From 3ace5e4ec49d1ad6871c504afccca86245f32f70 Mon Sep 17 00:00:00 2001 From: shylinux Date: Tue, 21 Jul 2020 18:11:58 +0800 Subject: [PATCH] add sso --- base/aaa/sess.go | 5 +++++ base/aaa/user.go | 15 +++++++++++++++ base/web/serve.go | 6 ++++++ misc/lark/lark.go | 44 +++++++++++++++++++++++++++++++------------- 4 files changed, 57 insertions(+), 13 deletions(-) diff --git a/base/aaa/sess.go b/base/aaa/sess.go index 7b164579..03d6fc69 100644 --- a/base/aaa/sess.go +++ b/base/aaa/sess.go @@ -13,6 +13,7 @@ func _sess_list(m *ice.Message) { } func _sess_auth(m *ice.Message, sessid string, username string, userrole string) { m.Richs(SESS, nil, sessid, func(value map[string]interface{}) { + m.Debug("fuck %v", m.Option(ice.MSG_USERROLE)) if m.Option(ice.MSG_USERROLE) == ROOT { value[USERROLE] = userrole } else if m.Option(ice.MSG_USERROLE) == TECH && userrole != ROOT { @@ -26,9 +27,13 @@ func _sess_auth(m *ice.Message, sessid string, username string, userrole string) } func _sess_check(m *ice.Message, sessid string) { m.Richs(SESS, nil, sessid, func(value map[string]interface{}) { + m.Richs(USER, nil, value[USERNAME], func(value map[string]interface{}) { + m.Option(ice.MSG_USERNICK, value[USERNICK]) + }) m.Log_AUTH( USERNAME, m.Option(ice.MSG_USERNAME, value[USERNAME]), USERROLE, m.Option(ice.MSG_USERROLE, value[USERROLE]), + USERNICK, m.Option(ice.MSG_USERROLE), ) }) } diff --git a/base/aaa/user.go b/base/aaa/user.go index 2e5d84ff..f85fe079 100644 --- a/base/aaa/user.go +++ b/base/aaa/user.go @@ -26,6 +26,18 @@ func _user_login(m *ice.Message, name, word string) (ok bool) { }) return ok } +func _user_modify(m *ice.Message, name string, arg ...string) { + if m.Richs(USER, nil, name, nil) == nil { + m.Rich(USER, nil, kit.Dict(USERNAME, name)) + } + + m.Richs(USER, nil, name, func(key string, value map[string]interface{}) { + for i := 0; i < len(arg)-1; i += 2 { + m.Log_MODIFY(USERNAME, name, arg[i], arg[i+1]) + kit.Value(value, arg[i], arg[i+1]) + } + }) +} func _user_create(m *ice.Message, name, word string) { m.Rich(USER, nil, kit.Dict( USERNAME, name, PASSWORD, word, @@ -87,6 +99,9 @@ func init() { mdb.CREATE: {Name: "create username [password]", Help: "创建", Hand: func(m *ice.Message, arg ...string) { _user_create(m, arg[0], kit.Select("", arg, 1)) }}, + mdb.MODIFY: {Name: "create username [key value]...", Help: "创建", Hand: func(m *ice.Message, arg ...string) { + _user_modify(m, arg[0], arg[1:]...) + }}, mdb.SEARCH: {Name: "search type name text arg...", Help: "搜索", Hand: func(m *ice.Message, arg ...string) { _user_search(m, arg[0], arg[1], kit.Select("", arg, 2)) }}, diff --git a/base/web/serve.go b/base/web/serve.go index d55ce797..3ea8a874 100644 --- a/base/web/serve.go +++ b/base/web/serve.go @@ -184,6 +184,12 @@ func _serve_main(m *ice.Message, w http.ResponseWriter, r *http.Request) bool { Render(m, "refresh", m.Conf(SERVE, "meta.volcanos.refresh")) m.Event(gdb.SYSTEM_INIT) m.W = nil + } else if r.URL.Path == "/" && m.Conf(SERVE, "meta.sso") != "" { + if c, e := r.Cookie(ice.MSG_SESSID); e != nil || c.Value == "" { + http.Redirect(w, r, m.Conf(SERVE, "meta.sso"), http.StatusTemporaryRedirect) + return false + } + return true } else if r.URL.Path == "/share" && r.Method == "GET" { http.ServeFile(w, r, m.Conf(SERVE, "meta.page.share")) } else { diff --git a/misc/lark/lark.go b/misc/lark/lark.go index e3efdda8..083a5f36 100644 --- a/misc/lark/lark.go +++ b/misc/lark/lark.go @@ -10,6 +10,7 @@ import ( "github.com/shylinux/toolkits" "encoding/json" + "math/rand" "net/http" "strings" "time" @@ -69,6 +70,8 @@ const ( DUTY = "duty" TALK = "talk" + RAND = "rand" + LARK = "lark" ) @@ -224,6 +227,11 @@ var Index = &ice.Context{Name: "lark", Help: "机器人", } m.Cmdy(m.Prefix(SEND), "chat_id", arg[0], arg[2:]) }}, + RAND: {Name: "rand", Help: "随机", Hand: func(m *ice.Message, c *ice.Context, key string, arg ...string) { + msg := m.Cmd(GROUP, "user", m.Option(OPEN_CHAT_ID)) + list := msg.Appendv("name") + m.Echo(list[rand.Intn(len(list))]) + }}, SEND: {Name: "send [chat_id|open_id|user_id|email] user [title] text", Help: "消息", Hand: func(m *ice.Message, c *ice.Context, key string, arg ...string) { var form = kit.Dict("content", kit.Dict()) @@ -239,6 +247,9 @@ var Index = &ice.Context{Name: "lark", Help: "机器人", case 1: kit.Value(form, "msg_type", "text") kit.Value(form, "content.text", arg[0]) + if arg[0] == "" { + return + } default: content := []interface{}{} line := []interface{}{} @@ -464,23 +475,30 @@ var Index = &ice.Context{Name: "lark", Help: "机器人", "/sso": {Name: "/sso", Help: "消息", Hand: func(m *ice.Message, c *ice.Context, key string, arg ...string) { if m.Options("code") { - m.Option("username", m.Cmd(".user", "code", m.Option("code")).Append("open_id")) - m.Option("sessid", m.Cmdx("aaa.user", "session", "select")) - m.Cmd("ssh._check", "work", "create", m.Option("username")) + m.Richs(APP, nil, "bot", func(key string, value map[string]interface{}) { + data := kit.UnMarshal(m.Cmdx(web.SPIDE, LARK, "raw", "/open-apis/authen/v1/access_token", + "code", m.Option("code"), "grant_type", "authorization_code", + "app_access_token", m.Cmdx(APP, "token", "bot"), + )) - // web.Cookie(m) - // m.Append("redirect", m.Cmdx("web.spide", "serve", "merge", m.Option("index_path")), "code", "") + m.Option(ice.MSG_USERROLE, aaa.ROOT) + user := kit.Format(kit.Value(data, "data.open_id")) + web.RenderCookie(m, aaa.SessCreate(m, user, aaa.UserRole(m, user))) + m.Render("redirect", m.Conf(web.SHARE, "meta.domain")) + + m.Debug("data %v", kit.Format(data)) + m.Cmd(aaa.USER, mdb.MODIFY, user, + aaa.USERNICK, kit.Value(data, "data.name"), + ) + }) return } - if !m.Options("sessid") || !m.Options("username") { - m.Append("redirect", m.Cmdx("web.spide", "feishu", "merge", "/connect/qrconnect/page/sso/", - "redirect_uri", m.Cmdx("web.spide", "serve", "merge", m.Option("index_path")), - "app_id", m.Conf("app", "bot.id"), "state", "ok")) - return - } - m.Cmd("/render") - return + m.Richs(APP, nil, "bot", func(key string, value map[string]interface{}) { + m.Render("redirect", kit.MergeURL2(m.Conf(APP, "meta.lark"), "/open-apis/authen/v1/index"), + "app_id", value["id"], "redirect_uri", kit.MergeURL2(m.Conf(web.SHARE, "meta.domain"), "/chat/lark/sso"), + ) + }) }}, }, }