diff --git a/resetpwd/utils.py b/resetpwd/utils.py
index 40e79c1..398fb5d 100644
--- a/resetpwd/utils.py
+++ b/resetpwd/utils.py
@@ -24,7 +24,15 @@ else:
logger = logging.getLogger('django')
-def code_2_user_info(ops, request, msg_template, home_url, code):
+def code_2_user_info(ops, home_url, code):
+ """
+ 临时授权码换取userinfo
+ """
+ _, s, e = ops.get_user_detail(code=code, home_url=home_url)
+ return _, s, e
+
+
+def code_2_user_info_with_oauth2(ops, request, msg_template, home_url, code):
"""
临时授权码换取userinfo
"""
@@ -32,7 +40,7 @@ def code_2_user_info(ops, request, msg_template, home_url, code):
# 判断 user_id 在本企业钉钉/微信中是否存在
if not _status:
context = {
- 'msg': '获取钉钉userid失败,错误信息:{}'.format(user_id),
+ 'msg': '获取userid失败,错误信息:{}'.format(user_id),
'button_click': "window.location.href='%s'" % home_url,
'button_display': "返回主页"
}
@@ -40,7 +48,7 @@ def code_2_user_info(ops, request, msg_template, home_url, code):
detail_status, user_info = ops.get_user_detail_by_user_id(user_id)
if not detail_status:
context = {
- 'msg': '获取钉钉用户信息失败,错误信息:{}'.format(user_info),
+ 'msg': '获取用户信息失败,错误信息:{}'.format(user_info),
'button_click': "window.location.href='%s'" % home_url,
'button_display': "返回主页"
}
diff --git a/resetpwd/views.py b/resetpwd/views.py
index 603e443..50be3fc 100644
--- a/resetpwd/views.py
+++ b/resetpwd/views.py
@@ -117,7 +117,7 @@ def index(request):
def callback_check(request):
"""
- 钉钉扫码回调数据之后,将用户账号在AD中进行验证,如果通过,则返回钉钉中取出用户的union_id
+ 扫码回调数据之后,将用户账号在AD中进行验证,如果通过,则返回钉钉中取出用户的union_id
:param request:
:return:
"""
@@ -133,18 +133,20 @@ def callback_check(request):
'button_display': "返回主页"
}
return render(request, msg_template, context)
+
+ print('code ----- ', code)
try:
- _status, user_id, user_info = code_2_user_info(_ops, request, msg_template, home_url, code)
- print(user_info)
+ _status, user_id, user_info = code_2_user_info(_ops, home_url, code)
if not _status:
return render(request, msg_template, user_id)
# 账号是否是激活的
if get_user_is_active(user_info):
return crypto_user_id_2_cookie(user_id)
+
# 否则账号不存在或未激活
else:
context = {
- 'msg': '当前扫码的用户在钉钉中未激活或可能己离职,用户信息如下:%s' % user_info,
+ 'msg': '当前扫码的用户未激活或可能己离职,用户信息如下:%s' % user_info,
'button_click': "window.location.href='%s'" % home_url,
'button_display': "返回主页"
}
diff --git a/static/js/wwLogin-1.2.7.js b/static/js/wwLogin-1.2.7.js
new file mode 100644
index 0000000..908ab96
--- /dev/null
+++ b/static/js/wwLogin-1.2.7.js
@@ -0,0 +1 @@
+!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).WwLogin=t()}(this,(function(){"use strict";var e=["work.weixin.qq.com","tencent.com"],t={sso:"/wwopen/sso/qrConnect",tww:"/login/wwLogin/sso/qrConnect",native:"/native/sso/qrConnect",twxg:"/login/wwLogin/sso/qrConnect"},n="1.2.7";return function(){function o(e){this.options=e,this.options=e,this.createFrame()}return o.prototype.destroyed=function(){console.log("WwLogin had destroyed."),window.removeEventListener("message",this.onPostMessage)},o.prototype.getUrl=function(e){var o=[];Object.keys(e).forEach((function(t){var n=e[t];[void 0,null].indexOf(n)>-1||-1!==["string","number","boolean"].indexOf(typeof n)&&"id"!==t&&o.push("".concat(t,"=").concat(n))})),o.push("version=".concat(n)),o.push("login_type=jssdk");var s=t[e.business_type||"sso"];if(!s)throw new Error("Argument business_type not match. Current version is ".concat(n,"."));var i="https://open.work.weixin.qq.com";return/tencent\.com$/.test(window.location.host)&&(i="https://open.wecom.tencent.com"),"".concat(i).concat(s,"?").concat(o.join("&"))},o.prototype.createFrame=function(){var e=this;if(this.options.is_mobile)window.location.href=this.getUrl(this.options);else{this.frame=document.createElement("iframe");var t=document.getElementById(this.options.id);this.frame.src=this.getUrl(this.options),this.frame.frameBorder="0",this.frame.allowTransparency="true",this.frame.scrolling="no",this.frame.width="300px",this.frame.height="400px",t.innerHTML="",t.appendChild(this.frame),this.frame.onload=function(){e.frame.contentWindow.postMessage&&window.addEventListener&&(window.addEventListener("message",e.onPostMessage),e.frame.contentWindow.postMessage("ask_usePostMessage","*"))}}},o.prototype.onPostMessage=function(t){if(e.filter((function(e){return new RegExp("".concat(e,"$")).test(t.origin)})).length){var n=t.data;n&&"string"==typeof n&&/^http/.test(n)&&(window.location.href=n)}},o}()}));
diff --git a/templates/we_index.v1.html b/templates/we_index.v1.html
index 196ba62..1ec7293 100644
--- a/templates/we_index.v1.html
+++ b/templates/we_index.v1.html
@@ -8,7 +8,7 @@
-
+
@@ -25,7 +25,8 @@
let app_id = "{{ app_id }}";
let agent_id = "{{ agent_id }}"
let redirect_url = encodeURIComponent(home_url + '/callbackCheck');
- window.WwLogin({
+
+ var wwLogin = new WwLogin({
id: "we_code",
appid: app_id,
agentid: agent_id,
diff --git a/utils/dingding_ops.py b/utils/dingding_ops.py
index 06373da..b5a3415 100644
--- a/utils/dingding_ops.py
+++ b/utils/dingding_ops.py
@@ -84,3 +84,25 @@ class DingDingOps(AppKeyClient):
except (KeyError, IndexError) as k_error:
return False, 'get_user_detail_by_user_id: %s' % str(k_error)
+ def get_user_detail(self, code, home_url):
+ """
+ 临时授权码换取userinfo
+ """
+ _status, user_id = self.get_user_id_by_code(code)
+ # 判断 user_id 在本企业钉钉/微信中是否存在
+ if not _status:
+ context = {
+ 'msg': '获取userid失败,错误信息:{}'.format(user_id),
+ 'button_click': "window.location.href='%s'" % home_url,
+ 'button_display': "返回主页"
+ }
+ return False, context, user_id
+ detail_status, user_info = self.get_user_detail_by_user_id(user_id)
+ if not detail_status:
+ context = {
+ 'msg': '获取用户信息失败,错误信息:{}'.format(user_info),
+ 'button_click': "window.location.href='%s'" % home_url,
+ 'button_display': "返回主页"
+ }
+ return False, context, user_info
+ return True, user_id, user_info
diff --git a/utils/format_username.py b/utils/format_username.py
index b76631e..7d68051 100644
--- a/utils/format_username.py
+++ b/utils/format_username.py
@@ -15,7 +15,11 @@ def format2username(account):
:param account 用户账号可以是邮箱、DOMAIN\\username、username格式。
:return: username
"""
- if account:
+
+ if account is None:
+ return False, NameError(
+ "传入的用户账号为空!".format(account))
+ try:
mail_compile = re.compile(r'(.*)@(.*)')
domain_compile = re.compile(r'(.*)\\(.*)')
@@ -25,8 +29,8 @@ def format2username(account):
return True, re.fullmatch(domain_compile, account).group(2)
else:
return True, account.lower()
- else:
- return False, NameError("{}格式化失败,注意:account用户账号是邮箱或DOMAIN\\username或username格式!".format(account))
+ except Exception as e:
+ return False, NameError("格式化失败,注意:account用户账号是邮箱或DOMAIN\\username或username格式,错误信息[{}]".format(account, e))
def get_user_is_active(user_info):
diff --git a/utils/wework_ops.py b/utils/wework_ops.py
index 047c93e..73b0658 100644
--- a/utils/wework_ops.py
+++ b/utils/wework_ops.py
@@ -20,6 +20,10 @@ else:
from conf.local_settings import *
CORP_API_TYPE = {
+ 'GET_USER_TICKET_OAUTH2': ['/cgi-bin/auth/getuserinfo?access_token=ACCESS_TOKEN', 'GET'],
+ 'GET_USER_INFO_OAUTH2': ['/cgi-bin/auth/getuserdetail?access_token=ACCESS_TOKEN', 'POST'],
+
+
'GET_ACCESS_TOKEN': ['/cgi-bin/gettoken', 'GET'],
'USER_CREATE': ['/cgi-bin/user/create?access_token=ACCESS_TOKEN', 'POST'],
'USER_GET': ['/cgi-bin/user/get?access_token=ACCESS_TOKEN', 'GET'],
@@ -139,6 +143,66 @@ class WeWorkOps(AbstractApi):
except Exception as e:
return False, "get_user_detail_by_user_id: {}".format(e)
+ def get_user_ticket_by_code_with_oauth2(self, code):
+ try:
+ return True, self.http_call(
+ CORP_API_TYPE['GET_USER_TICKET_OAUTH2'],
+ {
+ 'code': code,
+ })
+ except ApiException as e:
+ return False, "get_user_ticket_by_code_with_oauth2: {}-{}".format(e.errCode, e.errMsg)
+ except Exception as e:
+ return False, "get_user_ticket_by_code_with_oauth2: {}".format(e)
+
+ def get_user_info_by_ticket_with_oauth2(self, user_ticket):
+ try:
+ return True, self.http_call(
+ CORP_API_TYPE['GET_USER_TICKET_OAUTH2'],
+ {
+ 'user_ticket': user_ticket
+ })
+ except ApiException as e:
+ return False, "get_user_info_by_ticket_with_oauth2: {}-{}".format(e.errCode, e.errMsg)
+ except Exception as e:
+ return False, "get_user_info_by_ticket_with_oauth2: {}".format(e)
+
+ def get_user_detail(self, code, home_url):
+ """
+ 临时授权码换取userinfo
+ """
+ _status, ticket_data = self.get_user_ticket_by_code_with_oauth2(code)
+ print('ticket_data ----------- ', ticket_data)
+ # 判断 user_ticket 是否存在
+ if not _status:
+ context = {
+ 'msg': '获取userid失败,错误信息:{}'.format(ticket_data),
+ 'button_click': "window.location.href='%s'" % home_url,
+ 'button_display': "返回主页"
+ }
+ return False, context, ticket_data
+
+ user_id = ticket_data.get('userid')
+ if ticket_data.get('user_ticket') is None:
+ context = {
+ 'msg': '获取用户Ticket失败,当前扫码用户[{}]可能未加入企业!'.format(user_id),
+ 'button_click': "window.location.href='%s'" % home_url,
+ 'button_display': "返回主页"
+ }
+ return False, context, user_id
+
+ # 通过user_ticket获取企业微信用户详情信息
+ detail_status, user_info = self.get_user_info_by_ticket_with_oauth2(ticket_data.get('user_ticket'))
+ print(user_info)
+ if not detail_status:
+ context = {
+ 'msg': '获取用户信息失败,错误信息:{}'.format(user_id),
+ 'button_click': "window.location.href='%s'" % home_url,
+ 'button_display': "返回主页"
+ }
+ return False, context
+ return True, user_id, user_info
+
if __name__ == '__main__':
wx = WeWorkOps()