Exemple #1
0
//通过res_name查询资源记录
func (resource *Resource) QueryResByResName(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	queryUrl := common.GetUrlParam(r)
	res := GetResByResName(queryUrl["res_name"][0])
	ret := make(map[string]interface{})
	ret["resource"] = res
	common.Write(w, ret)
}
Exemple #2
0
//检查申请资源是否被授权,如有有未授权的资源,则返回授权页
func checkAuthorize(oauth *OAuth, w http.ResponseWriter, r *http.Request, acname string) bool {
	sliceRes := []Res{}
	strRes := ""
	queryForm := common.GetUrlParam(r)
	arrScope := strings.Split(queryForm["scope"][0], ",")
	clientId := queryForm["client_id"][0]
	if acname == "" {
		acname = GetCookieName(r)
	}
	openId := GetOpenIdByacName(acname, clientId)

	for i := 0; i < len(arrScope); i++ {
		resId := GetResId(arrScope[i])
		if resId > 0 {
			if !IsPersonConfered(clientId, openId, resId) {
				resCname := GetResCname(arrScope[i])
				res := Res{Resname: arrScope[i], Rescname: resCname}
				sliceRes = append(sliceRes, res)
			} else {
				if strRes == "" {
					strRes += arrScope[i]
				} else {
					strRes += "," + arrScope[i]
				}
			}
		}
	}

	if len(sliceRes) > 0 {
		requestURI := "/oauth2/authorize?response_type=" + queryForm["response_type"][0] + "&client_id=" + queryForm["client_id"][0] + "&redirect_uri=" + queryForm["redirect_uri"][0] + "&state=" + queryForm["state"][0]
		common.ForwardPage(w, "./static/public/oauth2/oauth.html", map[string]interface{}{"RequestURI": requestURI, "sliceRes": sliceRes, "strRes": strRes})
		return false
	}
	return true
}
Exemple #3
0
//通过openId获取用户资源权限列表
func (oauth *OAuth) QueryPersonResList(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	queryUrl := common.GetUrlParam(r)
	openId := queryUrl["open_id"][0]
	personRes := GetPersonResList(openId)
	ret := make(map[string]interface{})
	ret["personRes"] = personRes
	common.Write(w, ret)
}
Exemple #4
0
//修改资源状态
func (resource *Resource) ModifyResourceStatus(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	queryUrl := common.GetUrlParam(r)
	status, err := strconv.Atoi(queryUrl["status"][0])
	if err != nil {
		fmt.Println("status convert int failure")
	}
	resId, err2 := strconv.Atoi(queryUrl["res_id"][0])
	if err2 != nil {
		fmt.Println("res_id convert int failure")
	}
	result := UpdateResStatus(status, resId)
	ret := make(map[string]interface{})
	ret["result"] = result
	common.Write(w, ret)
}
Exemple #5
0
//检查token拥有的资源
func (oauth *OAuth) CheckPrivilige(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	resp := oauth.Server.NewResponse()

	flag := true
	queryUrl := common.GetUrlParam(r)
	clientId := queryUrl["client_id"][0]

	token := queryUrl["token"][0]
	storage, err := oauth.Server.Storage.LoadAccess(token)

	if err != nil {
		fmt.Println("get token storage failure")
		flag = false
	} else {
		if storage.CreatedAt.Add(time.Duration(3600) * time.Second).Before(oauth.Server.Now()) {
			flag = false
			resp.SetError("invalid_grant test", "")
		} else {
			if clientId != storage.Client.GetId() {
				flag = false
			} else {
				openId := ""
				if queryUrl["open_id"] != nil {
					openId = queryUrl["open_id"][0]
				}

				if openId != "" {
					userData := storage.UserData.(map[string]interface{})
					acId := int(userData["Ac_id"].(float64))
					storageOpenId := GetOpenId(acId, clientId)
					if openId != storageOpenId {
						flag = false
					}
				}
			}
		}
	}

	if flag {
		resp.Output["code"] = 0
		resp.Output["data"] = storage.Scope
	} else {
		resp.Output["code"] = 1
	}
	//	common.Write(w, ret)
	osin.OutputJSON(resp, w, r)

}
Exemple #6
0
//增加资源记录
func (resource *Resource) AddResource(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	queryUrl := common.GetUrlParam(r)
	var res Resource
	res.App_id = queryUrl["app_id"][0]
	res.Res_name = queryUrl["res_name"][0]
	res.Res_cname = queryUrl["res_cname"][0]
	resType, err := strconv.Atoi(queryUrl["res_type"][0])
	if err != nil {
		fmt.Println("resType convert int failure")
	}
	res.Res_type = resType
	res.Res_target = queryUrl["res_target"][0]
	res.Res_desc = queryUrl["res_desc"][0]
	status, err := strconv.Atoi(queryUrl["status"][0])
	if err != nil {
		fmt.Println("status convert int failure")
	}
	res.Status = status
	result := InsertResource(res)
	ret := make(map[string]interface{})
	ret["result"] = result
	common.Write(w, ret)
}