From 390a00a43f9364bdd416561ea72b34f3d5e2e817 Mon Sep 17 00:00:00 2001 From: black Date: Mon, 23 Dec 2024 09:47:07 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=B1=E5=B1=82=E6=AC=A1=E8=8E=B7=E5=8F=96us?= =?UTF-8?q?ername?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Controller/ExtLoginController.class.php | 67 +++++++++++-------- 1 file changed, 39 insertions(+), 28 deletions(-) diff --git a/server/Application/Api/Controller/ExtLoginController.class.php b/server/Application/Api/Controller/ExtLoginController.class.php index 5ddf1bf74..731649cc8 100644 --- a/server/Application/Api/Controller/ExtLoginController.class.php +++ b/server/Application/Api/Controller/ExtLoginController.class.php @@ -16,7 +16,7 @@ public function bySecretKey() $time = I("time"); $token = I("token"); $redirect = I("redirect"); - $name = I("name"); + $name = I("name"); if ($time < (time() - 60)) { $this->sendError(10101, "已过期"); @@ -25,7 +25,7 @@ public function bySecretKey() $login_secret_key = D("Options")->get("login_secret_key"); if (!$login_secret_key) return false; $new_token = md5($username . $login_secret_key . $time); - if (!($token === $new_token)) { + if (!($token === $new_token)) { $this->sendError(10101, "token不正确"); return; } @@ -34,10 +34,10 @@ public function bySecretKey() if (!$res) { $new_uid = D("User")->register($username, md5("savsnyjh" . time() . rand())); $res = D("User")->where("( username='%s' ) ", array($username))->find(); - if($name){ + if ($name) { D("User")->where(" uid = '$new_uid' ")->save(array("name" => $name)); } - + } if ($res) { // var_dump($res); return ; @@ -45,8 +45,8 @@ public function bySecretKey() $this->sendError(10101, "为了安全,禁止管理员通过这种方式登录"); return; } - $uid = $res['uid'] ; - if($name){ + $uid = $res['uid']; + if ($name) { D("User")->where(" uid = '$uid' ")->save(array("name" => $name)); } @@ -65,6 +65,29 @@ public function bySecretKey() } } + private function getUserNameFromOAuth2($array) + { + $keysToCheck = ["preferred_username", "name", "username", "login"]; + + foreach ($array as $key => $value) { + if (!is_array($value) && in_array($key, $keysToCheck, true)) { + return $value; // 找到匹配的键,直接返回值 + } + } + + foreach ($array as $value) { + if (is_array($value)) { + $username = $this->getUserNameFromOAuth2($value); // 递归检查子数组 + if ($username) { + return $username; // 如果找到,返回结果 + } + } + } + + return false; // 如果没有找到,返回 false + } + + public function oauth2() { $this->checkComposerPHPVersion(); @@ -95,11 +118,11 @@ public function oauth2() $provider = new \League\OAuth2\Client\Provider\GenericProvider([ - 'clientId' => $clientId, // The client ID assigned to you by the provider - 'clientSecret' => $clientSecret, // The client password assigned to you by the provider - 'redirectUri' => $redirectUri, - 'urlAuthorize' => $urlAuthorize, - 'urlAccessToken' => $urlAccessToken, + 'clientId' => $clientId, // The client ID assigned to you by the provider + 'clientSecret' => $clientSecret, // The client password assigned to you by the provider + 'redirectUri' => $redirectUri, + 'urlAuthorize' => $urlAuthorize, + 'urlAccessToken' => $urlAccessToken, 'urlResourceOwnerDetails' => $urlResourceOwnerDetails, ], [ 'httpClient' => new \GuzzleHttp\Client(['verify' => false]), @@ -152,24 +175,12 @@ public function oauth2() curl_setopt($oCurl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($oCurl, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($oCurl, CURLOPT_HEADER, 0); //是否输出返回头信息 - curl_setopt($oCurl, CURLOPT_HTTPHEADER, array("Authorization: bearer {$access_token_string}", "user-agent: showdoc","accept:application/json")); + curl_setopt($oCurl, CURLOPT_HTTPHEADER, array("Authorization: bearer {$access_token_string}", "user-agent: showdoc", "accept:application/json")); $res = curl_exec($oCurl); //执行 curl_close($oCurl); //关闭会话 $res_array = json_decode($res, true); if ($res_array) { - $username = ''; - if ($res_array['preferred_username']) { - $username = $res_array['preferred_username']; - } - if ($res_array['name']) { - $username = $res_array['name']; - } - if ($res_array['username']) { - $username = $res_array['username']; - } - if ($res_array['login']) { - $username = $res_array['login']; - } + $username = $this->getUserNameFromOAuth2($res_array); if (!$username) { echo "返回信息中无法获取用户名。返回的内容如下:" . $res; return; @@ -178,10 +189,10 @@ public function oauth2() if (!$info) { D("User")->register($username, md5($username . time() . rand())); $info = D("User")->where("username='%s'", array($username))->find(); - if($res_array['name']){ - D("User")->where("username='%s'", array($username))->save(array("name" =>$res_array['name'])); + if ($res_array['name']) { + D("User")->where("username='%s'", array($username))->save(array("name" => $res_array['name'])); } - + } D("User")->setLastTime($info['uid']);