//通过res_name查询资源记录
func (resource *Resource) QueryResByResName(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
queryUrl := common.GetUrlParam(r)
res := GetResByResName(queryUrl["res_name"][0])
ret := make(map[string]interface{})
ret["resource"] = res
common.Write(w, ret)
}
//检查申请资源是否被授权,如有有未授权的资源,则返回授权页
func checkAuthorize(oauth *OAuth, w http.ResponseWriter, r *http.Request, acname string) bool {
sliceRes := []Res{}
strRes := ""
queryForm := common.GetUrlParam(r)
arrScope := strings.Split(queryForm["scope"][0], ",")
clientId := queryForm["client_id"][0]
if acname == "" {
acname = GetCookieName(r)
}
openId := GetOpenIdByacName(acname, clientId)
for i := 0; i < len(arrScope); i++ {
resId := GetResId(arrScope[i])
if resId > 0 {
if !IsPersonConfered(clientId, openId, resId) {
resCname := GetResCname(arrScope[i])
res := Res{Resname: arrScope[i], Rescname: resCname}
sliceRes = append(sliceRes, res)
} else {
if strRes == "" {
strRes += arrScope[i]
} else {
strRes += "," + arrScope[i]
}
}
}
}
if len(sliceRes) > 0 {
requestURI := "/oauth2/authorize?response_type=" + queryForm["response_type"][0] + "&client_id=" + queryForm["client_id"][0] + "&redirect_uri=" + queryForm["redirect_uri"][0] + "&state=" + queryForm["state"][0]
common.ForwardPage(w, "./static/public/oauth2/oauth.html", map[string]interface{}{"RequestURI": requestURI, "sliceRes": sliceRes, "strRes": strRes})
return false
}
return true
}
//通过openId获取用户资源权限列表
func (oauth *OAuth) QueryPersonResList(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
queryUrl := common.GetUrlParam(r)
openId := queryUrl["open_id"][0]
personRes := GetPersonResList(openId)
ret := make(map[string]interface{})
ret["personRes"] = personRes
common.Write(w, ret)
}
//修改资源状态
func (resource *Resource) ModifyResourceStatus(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
queryUrl := common.GetUrlParam(r)
status, err := strconv.Atoi(queryUrl["status"][0])
if err != nil {
fmt.Println("status convert int failure")
}
resId, err2 := strconv.Atoi(queryUrl["res_id"][0])
if err2 != nil {
fmt.Println("res_id convert int failure")
}
result := UpdateResStatus(status, resId)
ret := make(map[string]interface{})
ret["result"] = result
common.Write(w, ret)
}
//检查token拥有的资源
func (oauth *OAuth) CheckPrivilige(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
resp := oauth.Server.NewResponse()
flag := true
queryUrl := common.GetUrlParam(r)
clientId := queryUrl["client_id"][0]
token := queryUrl["token"][0]
storage, err := oauth.Server.Storage.LoadAccess(token)
if err != nil {
fmt.Println("get token storage failure")
flag = false
} else {
if storage.CreatedAt.Add(time.Duration(3600) * time.Second).Before(oauth.Server.Now()) {
flag = false
resp.SetError("invalid_grant test", "")
} else {
if clientId != storage.Client.GetId() {
flag = false
} else {
openId := ""
if queryUrl["open_id"] != nil {
openId = queryUrl["open_id"][0]
}
if openId != "" {
userData := storage.UserData.(map[string]interface{})
acId := int(userData["Ac_id"].(float64))
storageOpenId := GetOpenId(acId, clientId)
if openId != storageOpenId {
flag = false
}
}
}
}
}
if flag {
resp.Output["code"] = 0
resp.Output["data"] = storage.Scope
} else {
resp.Output["code"] = 1
}
// common.Write(w, ret)
osin.OutputJSON(resp, w, r)
}
//增加资源记录
func (resource *Resource) AddResource(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
queryUrl := common.GetUrlParam(r)
var res Resource
res.App_id = queryUrl["app_id"][0]
res.Res_name = queryUrl["res_name"][0]
res.Res_cname = queryUrl["res_cname"][0]
resType, err := strconv.Atoi(queryUrl["res_type"][0])
if err != nil {
fmt.Println("resType convert int failure")
}
res.Res_type = resType
res.Res_target = queryUrl["res_target"][0]
res.Res_desc = queryUrl["res_desc"][0]
status, err := strconv.Atoi(queryUrl["status"][0])
if err != nil {
fmt.Println("status convert int failure")
}
res.Status = status
result := InsertResource(res)
ret := make(map[string]interface{})
ret["result"] = result
common.Write(w, ret)
}