zdqy_firm_former/src/api/oauth2/oauth2.js

/**
 * OAUTH2 授权
 *   登录，用户授权
 * <pre>
 * 作者:hugh zhuang
 * 邮箱:3378340995@qq.com
 * 日期:2018-10-08-下午3:29:34
 * 版权:广州流辰信息技术有限公司
 * </pre>
 */
import { OAUTH2_URL } from '@/api/baseUrl'
import request from '@/utils/request'
import requestState from '@/constants/state'
import { Message } from 'element-ui'

import qs from 'qs'

var AccessToken = function (data) {
    if (!(this instanceof AccessToken)) {
        return new AccessToken(data)
    }
    this.data = data
}
/**
 * 对返回结果的一层封装，如果遇见IBPS平台返回的错误，将返回一个错误
 * 参见：IBPS返回码说明
 */
var wrapper = function (callback) {
    return function (err, data, res) {
        callback = callback || function () {}
        if (err) {
            err.name = 'IBPSAPI' + err.name
            return callback(err, data, res)
        }
        callback(null, data, res)
    }
}

/*!
 * 检查AccessToken是否有效，检查规则为当前时间和过期时间进行对比
 *
 * Examples:
 * ```
 * token.isValid();
 * ```
 */
AccessToken.prototype.isValid = function () {
    return !!this.data.access_token && (new Date().getTime()) < (this.data.create_at + this.data.expires_in * 1000)
}

/*!
 * 处理token，更新过期时间
 */
var processToken = function (that, callback) {
    var createAt = new Date().getTime()

    return function (err, data, res) {
        if (err) {
            return callback(err, data, res)
        }
        data.create_at = createAt
        // 20231106修改，将licence信息增加到接口返回数据
        if (res.variables && res.variables.licJson) {
            data.licJson = JSON.parse(res.variables.licJson)
        }
        // 存储token
        that.saveToken(data.uid, data, function (err) {
            callback(err, new AccessToken(data))
        })
    }
}

/**
 * 根据clientId和clientSecret创建OAuth接口的构造函数
 * 如需跨进程跨机器进行操作，access token需要进行全局维护
 * 使用token的优先级是：
 *
 * 1. 使用当前缓存的token对象
 * 2. 调用开发传入的获取token的异步方法，获得token之后使用（并缓存它）。

 * Examples:
 * ```
 * import IbpsOAuth from '@/utils/oauth2'
 * var oauthApi = new OAuth('clientId', 'clientSecret');
 * ```
 * @param {String} clientId 在平台上申请得到的clientId(或appid)
 * @param {String} clientSecret 在平台上申请得到的client secret(或app secret)
 * @param {Function} getToken 用于获取token的方法
 * @param {Function} saveToken 用于保存token的方法
 */
var OAuth = function (clientId, clientSecret, getToken, saveToken) {
    this.clientId = clientId
    this.clientSecret = clientSecret
    this.statistic = ''
    this.username = ''
    // token的获取和存储
    this.store = {}
    this.getToken = getToken || function (uid, callback) {
        callback(null, this.store[uid])
    }
    if (!saveToken && process.env.NODE_ENV === 'production') {
        console.warn('Please dont save oauth token into memory under production')
    }
    this.saveToken = saveToken || function (uid, token, callback) {
        this.store[uid] = token
        callback(null)
    }
    this.defaults = {}
}

/*!
 * request的封装
 *
 * @param {String} url 路径
 * @param {Object} opts urllib选项
 * @param {Function} callback 回调函数
 */
OAuth.prototype.request = function (opts, callback) {
    const options = {}
    Object.assign(options, this.defaults)
    if (typeof opts === 'function') {
        callback = opts
        opts = {}
    }
    for (const key in opts) {
        if (key !== 'headers') {
            options[key] = opts[key]
        } else {
            if (opts.headers) {
                options.headers = options.headers || {}
                Object.assign(options.headers, opts.headers)
            }
        }
    }

    request(options).then(response => {
        const { state } = response
        if (state === requestState.UNSUPORT || state === requestState.WARNING) {
            const err = new Error(response.message)
            err.state = state
            err.cause = response.cause
            callback(err)
        } else {
            callback(null, response.data, response)
        }
    }).catch(error => {
        callback(error)
    })
}

/**
 * 获取授权页面的URL地址
 * @param {String} redirect 授权后要跳转的地址
 * @param {String} state 开发者可提供的数据
 * @param {String} scope 作用范围，值为snsapi_userinfo和snsapi_base，前者用于弹出，后者用于跳转
 */
OAuth.prototype.getAuthorizeURL = function (redirect, state, scope) {
    const url = OAUTH2_URL() + ''
    const info = {
        clientId: this.clientId,
        redirect_uri: redirect,
        response_type: 'code',
        scope: scope || 'snsapi_base',
        state: state || ''
    }

    return url + '?' + qs.stringify(info) + '#ibps_redirect'
}

/**
 * 获取授权页面的URL地址
 * @param {String} redirect 授权后要跳转的地址
 * @param {String} state 开发者可提供的数据
 * @param {String} scope 作用范围，值为snsapi_login，前者用于弹出，后者用于跳转
 */
OAuth.prototype.getAuthorizeURLForWebsite = function (redirect, state, scope) {
    const url = OAUTH2_URL() + '/qrconnect'
    const info = {
        clientId: this.clientId,
        redirect_uri: redirect,
        response_type: 'code',
        scope: scope || 'snsapi_login',
        state: state || ''
    }

    return url + '?' + qs.stringify(info) + '#ibps_redirect'
}

/**
 * 根据授权获取到的code，换取access_token和uid
 * 获取uid之后，可以调用`IBPS.API`来获取更多用户信息
 * Examples:
 * ```
 * api.getAccessTokenByCode(code, callback);
 * ```
 * Callback:
 *
 * - `error`, 获取access token出现异常时的异常对象
 * - `result`, 成功时得到的响应结果
 *
 * Result:
 * ```
 * {
 *  data: {
 *    "access_token": "ACCESS_TOKEN",
 *    "refresh_token": "REFRESH_TOKEN",
 *    "uid": "uid",
 *    "expires_in": 7200,
 *    "scope": "SCOPE"
 *  }
 * }
 * ```
 * @param {String} code 授权获取到的code
 * @param {Function} callback 回调函数
 */
OAuth.prototype.getAccessTokenByCode = function (code, callback) {
    // 存储用户名，用于刷新token传参
    localStorage.setItem('username', this.username)
    const args = {
        url: OAUTH2_URL() + '/authentication/apply',
        data: {
            client_id: this.clientId,
            client_secret: this.clientSecret,
            authorize_code: code,
            username: this.username,
            grant_type: 'authorization_code'
        },
        method: 'post'
    }
    this.request(args, wrapper(processToken(this, callback)))
}
/**
 * 密码授权模式
 * 根据用户名和密码，换取access token和uid
 * 获取uid之后，可以调用`IBPS.API`来获取更多用户信息
 * Examples:
 * ```
 * api.getAccessTokenByPassword(code, callback);
 * ```
 * Callback:
 *
 * - `error`, 获取access token出现异常时的异常对象
 * - `result`, 成功时得到的响应结果
 *
 * Result:
 * ```
 * {
 *  data: {
 *    "access_token": "ACCESS_TOKEN",
 *    "refresh_token": "REFRESH_TOKEN",
 *    "uid": "uid",
 *    "expires_in": 7200,
 *    "scope": "SCOPE"
 *  }
 * }
 * ```
 * ```
 * @param {String} username  用户名
 * @param {String} password  密码
 * @param {Function} callback 回调函数
 */
OAuth.prototype.getAccessTokenByPassword = function ({ username, password }, callback) {
    const args = {
        url: OAUTH2_URL() + '/authentication/apply',
        data: {
            client_id: this.clientId,
            client_secret: this.clientSecret,
            username: username,
            password: password,
            grant_type: 'password_credentials'
        },
        method: 'post'
    }
    this.request(args, wrapper(processToken(this, callback)))
}

/**
 * 根据refresh token，刷新access token，调用getAccessTokenByCode后才有效
 * Examples:
 * ```
 * api.refreshAccessToken(refreshToken, callback);
 * ```
 * Callback:
 *
 * - `err`, 刷新access token出现异常时的异常对象
 * - `result`, 成功时得到的响应结果
 *
 * Result:
 * ```
 * {
 *  data: {
 *    "access_token": "ACCESS_TOKEN",
 *    "expires_in": 7200,
 *    "refresh_token": "REFRESH_TOKEN",
 *    "uid": "uid",
 *    "remind_in": 7
 *  }
 * }
 * ```
 * @param {String} refreshToken 刷新tonken
 * @param {Function} callback 回调函数
 */
OAuth.prototype.refreshAccessToken = function (refreshToken, callback) {
    const username = localStorage.getItem('username')
    const args = {
        url: OAUTH2_URL() + '/authentication/apply',
        data: {
            client_id: this.clientId,
            client_secret: this.clientSecret,
            grant_type: 'refresh_token',
            username,
            refresh_token: refreshToken
        },
        method: 'post'

    }
    this.request(args, wrapper(processToken(this, callback)))
}
/**
 * 获取用户信息 【私有方法】
 * @param {*} options
 * @param {*} accessToken
 * @param {*} callback
 */
OAuth.prototype._getUser = function (options, accessToken, callback) {
    const args = {
        url: OAUTH2_URL() + '/user/context',
        data: {
            access_token: accessToken,
            uid: options.uid,
            lang: options.lang || 'zh_CN'
        }
    }
    this.request(args, wrapper(callback))
}

/**
 * 根据uid，获取用户信息。
 * 当access token无效时，自动通过refresh token获取新的access token。然后再获取用户信息
 * Examples:
 * ```
 * api.getUser(uid, callback);
 * api.getUser(options, callback);
 * ```
 *
 * Options:
 * ```
 * // 或
 * {
 *  "uid": "the user Id", // 必须
 *  "lang": "the lang code" // zh_CN 简体，zh_TW 繁体，en 英语
 * }
 * ```
 * Callback:
 *
 * - `err`, 获取用户信息出现异常时的异常对象
 * - `result`, 成功时得到的响应结果
 *
 * Result:
 * ```
 * {
 *  "uid": "uid",
 *  "nickname": "NICKNAME",
 *  "sex": "1",
 *  "province": "PROVINCE"
 *  "city": "CITY",
 *  "country": "COUNTRY",
 *  "headimgurl": "http://xxxxx.cn/mmopen/g3MonUZtNHkdmzicIlibx6iaFqAc56vxLSUfpb6n5WKSYVY0ChQKkiaJSgQ1dZuTOgvLLrhJbERQQ4eMsv84eavHiaiceqxibJxCfHe/46",
 *  "privilege": [
 *    "PRIVILEGE1"
 *    "PRIVILEGE2"
 *  ]
 * }
 * ```
 * @param {Object|String} options 传入uid或者参见Options
 * @param {Function} callback 回调函数
 */
OAuth.prototype.getUser = function (options, callback) {
    if (typeof options !== 'object') {
        options = {
            uid: options
        }
    }
    const that = this
    this.getToken(options.uid, function (err, data) {
        if (err) {
            return callback(err)
        }
        // 没有token数据
        if (!data) {
            const message = 'No token for ' + options.uid + ', please authorize first.'
            Message({
                message: `${message}`,
                type: 'error',
                showClose: true,
                dangerouslyUseHTMLString: true,
                duration: 5 * 1000
            })
            const error = new Error(message)
            err.state = 'NoOAuthTokenError'
            return callback(error)
        }
        const token = new AccessToken(data)
        if (token.isValid()) {
            that._getUser(options, token.data.access_token, callback)
        } else {
            that.refreshAccessToken(token.data.refresh_token, function (err, token) {
                if (err) {
                    return callback(err)
                }
                that._getUser(options, token.data.access_token, callback)
            })
        }
    })
}

/**
 * 检验授权凭证（access_token）是否有效。
 * Examples:
 * ```
 * api.verifyToken(uid, accessToken, callback);
 * ```
 * @param {String} uid 传入uid
 * @param {String} accessToken 待校验的access token
 * @param {Function} callback 回调函数
 */
OAuth.prototype.verifyToken = function (uid, accessToken, callback) {
    const args = {
        url: OAUTH2_URL() + '/authentication/verify',
        params: {
            access_token: accessToken,
            uid: uid
        },
        method: 'post'
    }
    this.request(args, wrapper(callback))
}

/**
 * 用户名、密码方式登录。
 * Examples:
 * ```
 * api.userLogin(data, callback);
 * ```
 * @param {Objcct} data
 *     username : 用户名
 *     password : 密码
 * @param {Function} callback 回调函数
 */
OAuth.prototype.userLogin = function (data, callback) {
    const args = {
        url: OAUTH2_URL() + '/user/login/apply',
        data: data,
        method: 'post'
    }
    this.request(args, wrapper(callback))
}

/**
 *
 *申请授权
 * Examples:
 * ```
 * api.authorize(login, callback);
 * ```
 * @param {Objcct} options
 * @param {Function} callback 回调函数
 */
OAuth.prototype.authorize = function (data, callback) {
    const url = OAUTH2_URL() + '/authorize/apply'
    if (typeof data !== 'object') {
        data = {
            login_state: data
        }
    }
    data.client_id = this.clientId

    const args = {
        url,
        data: data,
        method: 'post'
    }
    this.request(args, wrapper(callback))
}

/**
 * 根据code，获取用户信息。
 * Examples:
 * ```
 * api.getUserByCode(code, callback);
 * ```
 * Callback:
 *
 * - `err`, 获取用户信息出现异常时的异常对象
 * - `result`, 成功时得到的响应结果
 *
 * Result:
 * ```
 * {
 *  "uid": "uid",
 *  "nickname": "NICKNAME",
 *  "sex": "1",
 *  "province": "PROVINCE"
 *  "city": "CITY",
 *  "country": "COUNTRY",
 *  "headimgurl": "http://wx.qlogo.cn/mmopen/g3MonUZtNHkdmzicIlibx6iaFqAc56vxLSUfpb6n5WKSYVY0ChQKkiaJSgQ1dZuTOgvLLrhJbERQQ4eMsv84eavHiaiceqxibJxCfHe/46",
 *  "privilege": [
 *    "PRIVILEGE1"
 *    "PRIVILEGE2"
 *  ]
 * }
 * ```
 * @param {Object|String} options 授权获取到的code
 * @param {Function} callback 回调函数
 */
OAuth.prototype.getUserByCode = function (options, callback) {
    const that = this

    let lang
    let code
    if (typeof options === 'string') {
        code = options
    } else {
        lang = options.lang
        code = options.code
    }

    this.getAccessTokenByCode(code, function (err, result) {
        if (err) {
            return callback(err)
        }
        const uid = result.data.uid
        that.getUser({ uid: uid, lang: lang }, callback)
    })
}

/**
 * 通过登录获取access_token
 * @param {*} options
 * @param {*} callback
 */
OAuth.prototype.getLoginCode = function (options, callback) {
    this.username = options.username
    const that = this
    /**
     * 用户登录
     */
    this.userLogin(options, function (err, data, res) {
        if (err) {
            return callback(err)
        }
        that.statistic = res.variables.statistic // 判斷是否有统计权限
        // 没有token数据
        if (!data) {
            const message = '没有传回用户信息'
            Message({
                message: `${message}`,
                type: 'error',
                showClose: true,
                dangerouslyUseHTMLString: true,
                duration: 5 * 1000
            })
            const error = new Error(message)
            err.state = 'NoOAuthTokenError'
            return callback(error)
        }

        that.authorize(data, function (err1, data1) {
            if (err1) {
                return callback(err1)
            }
            that.getAccessTokenByCode(data1, callback)
        })
    })
}

export default OAuth