code=#{params[:code]}"
-
-      res = post(url)
       logger.info "oauth2 authorization resp: #{res}"
-      # {"access_token":"ae673b2d-88b4-46cc-aa74-0b031f24b76f","expires":6,"refresh_token":"7380cc67-a59c-4c21-9000-70e12a58d175","username":"15111030087@QW_er","uid":2147}
-
-      body = decode(res)
+      raise '登录失败' unless res["access_token"]
 
-      raise '登录失败' unless body["access_token"]
+      user_info = decode get_ecloud_user(res)
+      logger.info "oauth2 get user info: #{user_info}"
+    end
 
-      #获取此用户信息
-      res = get("#{SERVER_URL}/user/info?access_token=#{body['access_token']}&userid=#{body['uid']}")
-      logger.info "oauth2 get user info: #{res}"
-      # {"userid":2147,"custid":2104,"custcode":"E0002018042810010054","custtype":2,"status":2,"username":"15111030087@QW_er","useralias":"15111030087","isadmin":true,"entprise":"04**004","departments":"","departmentnames":"","mobile":"15365386520","email":"15111030087@139.com"}
-    else
-      res = '{"userid":2147,"custid":2104,"custcode":"E0002018042810010054","custtype":2,"status":2,"username":"15111030087@QW_er","useralias":"15111030087","isadmin":true,"entprise":"04**004","departments":"","departmentnames":"","mobile":"15365386520","email":"15111030087@139.com"}'
+    open_user = OpenUsers::Ecloud.find_or_initialize_by(uid: user_info['userid']) do |u|
+      u.extra = user_info
     end
 
+    redirect_to "/users/#{open_user.user.login}/courses" and return  if open_user.persisted?
 
-    # 同步用户
-    info = decode(res)
+    ActiveRecord::Base.transaction do
+      user = User.find_or_initialize_by(phone: user_info["mobile"]) do |u|
+        u.login = "ecoder_#{user_info['mobile']}"
+        u.type ='User'
+        u.status = User::STATUS_ACTIVE
+        u.nickname = user_info[:username]
+        u.lastname = user_info['username']
+      end
       
-    user = User.find_by_ecoder_user_id(info["userid"])
-    unless user
-      #新建用户
-      user = User.create_with_ecoder!(info)
+      if !user.persisted?
+        user.mail = user_info["email"] unless user_info["email"].blank? || User.find_by_mail(user_info["email"])
+        user.save!
+        user.create_user_extension!
+      end
+
+      open_user.user = user
+      open_user.save!
+      successful_authentication(user)
+
+      redirect_to "/users/#{user.login}/courses"
     end
+  rescue Exception => e
+    render :json => {code: 500, msg: "#{e.message}"}
+  end
 
-    self.logged_user = user
-
-    user = UserExtension.where(:user_id => User.current.id).first
-    # if user.gender.nil? || user.school_id.nil? || User.current.lastname.nil?
-    #   redirect_to my_account_path
-    # elsif user.identity == 3 && user.school_id.nil?
-    #   redirect_to my_account_path
-    # else
-    #   redirect_to User.current
-    # end
-    redirect_to User.current
+  private
+
+  def request_ecloud_authorization
+    url = "#{SERVER_URL}/oauth2/authorization?grant_type=authorization_code&client_id=#{CLIENT_ID}&scope=&redirect_uri=&code=#{params[:code]}"
+    decode post(url)
   end
 
+  def get_ecloud_user(body)
+    res = get("#{SERVER_URL}/user/info?access_token=#{body['access_token']}&userid=#{body['uid']}")
+  end
 
-  private
   def get(url)
     uri = URI(url)
 

config/routes.rb

@@ -9,6 +9,9 @@ Rails.application.routes.draw do
   get 'auth/qq/callback', to: 'oauth/qq#create'
   get 'auth/failure', to: 'oauth/base#auth_failure'
   get 'auth/cas/callback', to: 'oauth/cas#create'
+  get 'ecloud/ecloud_login', to: 'ecloud#ecloud_login_callback'
+
+  
 
 
   resources :edu_settings