釘釘掃碼二維碼登錄OA系統
1.創建企業內部微應用
2.二維碼前端實現及code獲取
1).在頁面中先引入如下js
<script src="https://g.alicdn.com/dingding/dinglogin/0.0.5/ddLogin.js"></script>
2).在需要使用釘釘登錄的地方實例以下JS對象
/* * 解釋一下goto參數,參考以下例子:
* var url = encodeURIComponent('http://localhost.me/index.php?test=1&aa=2');
* var goto = encodeURIComponent('https://oapi.dingtalk.com/connect/oauth2/sns_authorize?
*appid=appid&response_type=code&scope=snsapi_login&state=STATE&redirect_uri='+url)
*/
var obj = DDLogin({
id:"login_container",//這里需要你在自己的頁面定義一個HTML標簽並設置id,例如<div id="login_container"></div>或<span id="login_container"></span>
goto: "", //請參考注釋里的方式
style: "border:none;",
width : "365",
height: "400" }); //width和height不代表二維碼的大小,二維碼的大小是固定的
3).判斷是否來自釘釘掃碼事件,獲取loginTmoCode跳轉到2)中goto的redirect_uri,並且會向redirect_uri后最近code和state兩個參數
var handleMessage = function (event) {
var origin = event.origin; console.log("origin", event.origin);
if( origin == "https://login.dingtalk.com" ) {//判斷是否來自ddLogin掃碼事件。
var loginTmpCode = event.data; //拿到loginTmpCode后就可以在這里構造跳轉鏈接進行跳轉了
console.log("loginTmpCode", loginTmpCode);
}
};
if (typeof window.addEventListener != 'undefined') {
window.addEventListener('message', handleMessage, false);
} else if (typeof window.attachEvent != 'undefined') {
window.attachEvent('onmessage', handleMessage);
}
3.通過臨時授權碼(code)獲取授權的個人信息
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.setTmpAuthCode("4a2c5695b78738d495f47b5fee9160cd");
OapiSnsGetuserinfoBycodeResponse response = client.execute(req,"yourAppId","yourAppSecret"); //yourAppId和yourAppSecret是創建掃碼授權的appid和appsecret
返回結果{
"errcode": 0,
"errmsg": "ok",
"user_info": {
"nick": "張三",
"openid": "liSii8KCxxxxx",
"unionid": "7Huu46kk"
}
}
4.通過創建好微應用的appKey、appSecret獲取access_token
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/gettoken");
OapiGettokenRequest request = new OapiGettokenRequest();
request.setAppkey("appkey"); //appkey和appsecret是企業內部創建微應用的appkey和appsecret
request.setAppsecret("appsecret");
request.setHttpMethod("GET");
OapiGettokenResponse response = client.execute(request);
返回結果:{
"errcode": 0,
"errmsg": "ok",
"access_token":
"fw8ef8we8f76e6f7s8df8s"
}
5.通過3步獲取到的unionid和4步獲取到的access_token獲取userid
DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/user/getUseridByUnionid");
OapiUserGetUseridByUnionidRequest request = new OapiUserGetUseridByUnionidRequest();
request.setUnionid("M9Ar4MVQA4vk4iPRwIJdTXAiEiE");
request.setHttpMethod("GET");
OapiUserGetUseridByUnionidResponse response = client.execute(request, accessToken);
返回結果:{
"errcode": 0,
"errmsg": "ok",
"contactType": 0,
"userid": "userid1"
}
6.獲取用戶詳情
DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/user/get");
OapiUserGetRequest request = new OapiUserGetRequest();
request.setUserid("zhangsan"); //第五步獲取到的userid
request.setHttpMethod("GET");
OapiUserGetResponse response = client.execute(request, accessToken); //4步獲取到的access_token
返回結果:{
"errcode": 0,
"unionid": "PiiiPyQqBNBii0HnCJ3zljcuAiEiE",
"remark": "remark",
"userid": "zhangsan",
"isLeaderInDepts": "{1:false}",
"isBoss": false,
"hiredDate": 1520265600000,
"isSenior": false,
"tel": "xxx-xxxxxxxx",
"department": [1,2],
"workPlace": "place",
"email": "test@xxx.com",
"orderInDepts": "{1:71738366882504}",
"mobile": "1xxxxxxxxxx",
"errmsg": "ok",
"active": false,
"avatar": "xxx",
"isAdmin": false,
"isHide": false,
"jobnumber": "001",
"name": "張三",
"extattr": {},
"stateCode": "86",
"position": "manager",
"roles": [
{
"id": 149507744,
"name": "總監",
"groupName": "職務"
}
]
}
這邊需要對創建的應用進行授權才能獲取到用戶詳情